Lucene search
K

322 matches found

FreeBSD
FreeBSD
added 2018/12/04 12:0 a.m.22 views

FreeBSD -- Insufficient bounds checking in bhyve(8) device model

Problem Description: Insufficient bounds checking in one of the device models provided by bhyve8 can permit a guest operating system to overwrite memory in the bhyve8 processing possibly permitting arbitary code execution. Impact: A guest OS using a firmware image can cause the bhyve process to...

6.1CVSS2.6AI score0.01325EPSS
Exploits0
OSV
OSV
added 2018/07/02 5:29 p.m.4 views

ALPINE-CVE-2018-12892

An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...

9.9CVSS6.7AI score0.02554EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2018/05/23 12:0 a.m.1 views

PT-2018-3906 · D Link · D-Link Dsl-3782

Name of the Vulnerable Software and Affected Versions: D-Link DSL-3782 version V100R001B012 Description: A flaw in the authentication mechanism of the Login Panel allows unauthenticated attackers to perform arbitrary modification to passwords and configurations while an administrator is logged in...

10CVSS9.6AI score0.13282EPSS
Exploits5References4
CNVD
CNVD
added 2018/05/11 12:0 a.m.3 views

Xen Denial of Service Vulnerability (CNVD-2018-09328)

Xen is an open source virtual machine monitor developed by the Xen Project. A denial of service vulnerability exists in 4.10.x and earlier versions of Xen. x86 HVM client OS users can attempt an invalid transition between requested states in the QEMU device model. An attacker can exploit this...

6.5CVSS6.4AI score0.00442EPSS
Exploits0References1
NVD
NVD
added 2018/05/10 10:29 p.m.20 views

CVE-2018-10981

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service host OS infinite loop in situations where a QEMU device model attempts to make invalid transitions between states of a request...

6.5CVSS6AI score0.00442EPSS
Exploits0References7
Prion
Prion
added 2018/05/10 10:29 p.m.33 views

Cross site request forgery (csrf)

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service host OS infinite loop in situations where a QEMU device model attempts to make invalid transitions between states of a request...

4.9CVSS6.3AI score0.00442EPSS
Exploits0References7Affected Software2
OSV
OSV
added 2018/05/10 10:29 p.m.22 views

CVE-2018-10981

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service host OS infinite loop in situations where a QEMU device model attempts to make invalid transitions between states of a request...

6.5CVSS6.4AI score
Exploits0References7
Cvelist
Cvelist
added 2018/05/10 10:0 p.m.32 views

CVE-2018-10981

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service host OS infinite loop in situations where a QEMU device model attempts to make invalid transitions between states of a request...

5.7AI score0.00442EPSS
Exploits0References7
Xen Project
Xen Project
added 2018/05/08 5:0 p.m.508 views

qemu may drive Xen into unbounded loop

ISSUE DESCRIPTION When Xen sends requests to a device model, the next expected action inside Xen is tracked using a state field. The requests themselves are placed in a memory page shared with the device model, so that the device model can communicate to Xen its progress on the request. The state...

6.5CVSS0.8AI score0.00442EPSS
Exploits0Affected Software1
0day.today
0day.today
added 2018/02/07 12:0 a.m.30 views

Vivotek IP Cameras - Remote Stack Overflow (PoC) Vulnerability

Exploit for multiple platform in category remote exploits STX Subject: Vivotek IP Cameras - Remote Stack Overflow Researcher: bashis September-October 2017 PoC: https://github.com/mcw0/PoC Release date: November 13, 2017 Full Disclosure: 43 days Attack Vector: Remote Authentication: Anonymous no...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2018/02/03 12:0 a.m.32 views

FiberHome AN5506 Unauthenticated Remote DNS Change

FIBERHOME AN5506 Unauthenticated Remote DNS Change Vulnerability Software Version RP2617 Device Model AN5506-04-F Vendor Homepage: www.fiberhome.com/ Date: 01/02/2018 Exploit Author: r0ots3c http://wandoelmo.com.br https://www.facebook.com/wsec.info Description: Vulnerability exists in web...

7.1AI score
Exploits0
Prion
Prion
added 2018/01/12 5:29 p.m.26 views

Default credentials

The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. Unauthorized Access to Web Services can result in disclosure of the WLAN key/password...

5CVSS9.2AI score0.36627EPSS
Exploits5References2Affected Software1
Exploit DB
Exploit DB
added 2017/12/12 12:0 a.m.31 views

Vivotek IP Cameras - Remote Stack Overflow (PoC)

STX Subject: Vivotek IP Cameras - Remote Stack Overflow Researcher: bashis September-October 2017 PoC: https://github.com/mcw0/PoC Release date: November 13, 2017 Full Disclosure: 43 days Attack Vector: Remote Authentication: Anonymous no credentials needed Firmware Vulnerable: Only 2017 versions...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2017/11/23 12:0 a.m.7 views

The vulnerability of the microprogrammed software of the Philips In.Sight B120/37 wireless video camera lies in the presence of pre-installed accounts, which allow a intruder to gain access to the device.

The vulnerability of the microprogrammed software of the Philips In.Sight B120/37 wireless video camera is related to the presence of preset user accounts for access via Telnet or UART accounts like “root”, “admin”, and “mg3500” with passwords “b120root”, “/ADMIN/”, and “merlin” respectively as...

10CVSS7.7AI score0.01566EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2017/11/06 8:29 a.m.3 views

CVE-2017-16565

Cross-Site Request Forgery CSRF in /cgi-bin/login on Vonage Grandstream HT802 devices allows attackers to authenticate a user via the login screen using the default password of 123 and submit arbitrary requests...

8.8CVSS5.7AI score0.00494EPSS
Exploits1References3
Gentoo Linux
Gentoo Linux
added 2017/03/28 12:0 a.m.56 views

Xen: Privilege Escalation

Background Xen is a bare-metal hypervisor. Description In CIRRUSBLTMODEMEMSYSSRC mode the bitblit copy routine cirrusbitbltcputovideo fails to check wethehr the specified memory region is safe. Impact A local attacker could potentially execute arbitrary code with privileges of Xen QEMU process on...

9.9CVSS8.7AI score0.03559EPSS
Exploits0
Xen Project
Xen Project
added 2017/03/14 12:0 p.m.101 views

Cirrus VGA Heap overflow via display refresh

ISSUE DESCRIPTION When a graphics update command gets passed to the VGA emulator, there are 3 possible modes that can be used to update the display: blank - Clears the display text - Treats the display as showing text graph - Treats the display as showing graphics After the display geometry gets...

9.9CVSS7.6AI score0.04448EPSS
Exploits0Affected Software1
FreeBSD
FreeBSD
added 2017/03/14 12:0 a.m.27 views

xen-tools -- Cirrus VGA Heap overflow via display refresh

The Xen Project reports: A privileged user within the guest VM can cause a heap overflow in the device model process, potentially escalating their privileges to that of the device model process...

9.9CVSS3.9AI score0.04448EPSS
Exploits0References1
OSV
OSV
added 2017/02/17 2:59 a.m.5 views

CVE-2016-9637

The 1 ioportread and 2 ioportwrite functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access...

7.5CVSS6.1AI score
Exploits0References7
OSV
OSV
added 2017/02/17 2:59 a.m.4 views

DEBIAN-CVE-2016-9637

The 1 ioportread and 2 ioportwrite functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access...

7.5CVSS9.1AI score0.00364EPSS
Exploits0References1
Rows per page
Query Builder