Design/Logic Flaw

DISPUTED An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10.1.2228.15. Despite configuring complete restrictions on USB pendrives, USB HDD devices, memory cards, USB connections to mobile devices, etc., it is still possible to bypass the USB...

ZOHO ManageEngine Device Control Plus 安全漏洞

ZOHO ManageEngine Device Control Plus is a USB device control software from ZOHO USA. It is used to control, block and monitor all removable devices connected to the computer. A security vulnerability exists in ZOHO ManageEngine Device Control Plus version 10.1.2228.15 that originates from the...

CVE-2022-47577

An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10.1.2228.15. Despite configuring complete restrictions on USB pendrives, USB HDD devices, memory cards, USB connections to mobile devices, etc., it is still possible to bypass the USB restrictions b...

PT-2022-17597 · Safe-Eval · Safe-Eval

Name of the Vulnerable Software and Affected Versions: safe-eval versions all Description: The issue allows an attacker to add or modify properties of the Object.prototype through Prototype Pollution when using the function safeEval. This is due to the function's use of the vm variable, enabling ...

CVE-2022-47577

An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10.1.2228.15. Despite configuring complete restrictions on USB pendrives, USB HDD devices, memory cards, USB connections to mobile devices, etc., it is still possible to bypass the USB restrictions b...

December 20, 2022—KB5022554 (OS Build 17763.3772) Out-of-band

December 20, 2022—KB5022554 OS Build 17763.3772 Out-of-band 10/11/22 REMINDER As of September 20, 2022, there are no more optional, non-security preview releases for the 2019 LTSC editions and Windows Server 2019. Only cumulative monthly security updates known as the "B" or Update Tuesday release...

December 20, 2022—KB5022553 (OS Build 20348.1368) Out-of-band

December 20, 2022—KB5022553 OS Build 20348.1368 Out-of-band 12/22/22 IMPORTANT After November 22, 2022, there are no more optional, non-security preview releases for Windows Server 2022. Only cumulative monthly security updates known as the "B" or Update Tuesday release will continue for Windows...

PT-2022-7140 · Zoho · Zoho Manageengine Device Control Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine Device Control Plus version 10.1.2228.15 Description: An issue in the endpoint protection agent of Zoho ManageEngine Device Control Plus allows bypassing USB restrictions by using a virtual machine VM, enabling file exchange...

CVE-2022-31705

VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller EHCI. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESX...

CVE-2022-31705

VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller EHCI. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESX...

PT-2022-7634 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a swiotlb bounce buffer leak in confidential VMs. The storvsc queuecommand function maps the scatter/gather list using scsi dma map, which allocates swiotlb...

hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions

A flaw was found in hw. In certain processors with Intel's Enhanced Indirect Branch Restricted Speculation eIBRS capabilities, soon after VM exit or IBPB command event, the linear address following the most recent near CALL instruction prior to a VM exit may be used as the Return Stack Buffer RSB...

kernel: KVM: VMX: Prevent RSB underflow before vmenter

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Prevent RSB underflow before vmenter On VMX, there are some balanced returns between the time the guest's SPECCTRL value is written, and the vmenter. Balanced returns matched by a preceding call are usually ok, but it's...

hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions

A flaw was found in hw. In certain processors with Intel's Enhanced Indirect Branch Restricted Speculation eIBRS capabilities, soon after VM exit or IBPB command event, the linear address following the most recent near CALL instruction prior to a VM exit may be used as the Return Stack Buffer RSB...

CVE-2022-23523

In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the linux-loader crate entering an infinite loop if...

CVE-2022-23523 rust-vmm linux-loader vulnerable to Out-of-bounds Read

In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the linux-loader crate entering an infinite loop if...

CVE-2022-23523

CVE-2022-23523 affects rust-vmm/linux-loader. In versions before 0.8.1, the loader uses offsets/sizes from ELF headers to locate data. If an ELF header is crafted so these offsets point beyond the file end, Virtual Machine Monitors loading kernels with linux-loader could enter an infinite loop. T...

PT-2022-5844 · Vmware · Vmware Esxi +2

Name of the Vulnerable Software and Affected Versions: VMware ESXi, Workstation, and Fusion affected versions not specified Description: A heap out-of-bounds write vulnerability in the USB 2.0 controller EHCI allows a malicious actor with local administrative privileges on a virtual machine to...

GHSA-52H2-M2CF-9JH6 linux-loader reading beyond EOF could lead to infinite loop

Impact The linux-loader crate used the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets pointed beyond the end of the file this could lead to an infinite loop. Virtual Machine Monitors using the linux-loader crate could enter an infinite loop i...

linux-loader reading beyond EOF could lead to infinite loop

Impact The linux-loader crate used the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets pointed beyond the end of the file this could lead to an infinite loop. Virtual Machine Monitors using the linux-loader crate could enter an infinite loop i...