20 matches found
SUSE SLES11 Security Update : tomcat6 (SUSE-SU-2020:14375-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14375-1 advisory. - The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escapi...
SUSE: Security Advisory (SUSE-SU-2020:2770-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:2767-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:2768-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.6.0 : spdk (EulerOS-SA-2021-1528)
According to the versions of the spdk package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A complete lack of validation of...
Huawei EulerOS: Security Advisory for dpdk (EulerOS-SA-2021-1241)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : spdk (EulerOS-SA-2021-1043)
According to the versions of the spdk package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copydata functio...
SUSE SLED15 / SLES15 Security Update : dpdk (SUSE-SU-2020:2770-1)
This update for dpdk fixes the following issues : dpdk was updated to 19.11.4 CVE-2020-14374,CVE-2020-14375,CVE-2020-14376,CVE-2020-14377,CVE-2020-1 4378: Fixed multiple issues where a malicious guest could harm the host using vhost crypto, including executing code in host VM Escape, reading host...
SUSE SLES15 Security Update : dpdk (SUSE-SU-2020:2769-1)
This update for dpdk fixes the following issues : dpdk was updated to 18.11.9. For a list of fixes check : CVE-2020-14374,CVE-2020-14375,CVE-2020-14376,CVE-2020-14377,CVE-2020-1 4378: Fixed multiple issues where a malicious guest could harm the host using vhost crypto, including executing code in...
phpLDAPadmin < 1.2.5 Multiple XSS Vulnerabilities - Linux
phpLDAPadmin is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
phpLDAPadmin < 1.2.5 Multiple XSS Vulnerabilities - Windows
phpLDAPadmin is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Huawei EulerOS: Security Advisory for dpdk (EulerOS-SA-2020-2308)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : dpdk (openSUSE-2020-1599)
This update for dpdk fixes the following issues : - dpdk was updated to 19.11.4 - CVE-2020-14374,CVE-2020-14375,CVE-2020-14376,CVE-2020-14 377,CVE-2020-14378: Fixed multiple issues where a malicious guest could harm the host using vhost crypto, including executing code in host VM Escape, reading...
openSUSE: Security Advisory for dpdk (openSUSE-SU-2020:1593-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-14375
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhostcrypto has validate...
CVE-2020-14375
CVE-2020-14374 to CVE-2020-14378 affect dpdk before 18.11.10 and before 19.11.5. The issues enable memory corruption/over-reads in vhost_crypto paths and related bounds checks (copy_data, move_desc, and Virtio ring descriptors). In a VM, an attacker can read/write host memory, impacting confident...
CVE-2018-14375
REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
UBUNTU-CVE-2018-14375
REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
CVE-2018-14375
CVE-2018-14375 is rejected/not used; this entry does not represent an active vulnerability.
CVE-2017-14375
EMC CVE-2017-14375 is an authentication bypass vulnerability affecting multiple EMC appliances: Unisphere for VMAX Virtual Appliance vApp Manager, Solutions Enabler Virtual Appliance, VASA Provider Virtual Appliance, and VMAX eManagement. Affected versions (per sources) are: Unisphere vApp before...