869 matches found
qemu security update
15:4.2.1-28.el7 - virtio-crypto: verify src&dst buffer length for sym request Zhenwei Pi Orabug: 35724113 CVE-2023-3180 - hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller CVE-2023-0330 Thomas Huth Orabug: 35724112 CVE-2023-0330 - kvm: Atomic memslot updates David Hildenbrand Orabug...
OESA-2023-1655 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.CVE-2020-13791 An issue was...
OESA-2023-1654 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.CVE-2020-13791 An issue was...
ac1ac71e247b43238.awsglobalaccelerator.com Open Redirect vulnerability OBB-3676451
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Design/Logic Flaw
In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software Interface is selected, and the Authenticated Encryption with Associated Data Chacha20-Poly1305 algorithm is used, with the single-part verification function...
CVE-2023-40271
In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software Interface is selected, and the Authenticated Encryption with Associated Data Chacha20-Poly1305 algorithm is used, with the single-part verification function...
CVE-2023-40271
In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software Interface is selected, and the Authenticated Encryption with Associated Data Chacha20-Poly1305 algorithm is used, with the single-part verification function...
CVE-2023-40271
Summary: CVE-2023-40271 describes a vulnerability in Trusted Firmware-M (TF-M) up to v1.8.0 where, on platforms using the CryptoCell PSA Driver with ChaCha20-Poly1305, the authentication tag verification performed by a single-part path compares only the first 4 bytes of the 16-byte tag. This inco...
The vulnerability of the TCG Accelerator component of the hardware emulation software QEMU allows a hacker to execute arbitrary code, increase their privileges, and perform denial-of-service attacks.
The vulnerability of the TCG Accelerator component of the hardware emulation software QEMU is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code, increase their privileges, and perform denial-of-service attacks...
SUSE CVE-2020-24165
An issue was discovered in TCG Accelerator in QEMU 4.2.0, allows local attackers to execute arbitrary code, escalate privileges, and cause a denial of service DoS. Note: This is disputed as a bug and not a valid security issue by multiple third parties...
CVE-2020-24165
An issue was discovered in TCG Accelerator in QEMU 4.2.0, allows local attackers to execute arbitrary code, escalate privileges, and cause a denial of service DoS. Note: This is disputed as a bug and not a valid security issue by multiple third parties...
CVE-2020-24165
An issue was discovered in TCG Accelerator in QEMU 4.2.0, allows local attackers to execute arbitrary code, escalate privileges, and cause a denial of service DoS. Note: This is disputed as a bug and not a valid security issue by multiple third parties...
DEBIAN-CVE-2020-24165
An issue was discovered in TCG Accelerator in QEMU 4.2.0, allows local attackers to execute arbitrary code, escalate privileges, and cause a denial of service DoS. Note: This is disputed as a bug and not a valid security issue by multiple third parties...
UBUNTU-CVE-2020-24165
An issue was discovered in TCG Accelerator in QEMU 4.2.0, allows local attackers to execute arbitrary code, escalate privileges, and cause a denial of service DoS. Note: This is disputed as a bug and not a valid security issue by multiple third parties...
Code injection
An issue was discovered in TCG Accelerator in QEMU 4.2.0, allows local attackers to execute arbitrary code, escalate privileges, and cause a denial of service DoS...
PT-2023-4687 · Qemu +2 · Qemu +2
Name of the Vulnerable Software and Affected Versions: QEMU version 4.2.0 Description: An issue was discovered in the TCG Accelerator component of QEMU, related to the use of memory after it has been freed. This issue allows local attackers to execute arbitrary code, escalate privileges, and caus...
CVE-2020-24165
Technical details of CVE-2020-24165 are not provided in the supplied documents. No affected products, impact, or remediation specifics are disclosed here; monitor for updates from official advisories.
CVE-2020-24165
An issue was discovered in TCG Accelerator in QEMU 4.2.0, allows local attackers to execute arbitrary code, escalate privileges, and cause a denial of service DoS. Note: This is disputed as a bug and not a valid security issue by multiple third parties...
Security Bulletin: Mutiple Vulnerabilties Affecting IBM Watson Machine Learning Accelerator
Summary IBM Watson Machine Learning Accelerator 1.2.x is vulnerable to several vulnerabilities coming from dependent compoents. These are addressed. Vulnerability Details CVEID:CVE-2023-20863 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input...
Security Bulletin: Multiple Eclipse Jetty Vulnerabilities Affect IBM Analytic Accelerator Framework for Communication Service Providers & IBM Customer and Network Analytics
Summary Eclipse Jetty is used in the solution's microservices bis, auth, analytics, cna as the engine of the HTTP server, underpinning APIs and UI. Several CVEs were found in the version used. These vulnerabilities are addressed. Vulnerability Details CVEID:CVE-2021-28169 DESCRIPTION: Eclipse Jet...