Lucene search
+L

59 matches found

osv
osv
added 2020/12/15 6:15 p.m.1 views

ALPINE-CVE-2020-29481

An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to Xenstore nodes...

8.8CVSS6.3AI score0.00347EPSS
Exploits0References1
osv
osv
added 2020/10/16 11:15 p.m.1 views

CVE-2020-1243

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a...

7.8CVSS5.8AI score0.009EPSS
Exploits0References1
osv
osv
added 2020/09/11 5:15 p.m.2 views

CVE-2020-0904

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a...

6.5CVSS6.9AI score0.01235EPSS
Exploits0References1
osv
osv
added 2020/09/11 5:15 p.m.0 views

CVE-2020-0890

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a...

6.5CVSS6.9AI score0.02838EPSS
Exploits0References1
osv
osv
added 2020/04/14 1:15 p.m.3 views

DEBIAN-CVE-2020-11741

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users with active profiling to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the administrator, the xenopr...

8.8CVSS8.3AI score0.00424EPSS
Exploits0References1
hackread
hackread
added 2020/04/01 11:35 a.m.41 views

Marriott hacked AGAIN – Millions of guests’ data accessed by hackers

By Waqas Marriott International has been hacked again and this time millions of customer data has been stolen just like in 2018. This is a post from HackRead.com Read the original post: Marriott hacked AGAIN - Millions of guests' data accessed by hackers...

3.8AI score
Exploits0
thn
thn
added 2020/03/31 2:0 p.m.3 views

Marriott Suffers Second Breach Exposing Data of 5.2 Million Hotel Guests

International hotel chain Marriott today disclosed a data breach impacting nearly 5.2 million hotel guests, making it the second security incident to hit the company in recent years. "At the end of February 2020, we identified that an unexpected amount of guest information may have been accessed...

5.8AI score
Exploits0
osv
osv
added 2020/02/11 10:15 p.m.3 views

CVE-2020-0751

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a...

6CVSS6.8AI score0.01393EPSS
Exploits0References1
virtuozzo
virtuozzo
added 2019/07/30 12:0 a.m.26 views

Product update: Virtuozzo 7.0 Update 11 (7.0.11-293)

The Update 11 for Virtuozzo 7.0 provides new features as well as stability and usability bug fixes. It also introduces a new kernel 3.10.0-957.12.2.vz7.96.21. Vulnerability id: PSBM-82223 Under certain circumstances, a VM with IDE disks could crash or corrupt guest data during migration or snapsh...

6.8AI score
Exploits0
osv
osv
added 2019/07/26 1:15 a.m.5 views

CVE-2019-5604

In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350247, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, the emulated XHCI device included with the bhyve hypervisor did not properly validate data provided by the guest,...

9.6CVSS5.8AI score0.03094EPSS
Exploits0References3
thn
thn
added 2019/07/09 7:54 p.m.2 views

Marriott Faces $123 Million GDPR Fine Over Starwood Data Breach

After fining British Airways with a record fine of £183 million earlier this week, the UK's data privacy regulator is now planning to slap world's biggest hotel chain Marriott International with a £99 million $123 million fine under GDPR over 2014 data breach. This is the second major penalty...

6.4AI score
Exploits0
osv
osv
added 2018/12/07 9:29 p.m.4 views

CVE-2018-7079

Aruba ClearPass Policy Manager guest authorization failure. Certain administrative operations in ClearPass Guest do not properly enforce authorization rules, which allows any authenticated administrative user to execute those operations regardless of privilege level. This could allow low-privileg...

7.2CVSS5.9AI score0.00941EPSS
Exploits0References1
osv
osv
added 2017/10/18 8:29 a.m.5 views

DEBIAN-CVE-2017-15589

An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS or an arbitrary guest OS because intercepted I/O operations can cause a write of data from uninitialized hypervisor stack memory...

6.5CVSS6.6AI score0.00407EPSS
Exploits0References1
osv
osv
added 2017/10/18 8:29 a.m.5 views

ALPINE-CVE-2017-15589

An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS or an arbitrary guest OS because intercepted I/O operations can cause a write of data from uninitialized hypervisor stack memory...

6.5CVSS6.6AI score0.00407EPSS
Exploits0References1
githubexploit
githubexploit
added 2017/09/25 8:42 p.m.4 views

Exploit for CVE-2017-10235

CVE-2017-10235: VirtualBox E1000 device buffer overflow In...

6.7CVSS8.1AI score0.00833EPSS
Exploits1
osv
osv
added 2016/04/13 3:59 p.m.2 views

DEBIAN-CVE-2015-8555

Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors...

8.6CVSS8.1AI score0.02254EPSS
Exploits0References1
osv
osv
added 2016/04/13 3:59 p.m.4 views

UBUNTU-CVE-2015-8555

Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors...

8.6CVSS7.2AI score0.02254EPSS
Exploits0References3
cnvd
cnvd
added 2015/03/05 12:0 a.m.6 views

Xen version information hypercall information disclosure vulnerability

Xen is an open source virtual machine. Xen has a security vulnerability that allows a malicious HVM Guest to read sensitive data from other Guests via version information hypercall...

2.1CVSS6.4AI score0.00466EPSS
Exploits0References1
redhat
redhat
added 2010/08/19 9:25 p.m.6 views

libspice: Relying on guest provided data structures to indicate memory allocation

libspice, as used in QEMU-KVM in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service guest OS crash ...

6.6CVSS5.8AI score0.00311EPSS
Exploits0References4
Rows per page
Query Builder