Lucene search
K

13007 matches found

Rosalinux
Rosalinux
added 2024/07/09 1:0 p.m.16 views

Advisory ROSA-SA-2024-2449

Software: postgresql 12.1 OS: ROSA Virtualization 2.1 packageevrstring: postgresql-12.1 CVE-ID: CVE-2020-1720 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability has been discovered in PostgreSQL "ALTER ... DEPENDS ON EXTENSION" where subcommands did not perform authorization checks. An...

6.5CVSS7.8AI score0.01398EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2024/07/09 12:54 p.m.21 views

Moderate: Red Hat Security Advisory: libvirt security update

An update for libvirt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

6.2CVSS6.9AI score0.00486EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2024/07/09 12:46 p.m.24 views

Advisory ROSA-SA-2024-2448

Software: pcre2 10.32 OS: ROSA Virtualization 2.1 packageevrstring: pcre2-10.32 CVE-ID: CVE-2022-1587 BDU-ID: 2023-02635 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pcre2jitcompile.c function of the PCRE2 regular expression library is related to reading outside of the allowed data buffer...

9.1CVSS7.1AI score0.02413EPSS
Exploits0
AlmaLinux
AlmaLinux
added 2024/07/09 12:0 a.m.52 views

Important: virt:rhel and virt-devel:rhel security update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

7.8CVSS7.7AI score0.00333EPSS
Exploits0References4
OSV
OSV
added 2024/07/08 8:27 p.m.10 views

CLSA-2024-1720468480 kernel: Fix of 89 CVEs

kvm: initialize all of the kvmdebugregs structure before sending it to userspace CVE-2023-1513 - wifi: mac80211: fix MBSSID parsing use-after-free CVE-2022-42719 - mac80211: always allocate struct ieee80211elems CVE-2022-42719 - netfilter: nftables: initialize registers in nftdochain...

8.8CVSS7.1AI score0.16642EPSS
Exploits22References1
RedHat Linux
RedHat Linux
added 2024/07/08 2:38 p.m.19 views

Important: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security update

An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8.6 Advanced mission critical Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...

7.8CVSS7.1AI score0.00333EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/07/08 2:5 a.m.4 views

kernel: KVM: SVM: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs

A flaw was found in KVM. An improper check in svmsetx2apicmsrinterception may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition...

6CVSS6.8AI score0.00234EPSS
Exploits0References4
OSV
OSV
added 2024/07/08 12:0 a.m.19 views

ALSA-2024:4351 Low: virt:rhel and virt-devel:rhel security and bug fix update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

6.2CVSS6.4AI score0.00486EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/07/08 12:0 a.m.21 views

RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2024:4373)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4373 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packag...

7.8CVSS7.4AI score0.00333EPSS
Exploits0References4
OSV
OSV
added 2024/07/05 7:15 a.m.2 views

DEBIAN-CVE-2024-39483

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked When requesting an NMI window, WARN on vNMI support being enabled if and only if NMIs are actually masked, i.e. if the vCPU is already handling an NMI. KVM's ABI fo...

5.5CVSS5.7AI score0.00211EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/07/05 3:32 a.m.4 views

SUSE CVE-2024-6505

A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirectionstable data within RSS becomes controllable. Setting excessively large values may cause an index out-of-bounds issue, potentially resulting in heap overflow access. This...

6CVSS6.8AI score0.0065EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/07/02 7:54 p.m.18 views

Important: Red Hat Security Advisory: qemu-kvm security update

An update for qemu-kvm is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.8CVSS7.1AI score0.00333EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/07/02 3:0 p.m.21 views

Moderate: Red Hat Security Advisory: OpenShift Virtualization 4.12.12 Images security update

Red Hat OpenShift Virtualization release 4.12.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...

6.5CVSS6.8AI score0.00556EPSS
Exploits1References4
Rockylinux
Rockylinux
added 2024/07/02 2:11 p.m.11 views

qemu-kvm bug fix update

An update is available for qemu-kvm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kernel-based Virtual Machine KVM is a full virtualization solution for Linux...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2024/07/02 9:2 a.m.1 views

kernel: KVM: SVM: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs

A flaw was found in KVM. An improper check in svmsetx2apicmsrinterception may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition...

6CVSS6.8AI score0.00234EPSS
Exploits0References4
OSV
OSV
added 2024/07/02 12:0 a.m.18 views

ALSA-2024:4278 Important: qemu-kvm security update

Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fixes: qemu-kvm: QEMU: 'qemu-img info' leads to host file read/write CVE-2024-4467...

7.8CVSS7.8AI score0.00333EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2024/07/02 12:0 a.m.26 views

Important: qemu-kvm security update

Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fixes: qemu-kvm: QEMU: 'qemu-img info' leads to host file read/write CVE-2024-4467...

7.8CVSS7.2AI score0.00333EPSS
Exploits0References4
Rosalinux
Rosalinux
added 2024/07/01 2:8 p.m.47 views

Advisory ROSA-SA-2024-2440

Software: openssh 8.0p1 OS: ROSA Virtualization 2.1 packageevrstring: openssh-8.0p1 CVE-ID: CVE-2019-16905 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: OpenSSH, when compiled with an experimental key type, has an integer overflow before authentication if the client or server is configured to use a...

7.8CVSS7.6AI score0.0217EPSS
Exploits2
Rosalinux
Rosalinux
added 2024/07/01 2:4 p.m.51 views

Advisory ROSA-SA-2024-2439

Software: openldap 2.4.46 OS: ROSA Virtualization 2.1 packageevrstring: openldap-2.4.46 CVE-ID: CVE-2020-25709 BDU-ID: 2022-00231 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the slapd server implementation of the OpenLDAP LDAP protocol is related to a flaw in the use of the assert function...

9.8CVSS7.5AI score0.69899EPSS
Exploits1
Rosalinux
Rosalinux
added 2024/06/27 10:51 a.m.38 views

Advisory ROSA-SA-2024-2438

Software: opencryptoki 3.14.0 OS: ROSA Virtualization 2.1 packageevrstring: opencryptoki-3.14.0 CVE-ID: CVE-2021-3798 BDU-ID: CVE-Crit: MEDIUM. CVE-DESC.: The openCryptoki software token does not check if the EC key is valid when the EC key is created with CCreateObject and when CDeriveKey is use...

5.5CVSS6.8AI score0.00263EPSS
Exploits0
Rows per page
Query Builder