CVE-2021-31430

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

CVE-2021-31429

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists withi...

CVE-2021-31427

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

CVE-2021-31423

Parallels Desktop Toolgate Uninitialized Memory Information Disclosure (CVE-2021-31423) affects Parallels Desktop 15.1.5-47309. The flaw is in the Toolgate component and stems from failure to properly initialize memory before access, allowing a local attacker who can execute high-privilege code o...

CVE-2021-31423

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

CVE-2021-31422

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists withi...

CVE-2021-31421

This vulnerability allows local attackers to delete arbitrary files on affected installations of Parallels Desktop 16.1.1-49141. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists...

CVE-2021-31418

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4-47270. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

Xen Xenstore Use-After-Free DoS (XSA-325)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by an issue. Xenstored and guests communicate via a shared memory page using a specific protocol. When a guest violates this protocol, xenstored will drop the connection to that guest...

Xen oxenstored Bad Permissions (XSA-353)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a bad permissions issue. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately...

Xen IRQ Vector Leak DoS (XSA-360)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service DoS vulnerability. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X...

Xen Missing Alignment Check DoS (XSA-327)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by an issue allowing Arm guest OS users to cause a hypervisor crash because of a missing alignment check in VCPUOPregistervcpuinfo. The hypercall VCPUOPregistervcpuinfo is used by a guest to...

Xen Inverted Conditional DoS (XSA-319)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by an issue allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests to make Xen de-reference ...

Xen Paging Tables Race Condition (XSA-328)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by an issue allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, X...

Xen Speculative Side Channel Information Disclosure (XSA-320)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by an issue. Incomplete cleanup from specific special register read operations in some IntelR Processors may allow an authenticated user to potentially enable information disclosure via loca...

(Pwn2Own) Oracle VirtualBox e1000 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

Xen x86 Race Condition Use-After-Free (XSA-345)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by an issue allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-fr...

Hotfix XS82E023 - For Citrix Hypervisor 8.2

Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2. Information About this Hotfix Component| Details ---|--- Prerequisite| None Post-update tasks| None Content live patchable| No Baselines for Live Patch| N/A Revision History| Published on Apr 27, 2021...

The vulnerability of the Hyper-V hardware virtualization system for Microsoft Windows operating systems allows a hacker to circumvent existing security restrictions.

The vulnerability of the Hyper-V hardware virtualization technology in Microsoft Windows operating systems is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to circumvent existing security restrictions through the configuration of Router Guard...

Oracle VirtualBox VMSVGA Numeric Truncation Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...