30 matches found
CVE-2026-26357
Dell Unisphere for PowerMax, versions 9.2.4.x, contains an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML or...
CVE-2022-26357
race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The cleaning up of the...
CVE-2025-26357
A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to read sensitive files via crafted HTTP requests...
CVE-2025-26357
A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to read sensitive files via crafted HTTP requests...
CVE-2025-26357
CVE-2025-26357 affects Q-Free MaxTime (Maxtime) prior to 2.11.0. A Path Traversal in maxtime/api/database/database.lua allows an authenticated remote attacker to read sensitive files via crafted HTTP requests. Impact is read access to sensitive files; no exploitation details beyond that are provi...
CVE-2025-26357
A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to read sensitive files via crafted HTTP requests...
SUSE CVE-2022-26357
race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The cleaning up of the...
CVE-2021-26357
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...
SUSE: Security Advisory (SUSE-SU-2022:2158-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for xen (SUSE-SU-2022:1506-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OracleVM 3.4 : xen (OVMSA-2022-0012)
The remote OracleVM system is missing necessary patches to address security updates: - Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XENDMOPtrackdirtyvram was named HVMOPtrackdirtyvram before Xen 4.9 is racy with ongoing log dir...
SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2022:1506-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1506-1 advisory. - Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode...
SUSE: Security Advisory (SUSE-SU-2022:1505-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for xen (FEDORA-2022-64b2c02d29)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2022:1506-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : xen (SUSE-SU-2022:1408-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1408-1 advisory. - LFENCE/JMP mitigation V2-2 may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. CVE-2021-26401 - Non-transparent sharing...
SUSE SLES12 Security Update : xen (SUSE-SU-2022:1375-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1375-1 advisory. - An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in...
SUSE: Security Advisory (SUSE-SU-2022:1375-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:1300-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : xen (SUSE-SU-2022:1300-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1300-1 advisory. - LFENCE/JMP mitigation V2-2 may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. CVE-2021-26401 - Non-transparent sharing...