4452 matches found
OpenJDK: segmentation fault in ciMethodBlocks
A vulnerability was found in OpenJDK. This issue occurs in the ciMethodBlocks::makeblockat function in OpenJDK HotSpot VM 8 11 and 17 are fixed starting from 11.0.17 and 17.0.5 respectively, and may allow an attacker to cause a denial of service...
Xen Security Vulnerabilities
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. Xen has a security vulnerability that ste...
Xen Security Vulnerabilities
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen has a security vulnerability that stems...
SUSE CVE-2023-34327
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...
CVE-2023-36737
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability...
Important: Red Hat Security Advisory: virt:rhel security update
An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as havin...
Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server Instance
Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through an SQL Server instance. "The attackers initially exploited a SQL injection vulnerability in an application within the target's environment," security researchers...
Security Bulletin: Multiple vulnerabilities in the GSKit builds affect IBM Rational ClearQuest
Summary There are multiple vulnerabilities in the GSKit, which are used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-33850 DESCRIPTION: IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information,...
CVE-2023-22382 Improper Input Validation in Automotive
Weak configuration in Automotive while VM is processing a listener request from TEE...
Qualcomm Chip Security Breach
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. The Qualcomm chip has a security vulnerability that stems from a weak...
Qualcomm Chip Security Breach
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and are often manufactured on the surface of semiconductor wafers. A security vulnerability exists in the Qualcomm chip that stems from improp...
PT-2023-18474 · Unknown · Automotive
Name of the Vulnerable Software and Affected Versions: Automotive affected versions not specified Description: The issue is related to a weak configuration in Automotive while the Virtual Machine VM is processing a listener request from the Trusted Execution Environment TEE. Recommendations: At t...
How to collect complete memory dump of a virtual machine on Nutanix AHV
To collect a complete memory dump of a virtual machine on Nutanix AHV...
RLSA-2023:5313 Important: open-vm-tools security update
The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools: SAML token signature bypass CVE-2023-20900 For...
RLSA-2023:5312 Important: open-vm-tools security update
The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools: SAML token signature bypass CVE-2023-20900 For...
AlmaLinux 8 : open-vm-tools (ALSA-2023:5312)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5312 advisory. - A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-...
Oracle Linux 8 : open-vm-tools (ELSA-2023-5312)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5312 advisory. 12.1.5-2.0.2.3 - Resolves: RHEL-4584 CVE-2023-20900 open-vm-tools: SAML token signature bypass Tenable has extracted the preceding description block directly fr...
open-vm-tools: SAML token signature bypass
An improper signature verification flaw was found in open-vm-tools that may lead to a bypass of SAML token signature. A malicious actor that has been granted Guest Operation Privileges in a target virtual machine may be able to elevate their privileges if that target virtual machine has been...
Important: Red Hat Security Advisory: open-vm-tools security update
An update for open-vm-tools is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: Red Hat Security Advisory: open-vm-tools security update
An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...