Security Bulletin: A vulnerability in the IBM Java Runtime affects IBM Rational ClearCase (CVE-2022-21626)

Summary There are vulnerabilities in the IBM® Runtime Environment Java™ Versions 7 and 8, which is used by IBM Rational ClearCase. These issues were disclosed as part of the IBM Java SDK updates in Oct 2022 - Includes Oracle October 2022 CPU Vulnerability Details CVEID:CVE-2022-21626 DESCRIPTION:...

PT-2023-34736 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.8 Description: The issue concerns the use of threaded irqs instead of tasklets in the VMCI. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions pri...

The vulnerability of the JSE component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a hacker to induce a service failure.

The vulnerability of the JSE component of Oracle Java SE software and the Oracle GraalVM Enterprise Edition virtual machine is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures...

DEBIAN-CVE-2022-47951

An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, a...

hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions

A flaw was found in hw. In certain processors with Intel's Enhanced Indirect Branch Restricted Speculation eIBRS capabilities, soon after VM exit or IBPB command event, the linear address following the most recent near CALL instruction prior to a VM exit may be used as the Return Stack Buffer RSB...

OpenStack 路径遍历漏洞

OpenStack is a cloud platform management program of the National Aeronautics and Space Administration NASA. A security vulnerability exists in OpenStack Cinder, glance, and nova, which stems from the fact that by providing a specially created VMDK flat image that references the path to a specific...

RLSA-2023:0194 Moderate: java-17-openjdk security and bug fix update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: handshake DoS attack against DTLS connections JSSE, 8287411 CVE-2023-21835 OpenJDK: soundbank URL remote loading Sound, 8293742 CVE-2023-21843 Fo...

CVE-2022-39429

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of...

Speculative execution attacks in KVM VMX

...

CVE-2021-26403

Insufficient checks in SEV may lead to a malicious hypervisor disclosing the launch secret potentially resulting in compromise of VM confidentiality...

PT-2023-1484 · Amd · Amd Secure Encrypted Virtualization

Name of the Vulnerable Software and Affected Versions: AMD Secure Encrypted Virtualization SEV affected versions not specified Description: The issue is related to insufficient input validation in the implementation of AMD Secure Encrypted Virtualization SEV microcode in AMD processors. This coul...

UBUNTU-CVE-2022-2196

A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM L0 advertising eIBRS support to L1. An attacker at L2 with code...

PT-2025-37700

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.0-rc4 Description: The Linux kernel contains a flaw in the VMCI subsystem where a call to get user pages fast in vmci host setup notify can return a NULL value for context-notify page, leading to a general...

NVIDIA vGPU Display Driver 安全漏洞

The NVIDIA GPU Display Driver is an American NVIDIA driver for interactive support of graphics card display modules in operating systems. A security vulnerability exists in the NVIDIA vGPU Display Driver that originates in the D-Bus configuration file, where an unauthorized user in a guest VM can...

PT-2025-18797

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc7+ Description A NULL pointer dereference bug has been identified in the Linux kernel, specifically in the KVM Kernel-based Virtual Machine module. The issue arises when the kvm init function is called...

GuLoader’s Advanced Anti-Analysis Techniques

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary GuLoader is an advanced malware downloader that uses polymorphic shellcode to bypass traditional security solutions. In GuLoader, all embedded DJB2 hash values are mapped against every API used by the...

Unspecified Vulnerability in ZOHO ManageEngine Device Control Plus

ZOHO ManageEngine Device Control Plus is a USB device control software from ZOHO USA. It is used to control, block and monitor all removable devices connected to the computer. A security vulnerability exists in ZOHO ManageEngine Device Control Plus version 10.1.2228.15 that originates from the...

CVE-2022-47577

An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10.1.2228.15. Despite configuring complete restrictions on USB pendrives, USB HDD devices, memory cards, USB connections to mobile devices, etc., it is still possible to bypass the USB restrictions b...

CVE-2022-47577

An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10.1.2228.15. Despite configuring complete restrictions on USB pendrives, USB HDD devices, memory cards, USB connections to mobile devices, etc., it is still possible to bypass the USB restrictions b...

CVE-2022-47577

An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10.1.2228.15. Despite configuring complete restrictions on USB pendrives, USB HDD devices, memory cards, USB connections to mobile devices, etc., it is still possible to bypass the USB restrictions b...