CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2021/12/10 6:15 p.m.•14 views

Design/Logic Flaw

IBM PowerVM Hypervisor FW940, FW950, and FW1010 could allow an authenticated user to cause the system to crash using a specially crafted IBMi Hypervisor call. IBM X-Force ID: 210894...

6.8CVSS6.2AI score0.00952EPSS

Prion•added 2021/12/10 6:15 p.m.•11 views

Code injection

9.4CVSS8.7AI score0.01476EPSS

CVE•added 2021/12/10 5:50 p.m.•40 views

CVE-2021-38937

IBM PowerVM Hypervisor CVE-2021-38937 affects FW940, FW950, and FW1010. An authenticated user can trigger a specially crafted IBMi Hypervisor call to crash the system. Remediation is to upgrade to FW940.50(940_095), FW950.30(950_092), FW1010.01(1010_69) or newer. Affected Power VM Hypervisor vers...

6.8CVSS6.2AI score0.00952EPSS

Cvelist•added 2021/12/10 5:50 p.m.•13 views

CVE-2021-38937

IBM PowerVM Hypervisor FW940, FW950, and FW1010 could allow an authenticated user to cause the system to crash using a specially crafted IBMi Hypervisor call. IBM X-Force ID: 210894...

6.3CVSS6.3AI score0.00952EPSS

CVE•added 2021/12/10 5:50 p.m.•53 views

CVE-2021-38917

IBM PowerVM Hypervisor FW860, FW940, and FW950 are vulnerable to an access-control flaw that allows an attacker who gains service access to the FSP to read and write arbitrary host memory via crafted service procedures. Impact: high confidentiality and integrity, no availability impact. Affected ...

9.4CVSS8.6AI score0.01476EPSS

Cvelist•added 2021/12/10 5:50 p.m.•14 views

CVE-2021-38917

7.4CVSS8.6AI score0.01476EPSS

IBM Security Bulletins•added 2021/12/10 3:47 a.m.•22 views

Security Bulletin: The PowerVM hypervisor can violate the isolation between peer VMs in certain scenarios

Summary A specific sequence of VM management operations from the management console HMC, Novalink, or PowerVC can lead to a violation of the isolation between peer VMs. Vulnerability Details CVEID: CVE-2021-38918 DESCRIPTION: IBM PowerVM Hypervisor through a specific sequence of VM management...

8.6CVSS7AI score0.0121EPSS

CNNVD•added 2021/12/10 12:0 a.m.•3 views

AMD EPYC Embedded Processors 安全漏洞

AMD EPYC is an x86 server microprocessor product line from AMD, known as "Xiao Long" in Chinese, utilizing the Zen microarchitecture. A security vulnerability exists in AMD EPYC Embedded Processors, where an unprivileged process executed by a malicious hypervisor in a VM could maliciously take...

8.4CVSS7.8AI score0.00239EPSS

IBM Security Bulletins•added 2021/12/09 9:20 p.m.•16 views

Security Bulletin: The PowerVM hypervisor is vulnerable to a carefully crafted IBMi hypervisor call that can lead to a system crash

Summary The PowerVM hypervisor is vulnerable to a carefully crafted IBMi hypervisor call that can lead to a system crash Vulnerability Details CVEID: CVE-2021-38937 DESCRIPTION: IBM PowerVM Hypervisor could allow an authenticated user to cause the system to crash using a specially crafted IBMi...

6.8CVSS6AI score0.00952EPSS

IBM Security Bulletins•added 2021/12/09 9:17 p.m.•15 views

Security Bulletin: The PowerVM hypervisor can allow an attacker that gains service access to the FSP to read and write system memory

Summary On PowerVM systems an attacker that gains service access to the FSP can read and write system memory through a series of carefully crafted service procedures Vulnerability Details CVEID: CVE-2021-38917 DESCRIPTION: IBM PowerVM Hypervisor could allow an attacker that gains service access t...

9.4CVSS8.5AI score0.01476EPSS

Fedora•added 2021/12/09 1:35 a.m.•30 views

[SECURITY] Fedora 34 Update: xen-4.14.3-3.fc34

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

2.1AI score0.0206EPSS

CNNVD•added 2021/12/09 12:0 a.m.•2 views

IBM PowerVM Hypervisor 安全漏洞

IBM PowerVM Hypervisor is an application from IBM USA, Inc. provides a secure and scalable virtualization environment for applications built on the advanced RAS capabilities and leading performance of the Power Systems platform.A denial-of-service vulnerability exists in IBM PowerVM Hypervisor th...

6.8CVSS5.7AI score0.00952EPSS

Exploits0References4

CNNVD•added 2021/12/09 12:0 a.m.•3 views

IBM PowerVM Hypervisor 安全漏洞

IBM PowerVM Hypervisor is an application from Universal Business Machines IBM, Inc. provides a secure and scalable virtualization environment for applications that are built on the advanced RAS capabilities and leading performance of the Power Systems platform.A security vulnerability exists in I...

8.6CVSS5.5AI score0.0121EPSS

Exploits0References3

OpenVAS•added 2021/12/09 12:0 a.m.•20 views

Fedora: Security Advisory for xen (FEDORA-2021-2b3a2de94f)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.3AI score0.0206EPSS

OSV•added 2021/12/07 12:15 p.m.•3 views

ALPINE-CVE-2021-28703

grant table v2 status pages may remain accessible after de-allocation take two Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated whe...

7CVSS6.9AI score0.00305EPSS

Exploits0References1

AlpineLinux•added 2021/12/07 12:15 p.m.•26 views

CVE-2021-28703

7CVSS0.4AI score0.00305EPSS

CVE•added 2021/12/07 12:0 a.m.•71 views

CVE-2021-28703

CVE-2021-28703 describes a Xen hypervisor issue where grant table v2 status pages could remain accessible after de-allocation due to race conditions in guest mappings. The hypervisor tracks only a single use in guest space, so concurrent mapping requests could cause a page to be mapped in multipl...

7CVSS7AI score0.00305EPSS

Debian CVE•added 2021/12/07 12:0 a.m.•20 views

CVE-2021-28703

7CVSS0.4AI score0.00305EPSS