Open redirect

A flaw was found in podman. The podman machine function used to create and manage Podman virtual machine containing a Podman process spawns a gvproxy process on the host system. The gvproxy API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host's firewall...

UBUNTU-CVE-2021-4024

A flaw was found in podman. The podman machine function used to create and manage Podman virtual machine containing a Podman process spawns a gvproxy process on the host system. The gvproxy API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host's firewall...

CVE-2021-4024

CVE-2021-4024 affects Podman: the podman machine function launches gvproxy on the host, exposing an API on port 7777 bound to all IPs. If the host firewall allows this, an attacker could forward ports from the host to the VM, potentially exposing private VM services or disrupting host services. C...

Explanation of what Java API is ❓ Types. Examples

When the two most viable and essential application/software development comes together, programmers are allowed to have unmatched functionality. Java API Application Programming Interface is the perfect example of how to attain this. Acknowledged as a crucial entity for internal and open...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4ShellCVE-2021-44228 Demo !demo-scenariosimages/demo-...

Low: virt:rhel and virt-devel:rhel security update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

PT-2024-7106 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the KVM Kernel-based Virtual Machine component of the Linux kernel, specifically with the x86/mmu Memory Management Unit module. The problem arises when the...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228Log4Shell Test source code for Log4ShellCVE-2...

UBUNTU-CVE-2021-4093

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...

IBM PowerVM Hypervisor Denial of Service Vulnerability

IBM PowerVM Hypervisor is an application from IBM USA, Inc. provides a secure and scalable virtualization environment for applications built on the advanced RAS capabilities and leading performance of the Power Systems platform.A denial-of-service vulnerability exists in IBM PowerVM Hypervisor th...

CVE-2021-26340

A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to flush the Translation Lookaside Buffer TLB resulting in unexpected behavior inside the virtual machine VM...

CVE-2021-26340

CVE-2021-26340 is a published vulnerability affecting AMD SEV/SEV-ES environments. A malicious hypervisor with an unprivileged attacker process inside a guest VM may fail to flush the TLB, causing unexpected VM behavior and potential loss of integrity and confidentiality. Affected products includ...

AMD EPYC Embedded Processors 安全漏洞

AMD EPYC is an x86 server microprocessor product line from AMD, known as "Xiao Long" in Chinese, utilizing the Zen microarchitecture. A security vulnerability exists in AMD EPYC Embedded Processors, where an unprivileged process executed by a malicious hypervisor in a VM could maliciously take...

IBM PowerVM Hypervisor 安全漏洞

IBM PowerVM Hypervisor is an application from IBM USA, Inc. provides a secure and scalable virtualization environment for applications built on the advanced RAS capabilities and leading performance of the Power Systems platform.A denial-of-service vulnerability exists in IBM PowerVM Hypervisor th...

IBM PowerVM Hypervisor 安全漏洞

IBM PowerVM Hypervisor is an application from Universal Business Machines IBM, Inc. provides a secure and scalable virtualization environment for applications that are built on the advanced RAS capabilities and leading performance of the Power Systems platform.A security vulnerability exists in I...

Qualcomm SDX55和QCA6390 访问控制错误漏洞

The Qualcomm SDX55 and QCA6390 are both products of Qualcomm Incorporated.The SDX55 is a modem.The QCA6390 is a central processing unit CPU product. The Access Control Error vulnerability exists in multiple Qualcomm products and stems from improper privilege masking in the products, which allows ...

UBUNTU-CVE-2021-43415

HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated users with job submission capabilities to bypass the configured allowed image paths. Fixed in 1.0.14, 1.1.8, and 1.2.1...

USN-5165-1 linux-oem-5.14 vulnerabilities

It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface NCI implementation. A local attacker could possibly use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-3760 It was discovered...

CVE-2021-4024

A flaw was found in podman. The podman machine function used to create and manage Podman virtual machine containing a Podman process spawns a gvproxy process on the host system. The gvproxy API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host's firewall...

Exploit for Path Traversal in Microsoft

CVE-2021-40444 PoC Malicious docx generator to exploit CVE-20...