6.9

CVSS4.0

CVE-2025-29939 -

Improper access control in secure encrypted virtualization (SEV) could allow a privileged attacker to write to the reverse map page (RMP) during secure nested paging (SNP) initialization, potentially resulting in a loss of guest memory confidentiality and integrity.

πŸ“… Published: Feb. 10, 2026, 7:11 p.m. πŸ”„ Last Modified: Feb. 12, 2026, 11:19 a.m.

5.9

CVSS4.0

CVE-2024-21953 -

Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity.

πŸ“… Published: Feb. 10, 2026, 7:11 p.m. πŸ”„ Last Modified: Feb. 12, 2026, 11:19 a.m.

7.1

CVSS4.0

CVE-2025-29950 -

Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.

πŸ“… Published: Feb. 10, 2026, 7:10 p.m. πŸ”„ Last Modified: Feb. 12, 2026, 11:19 a.m.

5.9

CVSS4.0

CVE-2025-29952 -

Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity

πŸ“… Published: Feb. 10, 2026, 7:09 p.m. πŸ”„ Last Modified: Feb. 12, 2026, 11:19 a.m.

6.7

CVSS4.0

CVE-2025-52536 -

Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity.

πŸ“… Published: Feb. 10, 2026, 7:09 p.m. πŸ”„ Last Modified: Feb. 12, 2026, 11:19 a.m.

4.6

CVSS4.0

CVE-2025-48517 -

Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality.

πŸ“… Published: Feb. 10, 2026, 7:08 p.m. πŸ”„ Last Modified: Feb. 12, 2026, 11:19 a.m.

5.9

CVSS4.0

CVE-2025-29948 -

Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity.

πŸ“… Published: Feb. 10, 2026, 7:07 p.m. πŸ”„ Last Modified: Feb. 12, 2026, 11:19 a.m.

6.9

CVSS4.0

CVE-2026-2303 - Heap Out-of-Bounds Read in Go Driver GSSAPI C Wrappers enables application crash or information leak

The mongo-go-driver repositoryΒ contains CGo bindings for GSSAPI (Kerberos) authentication on Linux and macOS. The C wrapper implementation contains a heap out-of-bounds read vulnerability due to incorrect assumptions about string termination in the GSSAPI standard. Since GSSAPI buffers are not guar…

πŸ“… Published: Feb. 10, 2026, 7:03 p.m. πŸ”„ Last Modified: Feb. 11, 2026, 9:51 p.m.

6.9

CVSS4.0

CVE-2026-2302 - Unsafe Reflection in Mongoid::Criteria.from_hash

Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.from_hash may allow for executing arbitrary Ruby code.

πŸ“… Published: Feb. 10, 2026, 6:59 p.m. πŸ”„ Last Modified: Feb. 10, 2026, 9:33 p.m.

10

CVSS3.1

CVE-2026-26009 - Catalyst Affected by Remote Code Execution as Root via Containerized Install Script Execution

Catalyst is a platform built for enterprise game server hosts, game communities, and billing panel integrations. Install scripts defined in server templates execute directly on the host operating system as root via bash -c, with no sandboxing or containerization. Any user with template.create or te…

πŸ“… Published: Feb. 10, 2026, 6:58 p.m. πŸ”„ Last Modified: Feb. 10, 2026, 9:33 p.m.
Total resulsts: 332855
Page 73 of 33,286
Β« previous page Β» next page
Filters