5618 matches found
PT-2021-14670 · Jenkins · Jenkins Libvirt Agents Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Libvirt Agents Plugin versions 1.9.0 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to stop hypervisor domains. This issue arises because the plugin does not require POST requests for a form...
Xen 安全漏洞
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen has a security vulnerability that can be...
Driver Disk for Intel ixgbe 5.9.4 - For Citrix Hypervisor 8.2 LTSR
Who Should Install this Driver Disk? Customers running a Citrix Hypervisor 8.2 LTSRrelease who use Intel's ixgbe driver and wish to use the latest version of the following: Driver Module| Version ---|--- ixgbe| 5.9.4 Issues Resolved In this Driver Disk Addresses a memory leak in the control domai...
PT-2021-3505 · Xen +2 · Xen +2
Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified Description: The issue is related to the implementation of paravirtualization PV mode in the Xen hypervisor, specifically with the use of the Indirect Branch Restricted Speculation IBRS mechanism. This coul...
Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server January 2021 CPU
Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These might affect some configurations of IBM WebSphere Application Server Traditional, IBM WebSphere Application Server Liberty and IBM WebSphere Applicatio...
UBUNTU-CVE-2021-28039
An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has...
Parallels Desktop Toolgate Integer Overflow Elevation of Privilege Vulnerability
Parallels Desktop is a virtual machine software that runs on Mac computers. A vulnerability in Parallels Desktop Toolgate, which lacks proper validation of user-supplied data, can be exploited by an attacker to escalate privileges and execute arbitrary code in the context of the hypervisor...
Parallels Desktop Toolgate Out-of-Bounds Access Elevation of Privilege Vulnerability
Parallels Desktop is a virtual machine software that runs on Mac computers. A security vulnerability exists in Parallels Desktop Toolgate that stems from a lack of proper validation of user-supplied data, which could lead to memory corruption. An attacker can exploit the vulnerability to execute...
[SECURITY] Fedora 33 Update: xen-4.14.1-5.fc33
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
[SECURITY] Fedora 32 Update: xen-4.13.2-7.fc32
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
Fedora: Security Advisory for xen (FEDORA-2021-4c819bf1ad)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for xen (FEDORA-2021-47f53a940a)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
USN-4752-1: Linux kernel (OEM) vulnerabilities
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proxima...
The vulnerability of the OpenSLP service of the VMware ESXi hypervisor allows a attacker to execute arbitrary code.
The vulnerability of the OpenSLP supervisor in VMware ESXi is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Parallels Desktop Toolgate Integer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate...
Parallels Desktop Toolgate Integer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate...
Parallels Desktop Toolgate Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...
Parallels Desktop Toolgate Out-Of-Bounds Write Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate...
Parallels Desktop Toolgate Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within t...
FreeBSD-SA-21:06.xen
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-21:06.xen Security Advisory The FreeBSD Project Topic: Xen grant mapping error handling issues Category: contrib Module: xen Announced: 2021-02-24 Credits: See...