Xen 安全漏洞

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in all...

USN-5468-1 linux, linux-aws, linux-aws-5.13, linux-azure, linux-azure-5.13, linux-gcp, linux-gcp-5.13, linux-hwe-5.13, linux-intel-5.13, linux-kvm, linux-oracle, linux-oracle-5.13, linux-raspi vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

USN-5467-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-azure-fde, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

CVE-2022-29255

CVE-2022-29255 affects the Vyper smart contract language prior to 0.3.4, where calling an external contract with no return value could cause the contract address (including side effects) to be evaluated twice. This double evaluation could lead to incorrect outcomes in contracts. The issue has bee...

Exploit for CVE-2022-30190

MS-MSDT Follina CVE-2022-30190 PoC Malicious docx generator t...

OpenStack Nova Live migration fails to update persistent domain XML

An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. By performing a soft reboot of an instance that has previously undergone live migration, a user may gain access to destination host devices that share the same paths ...

GHSA-C7W7-9C85-4QXV OpenStack Nova Live migration fails to update persistent domain XML

An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. By performing a soft reboot of an instance that has previously undergone live migration, a user may gain access to destination host devices that share the same paths ...

Solana Rbpf 输入验证错误漏洞

Solana Rbpf is a Rust Virtual Machine and Jit compiler for Ebpf programs from the Solana Foundation in Switzerland. A security vulnerability exists in Solana Rbpf versions prior to 0.2.29, which stems from an integer overflow problem. An attacker can exploit this vulnerability to cause a program ...

The vulnerability of the software registration process for Cisco Enterprise NFV Infrastructure Software (NFVIS) allows a perpetrator to execute arbitrary commands.

The vulnerability of the Cisco Enterprise NFV Infrastructure Software NFVIS software registration process is related to lack of access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by installing a virtual machine with created metadata...

Ransom.Conti MVID-2022-0602 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/7ba20fce7ac259f6062f73290c2e28cf.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Conti Vulnerability: Code Execution Description: Conti looks for and executes DLLs ...

Ransom.Conti MVID-2022-0603 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/6748dfe8e64dea2fc4c14691f7e766c6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Conti Vulnerability: Code Execution Description: Conti looks for and executes DLLs ...

Xtend Cross-Site Scripting Vulnerability

Xtend is a general-purpose high-level programming language for the Eclipse Foundation's Java Virtual Machine. Xtend Voice Logger version 1.0 has a security vulnerability that stems from a cross-site scripting vulnerability in the error page. An attacker can use the vulnerability to execute...

GHSA-784J-H234-M56X Protection Mechanism Failure in Jenkins Script Security Plugin

A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM...

USN-5416-1 linux-oem-5.14 vulnerabilities

Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. CVE-2022-1158 It was discovered that the implementation ...

CVE-2021-26339

A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers...

AMD CPUs 安全漏洞

AMD CPUs are a family of CPUs from AMD in the United States. A security vulnerability exists in AMD CPUs. An attacker exploits this vulnerability to trigger a CPU core hang using specific code from an unprivileged VM, leading to a potential denial of service...

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to modify, add, or delete data.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to remotely gain access to modify, add, or delete data through various network protocols...

PT-2022-9727 · Amd +1 · Amd Cpus +1

Name of the Vulnerable Software and Affected Versions: AMD CPU affected versions not specified Description: A bug in AMD CPU's core logic may allow an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang, resulting in a potential denial of service. The specific code...

kernel: iommu/amd: Fix I/O page table memory leak

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix I/O page table memory leak The current logic updates the I/O page table mode for the domain before calling the logic to free memory used for the page table. This results in IOMMU page table memory leak, and can be...

kernel: KVM: SVM: out-of-bounds read/write in sev_es_string_io

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...