4452 matches found
How to capture a full memory dump from a PVS target running on Azure
This article will cover the steps necessary to prepare an Azure VM running PVS to be able to capture a full memory dump...
Intel® Processors Post Invalidation RSB Advisory
Summary: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing prescriptive guidance to address this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-26373 Description: Non-transparent sharing of return predictor targets...
CVE-2022-31609
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin, where it allows the guest VM to allocate resources for which the guest is not authorized. This vulnerability may lead to loss of data integrity and confidentiality, denial of service, or information disclosure...
UBUNTU-CVE-2022-31609
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin, where it allows the guest VM to allocate resources for which the guest is not authorized. This vulnerability may lead to loss of data integrity and confidentiality, denial of service, or information disclosure...
DEBIAN-CVE-2022-1158
A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...
CVE-2022-1158
A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...
[SECURITY] Fedora 36 Update: xe-guest-utilities-latest-7.30.0-6.fc36
Scripts for monitoring XAPI project virtual machine. Writes distribution version information and IP address to XenStore. This package follows the latest version of xe-guest-utilities upstream...
CLSA-2022-1659018147 Fixed CVE-2021-22543 in kernel
KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22543...
Demo: Your data has been encrypted! Stopping ransomware attacks with Malwarebytes EDR
It’s no secret that ransomware is one of the most pressing cyber threats of our day. What worse, ransomware gangs have increased their attacks on a range of vulnerable industries, with disruptions to business operations, million-dollar ransom demands, data exfiltration, and extortion. With...
Security Bulletin: Multiple vulnerabilities in the IBM Java Runtime affect IBM Rational ClearCase ( CVE-2021-35578, CVE-2021-35603, CVE-2021-35550, CVE-2021-35561, CVE-2022-21299 )
Summary There are vulnerabilities in the IBM® Runtime Environment Java™ Versions 7 and 8, which is used by IBM Rational ClearCase. These issues were disclosed as part of the IBM Java SDK updates in October 2021 and January 2022. Vulnerability Details CVEID:CVE-2021-35578 DESCRIPTION: An unspecifi...
The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to read, modify, or delete data.
The vulnerability of the Java VM component of the Oracle Database Server management system is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, or delete data using the Oracle Net protoc...
[SECURITY] Fedora 35 Update: xe-guest-utilities-latest-7.30.0-4.fc35
Scripts for monitoring XAPI project virtual machine. Writes distribution version information and IP address to XenStore. This package follows the latest version of xe-guest-utilities upstream...
[SECURITY] Fedora 36 Update: xe-guest-utilities-latest-7.30.0-4.fc36
Scripts for monitoring XAPI project virtual machine. Writes distribution version information and IP address to XenStore. This package follows the latest version of xe-guest-utilities upstream...
Frontier 安全漏洞
Frontier is an EtherCompatible layer for Substrate. It is used to run unmodified Ethernet Dapps. Frontier suffers from a security vulnerability that stems from the truncation done during the conversion between EVM Balance Type and Substrate Balance Type being incorrectly implemented, resulting in...
The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain access to modify, add, or delete data, or cause the system to crash or fail in rare cases.
The vulnerability of the Core component in Oracle VM VirtualBox exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to modify, add, or delete data, or cause the system to freeze or, in rare cases, crash...
Norimaci - Simple And Lightweight Malware Analysis Sandbox For macOS
"Norimaci" is a simple and lightweight malware analysis sandbox for macOS. This tool was inspired by "Noriben". Norimaci uses the features of OpenBSM or Monitor.app to monitor macOS system activity instead of Sysinternals Process Monitor procmon. Norimaci consists of 3 Python scripts. norimaci.py...
Malicious code in arm-sqlvirtualmachine (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 14a2084b932667f6e52786faf8f2f0708155d56015177b79b6a9c7f8954a9d75 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-21180
Improper input validation for some IntelR Processors may allow an authenticated user to potentially cause a denial of service via local access...
The vulnerability of the Java VM component of the Oracle Database Server system allows a hacker to cause partial service disruption.
The vulnerability of the Java VM component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a partial service failure using the Oracle Net network protocol...
PYSEC-2022-43053
Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions prior to 0.3.4 when a calling an external contract with no return value, the contract address including side effects could be evaluated twice. This may result in incorrect outcomes for contracts. This issue...