38 matches found
SUSE SLES12 Security Update : xen (SUSE-SU-2020:3631-1)
This update for xen fixes the following issues : bsc1178963 - stack corruption from XSA-346 change XSA-355 bsc1177409 - CVE-2020-27674: x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286 bsc1177412 - CVE-2020-27672: Race condition in Xen mapping code XSA-345 bsc1177413 -...
SUSE SLES12 Security Update : xen (SUSE-SU-2020:3050-1)
This update for xen fixes the following issues : bsc1177409 - VUL-0: CVE-2020-27673: xen: x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286 bsc1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen mapping code XSA-345 bsc1177413 - VUL-0: CVE-2020-27671: xen: undue deferra...
SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:3049-1)
This update for xen fixes the following issues : bsc1177409 - VUL-0: CVE-2020-27673: xen: x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286 bsc1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen mapping code XSA-345 bsc1177413 - VUL-0: CVE-2020-27671: xen: undue deferra...
Fedora 31 : xen (2020-6dd36a716c)
revised patch for XSA-286 mitigating performance impact ---- x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286, CVE-2020-27674 1891092 ---- x86: Race condition in Xen mapping code XSA-345 undue deferral of IOMMU TLB flushes XSA-346 unsafe AMD IOMMU page table updates XSA-347 No...
Fedora 33 : xen (2020-ec84c1565b)
revised patch for XSA-286 mitigating performance impact ---- x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286, CVE-2020-27674 1891092 simplify grub scripts patches from Thierry Vignaud some fixes for gcc 11 Note that Tenable Network Security has extracted the preceding...
GE Healthcare Ultrasound products (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION : low attack complexity Vendor : GE Healthcare Equipment : Ultrasound Products Vulnerability : Protection Mechanism Failure, Incorrect User Management 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker...
[SECURITY] Fedora 30 Update: dosbox-0.74.3-2.fc30
DOSBox is a DOS-emulator using SDL for easy portability to different platforms. DOSBox has already been ported to several different platforms, such as Windows, BeOS, Linux, Mac OS X... DOSBox emulates a 286/386 realmode CPU, Directory FileSystem/XMS/EMS, a SoundBlaster card for excellent sound...
SPIP CMS 2.x / 3.x Add Administrator / File Upload
Exploit Title : Spip CMS 2.x/3.x Add Administrator Account & Arbitrary File Upload Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Published Date : 26/03/2019 First Discovered Date : 2013 - 2014 Vendor Homepage : spip.net Software Download Links :...
Security Bulletin: Vulnerability with Java Portlet Specification JSR 286 may affect WebSphere Application Server (CVE-2015-1926)
Summary There has been a change to the Java Portlet Specification 2.0 JSR 286 that may affect some configurations of WebSphere Application Server. Vulnerability Details CVEID: CVE-2015-1926 DESCRIPTION: The Java Portlet Specification JSR 286 API jar file code could allow a remote attacker to obta...
LAquis SCADA 4.1.0.2385 - Directory Traversal Exploit
Exploit for multiple platform in category remote exploits require 'msf/core' class MetasploitModule 'LAquis SCADA Web Server Directory Traversal Information Disclosure', 'Description' = %q This module exploits a directory traversal vulnerability found in the LAquis SCADA application. The...
Sophos HitmanPro.Alert solution and Sophos Clean SurfRight HitmanPro security vulnerabilities
Sophos HitmanPro.Alert solution and Sophos Clean are both virus protection software from Sophos UK.SurfRight HitmanPro is one of the malware scanning tools available. A security vulnerability exists in versions prior to SurfRight HitmanPro 3.7.20 Build 286 in Sophos HitmanPro.Alert solution and...
CVE-2017-7441
In Sophos SurfRight HitmanPro before 3.7.20 Build 286 included in the HitmanPro.Alert solution and Sophos Clean, a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks. Because the leak occurs at the driver level, an attacker can use this vulnerability to leak some critical informatio...
ISO Tolerances (DIN ISO 286-1) - Suspicious files vulnerabilities
HackApp vulnerability scanner discovered that application ISO Tolerances DIN ISO 286-1 published at the 'play' market has multiple vulnerabilities...
Amazon Linux: Security Advisory (ALAS-2014-286)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Prolink PRN2001 - Multiple Vulnerabilities
Prolink PRN2001 - Multiple Vulnerabilities Exploit Title: Prolink PRN2001 Multiple Vulnerabilities 1. -Advisory Information- Title: Prolink PRN2001 Multiple Vulnerabilities Firmware: Ver 1.2 Firmware URL: http://www.prolink2u.com/download/fw/fwPRN2001V1.220130323.zip Vendor Homepage:...
CVE-2012-4464
Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the 1 exctos or 2 nameerrtos API function, which marks the string as tainted, a different vulnerability than CVE-2012-4466. NOTE:...
CVE-2012-4464
Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the 1 exctos or 2 nameerrtos API function, which marks the string as tainted, a different vulnerability than CVE-2012-4466. NOTE:...
Medium: ruby
Issue Overview: Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the nameerrmesgtostr API function, which marks the string as tainted, a different...