CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/11/11 6:30 p.m.•2 views

EUVD-2025-93529

Uncontrolled search path for some Display Virtualization for Windows OS software before version 1797 within Ring 2: Device Drivers may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of...

6.7CVSS6AI score0.00101EPSS

Exploits0References2

NVD•added 2025/11/11 5:15 p.m.•1 views

CVE-2025-20065

6.7CVSS0.00101EPSS

CVE•added 2025/11/11 4:49 p.m.•6 views

CVE-2025-20065

CVE-2025-20065 affects Intel Display Virtualization for Windows OS driver prior to version 1797. The Red Hat and NVD entries describe an uncontrolled search path in Ring 2 device drivers that could enable local privilege escalation for an authenticated, low-privilege user with high attack complex...

6.7CVSS6.1AI score0.00101EPSS

Vulnrichment•added 2025/11/11 4:49 p.m.•1 views

CVE-2025-20065

6.7CVSS6.1AI score0.00101EPSS

Cvelist•added 2025/11/11 4:49 p.m.•4 views

CVE-2025-20065

6.7CVSS0.00101EPSS

RedHat Linux•added 2025/11/11 9:13 a.m.•2 views

kernel: KVM: arm64: Tear down vGIC on failed vCPU creation

A use-after-free flaw was found in KVM for arm64 in the Linux Kernel, if the kvmarchvcpucreate fails to share the vCPU page with the hypervisor. This vulnerability could even lead to a kernel information leak problem...

7.8CVSS5.8AI score0.00234EPSS

RedHat Linux•added 2025/11/11 9:13 a.m.•4 views

kernel: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu()

In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvmgetvcpu Explicitly verify the target vCPU is fully online prior to clamping the index in kvmgetvcpu. If the index is "bad", the nospec clamping will generate '0', i.e. KVM will...

7.8CVSS6.8AI score0.00195EPSS

RedHat Linux•added 2025/11/11 9:13 a.m.•4 views

kernel: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Bury Intel PT virtualization guest/host mode behind CONFIGBROKEN Hide KVM's ptmode module param behind CONFIGBROKEN, i.e. disable support for virtualizing Intel PT via guest/host mode unless BROKEN=y. There are myriad...

6.5CVSS6.8AI score0.00226EPSS

RedHat Linux•added 2025/11/11 9:13 a.m.•3 views

kernel: x86/tdx: Fix "in-kernel MMIO" check

A flaw was found in the Linux kernel. Userspace can deceive the kernel into performing MMIO Memory-Mapped IO operations in TDX Trust Domain Extensions on its behalf, allowing a VE Virtualization Exception to be incorrectly handled as a in-kernel MMIO operation...

7.8CVSS7.1AI score0.00247EPSS

RedHat Linux•added 2025/11/11 8:21 a.m.•2 views

kernel: KVM: arm64: Tear down vGIC on failed vCPU creation

7.8CVSS5.8AI score0.00234EPSS

Microsoft CVE•added 2025/11/11 8:0 a.m.•5 views

Windows Hyper-V Information Disclosure Vulnerability

Out-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally...

5.5CVSS5.1AI score0.0044EPSS

CNNVD•added 2025/11/11 12:0 a.m.•1 views

Intel Display Virtualization for Windows OS driver 代码问题漏洞

Intel Display Virtualization for Windows OS driver is a display virtualization driver from Intel Corporation USA. A code issue vulnerability exists in Intel Display Virtualization for Windows OS driver prior to version 1797, which stems from an uncontrolled search path in the device driver that...

6.7CVSS6.8AI score0.00101EPSS

Exploits0References2

Amd•added 2025/11/11 12:0 a.m.•12 views

Stale Translation Lookaside Buffer (TLB) Entry Vulnerability

Summary An internally reported microcode bug in some EPYC™ AMD CPUs could allow a local admin-privileged attacker to run SEV-SNP Secure Encrypted Virtualization - Secure Nested Paging guests using stale TLB entries. This bug could allow SNP active vCPUs to reuse TLB entries from other virtual...

5.3CVSS6.6AI score0.00094EPSS

AlmaLinux•added 2025/11/11 12:0 a.m.•7 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB CVE-2024-46689 kernel: Squashfs: sanity check...

7.8CVSS7.3AI score0.00535EPSS

Exploits1References225

Intel•added 2025/11/11 12:0 a.m.•8 views

Display Virtualization for Windows OS Advisory

Summary: A potential security vulnerability in some Display Virtualization for Windows OS software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-20065 Description: Uncontrolled search path fo...

6.7CVSS6.3AI score0.00101EPSS

Rosalinux•added 2025/11/10 12:23 p.m.•5 views

Advisory ROSA-SA-2025-3079

Software: openssh 8.0p1 OS: ROSA Virtualization 3.0 CVE-ID: CVE-2019-16905 BDU-ID: 2021-03382 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the implementation of the OpenSSH cryptographic security tool is caused by an integer overflow. Exploitation of the vulnerability could allow an attacker to...

7.8CVSS7.7AI score0.05039EPSS

Exploits3

Rosalinux•added 2025/11/10 6:27 a.m.•10 views

Advisory ROSA-SA-2025-3078

Software: openssh 8.0p1 OS: ROSA Virtualization 3.1 CVE-ID: CVE-2019-16905 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the implementation of the OpenSSH cryptographic security tool is caused by an integer overflow. Exploitation of the vulnerability could allow an attacker to execute...

7.8CVSS10AI score0.05039EPSS

Exploits3

Rosalinux•added 2025/11/10 6:21 a.m.•9 views

Advisory ROSA-SA-2025-3067

Software: bzip2 1.0.6 OS: ROSA Virtualization 3.0 unaffected versions = bzip2-1.0.6-28.rv30 affected versions bzip2-1.0.6-28.rv30 CVE-ID: CVE-2019-12900 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the BZ2decompress decompress.c function of the bzip2 data compression utility is related to...

9.8CVSS9.9AI score0.08042EPSS