DP300,RP200,RSE6500,TE30,TE40,TE50,TE60,TX50,VP9660,ViewPoint 8660,ViewPoint 9030,Viewpoint 8660, Security Vulnerabilities
Fedora 21 : xen-4.4.1-9.fc21 (2014-15951)
Excessive checking in compatibility mode hypercall argument translation, Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor, fix segfaults and failures in xl migrate --debug Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling Insufficient restrictions on...
0.3AI Score
0.006EPSS
[SECURITY] Fedora 19 Update: xen-4.2.5-6.fc19
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen...
2.1AI Score
0.006EPSS
[SECURITY] Fedora 20 Update: xen-4.3.3-6.fc20
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen...
2.1AI Score
0.006EPSS
[SECURITY] Fedora 21 Update: xen-4.4.1-9.fc21
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen...
2.1AI Score
0.006EPSS
6.7AI Score
0.006EPSS
6.7AI Score
0.006EPSS
6.7AI Score
0.006EPSS
6.7AI Score
0.006EPSS
Fedora 19 : xen-4.2.5-5.fc19 (2014-15503)
Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling Insufficient restrictions on certain MMU update hypercalls, Missing privilege level checks in x86 emulation of far branches, Add fix for CVE-2014-0150 to qemu-dm, though it probably isn't exploitable from xen Note that Tenable...
0.5AI Score
0.006EPSS
Fedora 20 : xen-4.3.3-5.fc20 (2014-15521)
Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling Insufficient restrictions on certain MMU update hypercalls, Missing privilege level checks in x86 emulation of far branches, Add fix for CVE-2014-0150 to qemu-dm, though it probably isn't exploitable from xen Note that Tenable...
0.5AI Score
0.006EPSS
[SECURITY] Fedora 20 Update: xen-4.3.3-5.fc20
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen...
2.1AI Score
0.006EPSS
[SECURITY] Fedora 19 Update: xen-4.2.5-5.fc19
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen...
2.1AI Score
0.006EPSS
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified...
7.4AI Score
0.027EPSS
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified...
7.5AI Score
0.027EPSS
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified...
7.8AI Score
0.027EPSS
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified...
7.4AI Score
0.027EPSS
The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted...
3.7AI Score
0.003EPSS
The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted...
6.2AI Score
0.003EPSS
The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted...
6.3AI Score
0.003EPSS
The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted...
6.8AI Score
0.003EPSS
The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted...
6AI Score
0.003EPSS
The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMU_MACHPHYS_UPDATE. Bugs ...
2.4AI Score
0.003EPSS
Dell Sonicwall GMS Virtual Appliance Multiple Remote Code Execution Vulnerabilities
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Dell SonicWALL Global Management System (GMS) virtual appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within the GMS ViewPoint (GMSVP) web...
7.2AI Score
0.027EPSS
Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling
ISSUE DESCRIPTION An error handling path in the processing of MMU_MACHPHYS_UPDATE failed to drop a page reference which was acquired in an earlier processing step. IMPACT Malicious or buggy stub domain kernels or tool stacks otherwise living outside of Domain0 can mount a denial of service attack.....
6.2AI Score
0.003EPSS
SAP Document Management Services allows local users to execute arbitrary commands via unspecified...
7.2AI Score
0.0004EPSS
SAP Document Management Services allows local users to execute arbitrary commands via unspecified...
7.4AI Score
0.0004EPSS
SAP Document Management Services allows local users to execute arbitrary commands via unspecified...
7.7AI Score
0.0004EPSS
SAP Document Management Services allows local users to execute arbitrary commands via unspecified...
7.2AI Score
0.0004EPSS
Security Advisory-9 OpenSSL vulnerabilities on Huawei products
This security advisory (SA) describes the impact of 9 OpenSSL vulnerabilities discovered in third-party software. (Vulnerability ID: HWPSIRT-2014-0816) These vulnerabilities are referenced in this document as follows: 1.Information leak in pretty printing functions (CVE-2014-3508). A flaw in...
1AI Score
0.928EPSS
Twitter Files Suit Over Government Restrictions on National Security Letter Data
Twitter has filed a lawsuit in federal court asking that the United States Department of Justice’s prohibitions on publishing the number and kind of government requests for data the company receives be declared unconstitutional. The suit claims that the rules infringe on Twitter’s right to free...
0.2AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x Remote Root/SYSTEM Exploit
No description provided by...
7.1AI Score
openSUSE Security Update : otrs (openSUSE-SU-2013:1338-1)
The ticket system OTRS was updated to 3.1.18 to fix various bugs and security issues. Update to 3.1.18 : OSA-2013-05, CVE-2013-4717, CVE-2013-4718 fixed. Fixed bug#9561 - ACL restriction with CustomerID for DynamicFields at new Ticket screen not working. Fixed bug#9425 - Wrong created...
8.8CVSS
-0.2AI Score
0.371EPSS
HP Printers Information Disclosure Vulnerability (Apr 2014, Heartbleed)
A potential security vulnerability has been identified in HP Officejet Pro X printers and in certain Officejet Pro printers running OpenSSL. This is the OpenSSL vulnerability known...
7.5CVSS
8.1AI Score
0.975EPSS
Potential Security Impact Remote disclosure of information VULNERABILITY SUMMARY A potential security vulnerability has been identified in HP Officejet Pro X printers and in certain Officejet Pro printers running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" (CVE-2014-0160)...
7.5CVSS
1.8AI Score
0.975EPSS
Yokogawa CENTUM CS3000 'BKHOdeq.exe'栈缓冲区溢出漏洞
Bugtraq ID:66111 Yokogawa CENTUM CS3000是一款生产控制系统。 Yokogawa CENTUM CS3000 'BKHOdeq.exe'处理特制报文时存在一个基于栈的缓冲区溢出,允许攻击者利用漏洞提交特殊的请求可使应用程序崩溃或执行任意代码。 0 Yokogawa CENTUM CS 3000 R3.08.50 厂商补丁: Yokogawa 用户可联系厂商获得相应的升级或补丁程序:...
7.1AI Score
7.4AI Score
EPSS
Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow Vulnerability
This Metasploit module exploits a stack based buffer overflow in Yokogawa CENTUM CS 3000. The vulnerability exists in the service BKHOdeq.exe when handling specially crafted packets. This Metasploit module has been tested successfully on Yokogawa CENTUM CS 3000 R3.08.50 over Windows XP SP3 and...
7.4AI Score
0.9AI Score
Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow
This module exploits a stack based buffer overflow in Yokogawa CENTUM CS 3000. The vulnerability exists in the service BKHOdeq.exe when handling specially crafted packets. This module has been tested successfully on Yokogawa CENTUM CS 3000 R3.08.50 over Windows XP SP3 and Windows 2003...
7.4AI Score
Threat Outbreak Alert: Fake Purchase Order Notification Email Messages on November 13, 2013
Medium Alert ID: 31769 First Published: 2013 November 14 17:22 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a purchase order notification for the recipient. The text in the email message attempts to convince the...
-0.1AI Score
Multiple cross-site scripting (XSS) vulnerabilities in the signin functionality of ics in MyTeamwork services in Alcatel-Lucent Omnitouch 8660 My Teamwork before 6.7, Omnitouch 8670 Automated Message Delivery System (AMDS) before 6.7, Omnitouch 8460 Advanced Communication Server before 9.1, and...
5AI Score
0.003EPSS
Multiple cross-site scripting (XSS) vulnerabilities in the signin functionality of ics in MyTeamwork services in Alcatel-Lucent Omnitouch 8660 My Teamwork before 6.7, Omnitouch 8670 Automated Message Delivery System (AMDS) before 6.7, Omnitouch 8460 Advanced Communication Server before 9.1, and...
5AI Score
0.003EPSS
Multiple cross-site scripting (XSS) vulnerabilities in the signin functionality of ics in MyTeamwork services in Alcatel-Lucent Omnitouch 8660 My Teamwork before 6.7, Omnitouch 8670 Automated Message Delivery System (AMDS) before 6.7, Omnitouch 8460 Advanced Communication Server before 9.1, and...
5AI Score
0.003EPSS
Multiple cross-site scripting (XSS) vulnerabilities in the signin functionality of ics in MyTeamwork services in Alcatel-Lucent Omnitouch 8660 My Teamwork before 6.7, Omnitouch 8670 Automated Message Delivery System (AMDS) before 6.7, Omnitouch 8460 Advanced Communication Server before 9.1, and...
5AI Score
0.003EPSS
The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session, which allows remote authenticated users to hijack sessions via an unspecified interception...
6.4AI Score
0.002EPSS