Lucene search
K

4534 matches found

Debian CVE
Debian CVE
added 2026/05/27 12:55 p.m.30 views

CVE-2026-45987

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 After VMRUN in guest mode, nestedsynccontrolfromvmcb02 syncs fields written by the CPU from vmcb02 to the cached vmcb12. This is because the cached vmcb12 is use...

5.5CVSS5.7AI score0.00123EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2026-46076

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: nSVM: Raise UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a UD for VMMCALL if L2 is active, L1 does NOT want to intercept VMMCALL,...

7.9CVSS7AI score0.00121EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.17 views

PT-2026-43899

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the KVM nSVM component, a failure to restore the host CR3 Control Register 3, which manages page tables during a nested VMEXIT can lead to the system continuing to run the L1 guest wi...

5.5CVSS5.9AI score0.00116EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.13 views

CVE-2026-46032

KVM: nSVM: Triple fault if restore host CR3 fails on nested VMEXIT...

5.8AI score0.00116EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.14 views

PT-2026-43943

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM nSVM component where a VMMCALL is not properly handled when L2 is active, L1 does not want to intercept the VMMCALL, nested svm l2 tlb flush enabled is true, a...

7.9CVSS5.8AI score0.00121EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.12 views

CVE-2026-46071

KVM: nSVM: Avoid clearing VMCBLBR in vmcb12...

5.8AI score0.00121EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the unintercepted VMMCALL in KVM nSVM. This vulnerability may lead to unauthorized supercalls at...

7.9CVSS5.8AI score0.00121EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.18 views

CVE-2026-46076

KVM: nSVM: Raise UD if unhandled VMMCALL isnt intercepted by L1...

7.9CVSS5.8AI score0.00121EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-46071

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: nSVM: Avoid clearing VMCBLBR in vmcb12 svmcopylbrs always marks VMCBLBR dirty in the destination VMCB. However, nestedsvmvmexit uses it to copy LBRs to...

5.5CVSS6.1AI score0.00121EPSS
Exploits0References4
OSV
OSV
added 2026/05/26 11:57 p.m.11 views

GHSA-RR59-XXVX-96QR Kata Containers have VM Escape via virtiofsd Argument Injection through Default-Enabled Pod Annotations

Summary Kata Containers ships with a default configuration that allows pod creators to inject arbitrary command-line arguments into the virtiofsd process through the io.katacontainers.config.hypervisor.virtiofsextraargs pod annotation. By injecting -o source=/ along with --no-announce-submounts a...

6.5CVSS6AI score0.00057EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.11 views

CVE-2026-47067

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The URL parser in src/hackneyurl.erl converts every unrecognized URL scheme to a permanent BEAM atom via binarytoatom/2. BEAM atoms are never garbage-collected and the atom table defaults to a...

8.7CVSS5.8AI score0.00703EPSS
Exploits1References1
Snyk
Snyk
added 2026/05/26 6:40 p.m.9 views

Race Condition

Overview github.com/xyproto/algernon/engine is a Affected versions of this package are vulnerable to Race Condition. in the handle process due to the sync.RWMutex being released before L.Push and L.PCall execute. An attacker can cause Lua VM corruption or unpredictable server behavior by making...

8.2CVSS5.8AI score0.00182EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/26 6:40 p.m.8 views

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition in the handle process due to the sync.RWMutex being released before L.Push and L.PCall execute. An attacker can cause Lua VM corruption or unpredictable server behavior by making concurrent requests that race on the share...

8.2CVSS5.8AI score0.00182EPSS
Exploits0References2
CVE
CVE
added 2026/05/26 4:31 p.m.23 views

CVE-2026-43981

CVE-2026-43981 affects Algernon, a small self-contained Go web server. In versions prior to 1.17.6, a race condition exists in engine/luahandler.go: the sync.RWMutex protecting LoadCommonFunctions is released before L.Push() and L.PCall() execute. Since gopher-lua’s LState is not goroutine-safe, ...

8.2CVSS5.8AI score0.00182EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.14 views

PT-2026-43297

Algernon is a small self-contained pure-Go web server. Prior to 1.17.6, in engine/luahandler.go, the sync.RWMutex protecting LoadCommonFunctions is released before L.Push and L.PCall execute. Since gopher-lua's LState is explicitly not goroutine-safe, concurrent requests race on the shared state...

8.2CVSS5.8AI score0.00182EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

NVIDIA Display Driver 输入验证错误漏洞

NVIDIA Display Driver is a graphics driver developed by NVIDIA Corporation. NVIDIA Display Driver has a vulnerability related to input validation errors. This vulnerability arises from improper input validation by users within the User Virtual Machine UVM, which may lead to denial-of-service...

7.1CVSS5.8AI score0.00162EPSS
Exploits0References3
CVE
CVE
added 2026/05/25 2:0 p.m.43 views

CVE-2026-47067

Affected software: hackney (Erlang HTTP client). Vulnerability description: The URL parser in src/hackney_url.erl converts every unrecognized URL scheme to a permanent BEAM atom via binary_to_atom/2. BEAM atoms are never garbage-collected, and the atom table maxes out at 1,048,576 entries. An att...

8.7CVSS5.8AI score0.00703EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/05/22 1:45 p.m.10 views

MAL-2026-4677 Malicious code in swift-optimizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c54f35da6df5cef65715d49fb7942aff442ee9a0cb486862031e5009277db3a On npm install, [email protected] runs scripts/install-binary.js as a postinstall hook. The script is a hand-rolled JavaScript bytecode VM 123 KB...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/05/22 1:21 p.m.8 views

OESA-2026-2424 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

7.3CVSS6AI score0.00161EPSS
Exploits7References8
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.14 views

PT-2026-42732

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.4 Description Sandbox escape flaws in NodeVM allow unauthenticated remote code execution on the host server. The issue occurs because the dangerous builtin denylist in lib/builtin.js misses process and...

10CVSS6.5AI score0.00536EPSS
Exploits0References10
Rows per page
Query Builder