Lucene search
K

4461 matches found

CVE
CVE
added 2026/01/20 8:41 p.m.31 views

CVE-2025-55131

CVE-2025-55131 relates to Node.js buffer allocation in the vm module with timeout, which can expose uninitialized memory in buffers (Buffer.alloc and Uint8Array) under specific timing. Connected advisories confirm the issue affects multiple Node.js packages across distributions (examples: nodejs1...

7.1CVSS5.8AI score0.03493EPSS
Exploits0References20
AlpineLinux
AlpineLinux
added 2026/01/20 8:41 p.m.6 views

CVE-2025-55131

A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...

7.1CVSS7.3AI score0.03493EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/01/20 2:46 p.m.3 views

open-vm-tools: Insecure file handling

A vulnerability was found in open-vm-tools. A malicious actor with non-administrative privileges on a guest virtual machine VM may tamper with the local files to trigger insecure file operations within that VM...

6.1CVSS5.7AI score0.00249EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.9 views

PT-2026-3722

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.29 and 21.3-21.20. Easily exploitable vulnerability allows high privileged attacker having Authenticated User privilege with network access via Oracle Net to compromise Java VM...

4.5CVSS5.3AI score0.00215EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.5 views

Oracle Virtualization security vulnerabilities

Oracle Virtualization is a virtualization solution developed by Oracle, a company in the United States. This product is used for the unified management of the entire hardware and software system, from applications to disks, enabling virtualization from desktops to data centers. VM VirtualBox is o...

7.5CVSS7.1AI score0.00212EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.9 views

MiracleLinux 9 : kernel-5.14.0-427.40.1.el9_4 (AXSA:2024-8938:33)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8938:33 advisory. kernel: Local information disclosure on IntelR AtomR processors CVE-2023-28746 kernel: netfilter: nftflowoffload: reset dst in route object after...

7.8CVSS7.1AI score0.00546EPSS
Exploits0References15
Packet Storm News
Packet Storm News
added 2026/01/19 12:0 a.m.4 views

Static Detection of Core Structures in Tigress Virtualization-Based Obfuscation Using an LLVM Pass

Malware often uses obfuscation to hinder security analysis. Among these techniques, virtualization-based obfuscation is particularly strong because it protects programs by translating original instructions into attacker-defined virtual machine VM bytecode, producing long and complex code that is...

5.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.4 views

MiracleLinux 4 : virt-v2v-0.8.3-5.0.1.AXS4 (AXSA:2012-50:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-50:01 advisory. virt-v2v is a tool for converting virtual machines to use the KVM hypervisor. It modifies both the virtual machine image and its associated libvirt metadata...

4.4CVSS5.7AI score0.00467EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001335)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001335 advisory. A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by t...

8.8CVSS6.5AI score0.00413EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001588)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001588 advisory. KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a stac...

6.5CVSS6.2AI score0.00344EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004444)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004444 advisory. An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service soft lockup by triggering destruction of...

5.5CVSS6.4AI score0.00335EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001646)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001646 advisory. The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a writemmio stack-base...

6.5CVSS7AI score0.00451EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.491.AXS4.3 (AXSA:2016-614:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-614:03 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...

5.5CVSS6.5AI score0.0052EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.479.AXS4.2 (AXSA:2015-518:06)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-518:06 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...

7.2CVSS7.1AI score0.01046EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004242)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004242 advisory. An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the...

6.1CVSS7AI score0.00679EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001598)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001598 advisory. The handleinvept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service NULL pointer...

5.5CVSS6.5AI score0.00326EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004477)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004477 advisory. KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a stac...

6.5CVSS6.2AI score0.00344EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001443)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001443 advisory. An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service soft lockup by triggering destruction of...

5.5CVSS6.4AI score0.00335EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.1 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002647)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002647 advisory. The preparevmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the CR8-load exiting and CR8-store exiting L0 vmcs02 control...

7.1CVSS6.8AI score0.00512EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002880)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002880 advisory. A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel- memory from within a vm guest. A race condition between...

7CVSS6.6AI score0.0033EPSS
Exploits0References16
Rows per page
Query Builder