Lucene search
K

4461 matches found

Microsoft CVE
Microsoft CVE
added 2025/11/05 9:2 a.m.6 views

Qemu-kvm: stack buffer overflow in e1000 device via short frames in loopback mode

...

6.2CVSS7AI score0.00165EPSS
Exploits0
GithubExploit
GithubExploit
added 2025/11/05 3:41 a.m.220 views

Exploit for CVE-2021-4773

CVE-2021-4773 this...

6.9AI score
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989116)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989116 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix stack-out-of-bounds memory access from ioapicwriteindirect KASAN reports the...

7.1CVSS6.1AI score0.00259EPSS
Exploits0References4
OSV
OSV
added 2025/11/04 11:34 a.m.5 views

SUSE-SU-2025:3935-1 Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002330 fixes several issues. The following security issues were fixed: - CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. - CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier bsc1249208. -...

7.8CVSS6.7AI score0.00288EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2025/11/03 4:0 p.m.0 views

kernel: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, since it's trivial for userspace to force the situation via KVMSETVCPUEVENTS even if having at least...

5.5CVSS6.8AI score0.00219EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/31 12:30 p.m.4 views

EUVD-2025-37346

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

7.5CVSS6.2AI score0.004EPSS
Exploits0References2
NVD
NVD
added 2025/10/31 12:15 p.m.8 views

CVE-2025-58149

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

7.5CVSS0.004EPSS
Exploits0References3
OSV
OSV
added 2025/10/31 12:15 p.m.4 views

ALPINE-CVE-2025-58149

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

7.5CVSS6.8AI score0.004EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/10/31 11:50 a.m.4 views

CVE-2025-58149

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

7.5CVSS5.3AI score0.004EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/10/31 1:9 a.m.7 views

KVM: arm64: Prevent access to vCPU events before init

...

7AI score0.00183EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/10/30 2:21 p.m.6 views

USN-7850-1: Linux kernel vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.1CVSS7.4AI score0.01325EPSS
Exploits0
NVD
NVD
added 2025/10/30 10:15 a.m.5 views

CVE-2025-40086

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds An array of VM binds can potentially evict other buffer objects BOs within the same VM under certain conditions, which may lead to NULL pointer dereferences late...

0.0017EPSS
Exploits0References2
CVE
CVE
added 2025/10/30 9:48 a.m.27 views

CVE-2025-40102

CVE-2025-40102 affects the Linux kernel KVM/ARM64: an attacker could access vCPU events before a vCPU is initialized, leading to misinterpretation of uninitialized data and potential exception handling issues. The description and connected advisories (EulerOS kernel advisories) confirm this as a ...

6.6AI score0.00183EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/30 9:47 a.m.7 views

CVE-2025-40086 drm/xe: Don't allow evicting of BOs in same VM in array of VM binds

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds An array of VM binds can potentially evict other buffer objects BOs within the same VM under certain conditions, which may lead to NULL pointer dereferences late...

0.0017EPSS
Exploits0References2
CVE
CVE
added 2025/10/30 9:47 a.m.16 views

CVE-2025-40086

CVE-2025-40086 affects the Linux kernel DRM XE path. An array of VM binds could evict other buffer objects (BOs) within the same VM, potentially causing NULL pointer dereferences in the bind pipeline. The fix clears the allow_res_evict flag in xe_bo_validate (and there was a follow‑up commit that...

6.5AI score0.0017EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/10/30 9:47 a.m.5 views

CVE-2025-40086

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds An array of VM binds can potentially evict other buffer objects BOs within the same VM under certain conditions, which may lead to NULL pointer dereferences late...

5.4AI score0.0017EPSS
Exploits0
OSV
OSV
added 2025/10/30 9:47 a.m.3 views

CVE-2025-40086 drm/xe: Don't allow evicting of BOs in same VM in array of VM binds

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds An array of VM binds can potentially evict other buffer objects BOs within the same VM under certain conditions, which may lead to NULL pointer dereferences late...

6.9AI score0.0017EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/10/30 12:25 a.m.5 views

SUSE CVE-2025-40038

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid Skip the WRMSR and HLT fastpaths in SVM's VM-Exit handler if the next RIP isn't valid, e.g. because KVM is running with nrips=false. SVM must decode and emulate...

5.5CVSS6.4AI score0.00197EPSS
Exploits0References20
CISA KEV Catalog
CISA KEV Catalog
added 2025/10/30 12:0 a.m.14 views

Broadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsafe Actions Vulnerability

Broadcom VMware Aria Operations and VMware Tools contain a privilege defined with unsafe actions vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this...

7.8CVSS6.9AI score0.0788EPSS
In wildExploits3
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from allowing BOs to be evicted in the same VM, potentially leading to null pointer dereferencing...

6.2AI score0.0017EPSS
Exploits0References3
Rows per page
Query Builder