12987 matches found
CVE-2026-20938
CVE-2026-20938 is a local elevation-of-privilege in Windows VBS Enclave caused by an untrusted pointer dereference. Affected: Windows 11 VBS Enclave implementations. Impact per sources: local privilege escalation with high confidentiality/integrity/availability impact (CVSS 7.8). Remediation: Mic...
CVE-2026-20938
Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...
CVE-2026-20938 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
...
CVE-2026-20876
Heap-based buffer overflow in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...
CVE-2026-20876 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
...
CVE-2026-20876 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
...
CVE-2026-20876
CVE-2026-20876 is a heap-based buffer overflow in Windows Virtualization-Based Security (VBS) Enclave that enables a locally authorized attacker to elevate privileges. The vulnerability targets the VBS Enclave component and can lead to total compromise of the host if exploited. Microsoft has publ...
CVE-2026-20819
Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to disclose information locally...
CVE-2026-20819 Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
...
CVE-2026-20819 Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
...
CVE-2026-20819
CVE-2026-20819 is a local-information-disclosure vulnerability in Windows Virtualization-Based Security (VBS) Enclave. The root cause is an untrusted pointer dereference in the VBS Enclave, enabling an authorized attacker to disclose information locally. Public details identify affected Windows b...
CVE-2025-68810
In the Linux kernel, the following vulnerability has been resolved: KVM: Disallow toggling KVMMEMGUESTMEMFD on an existing memslot Reject attempts to disable KVMMEMGUESTMEMFD on a memslot that was initially created with a guestmemfd binding, as KVM doesn't support toggling KVMMEMGUESTMEMFD on...
Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to disclose information locally...
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...
Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an unauthorized attacker to disclose information locally...
CVE-2025-68810 KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot
In the Linux kernel, the following vulnerability has been resolved: KVM: Disallow toggling KVMMEMGUESTMEMFD on an existing memslot Reject attempts to disable KVMMEMGUESTMEMFD on a memslot that was initially created with a guestmemfd binding, as KVM doesn't support toggling KVMMEMGUESTMEMFD on...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Forces the legacy PCI hole to be mapped as UC when overriding MTRRs for TDX/SNP. When running as an SNP or TDX guest under KVM, the legacy PCI hole—that is, the memory between Top of Lower Usable DRAM and 4 GiB—is forced...
Astra Linux – Vulnerability in Qemu
A flaw was discovered in the virtio-net device in QEMU. When the RSS feature is enabled on the virtio-net network card, the indirectionstable data within RSS becomes controllable. Setting values that are excessively large may lead to an index out-of-bounds issue, potentially resulting in a heap...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Do not recheck L1 intercepts when completing userspace I/O When completing emulation of instructions that generate a userspace exit for I/O, do not recheck L1 intercepts since KVM has already completed that phase of...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn’t valid Skip the WRMSR and HLT fastpaths in SVM’s VM-Exit handler if the next RIP isn’t valid, for example, because KVM is running with nrips=false. SVM must decode and...