4452 matches found
Parallels Desktop IDE Heap Buffer Overflow Elevation of Privilege Vulnerability
Parallels Desktop is a virtual machine software that runs on Mac computers. A security vulnerability exists in the IDE virtual appliance in Parallels Desktop version 15.1.5-47309. The vulnerability stems from not properly validating the length of user-supplied data before copying it to a...
Parallels Desktop IDE Out-of-Bounds Read Information Disclosure Vulnerability (CNVD-2021-34192)
Parallels Desktop is a virtual machine software that runs on Mac computers. An information disclosure vulnerability exists in the IDE virtual appliance in Parallels Desktop version 15.1.5-47309. The vulnerability stems from a lack of proper validation of user-supplied data. A local attacker could...
awesome-virtualization
It is an offensive tool for virtualization. The repository contains a curated list of awesome resources about virtualization, including books, courses, and papers on the topic. The resources cover various aspects of virtualization, including software and hardware techniques, virtual machine...
CVE-2021-2234
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Java VM...
Oracle Database Server Input Validation Error Vulnerability (CNVD-2021-33861)
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. Oracle Database Server suffers from an input validation error vulnerability that...
Oracle VM VirtualBox Input Validation Error Vulnerability (CNVD-2021-30041)
Oracle VM VirtualBox is a virtual machine management software from Oracle. Oracle VM VirtualBox suffers from an input validation error vulnerability that stems from an input validation error in the core components of Oracle VM VirtualBox. No detailed vulnerability details are provided at this tim...
Oracle Database Server 输入验证错误漏洞
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. Oracle Database Server suffers from an input validation error vulnerability that...
PT-2021-8008 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the KVM Kernel-based Virtual Machine subsystem in the Linux kernel. It involves a problem with the kvm io bus unregister dev function, which can lead to a delet...
CVE-2020-36310
A flaw was found in the Linux kernel. A nested page fault is created when an address does not have a memslot associated to it. The highest threat from this vulnerability is to system availability. This flaw can be triggered using a malformed Virtual Machine. When triggered this bug will lead to t...
The vulnerabilities in the arch/s390/kvm/kvm-s390.c component, include/linux/kvm_host.h, and virt/kvm/kvm_main.c files of the Kernel-Based Virtual Machine (KVM) virtualization subsystem in Linux operating systems allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the arch/s390/kvm/kvm-s390.c component, include/linux/kvmhost.h, and virt/kvm/kvmmain.c file in the KVM virtualization subsystem of Linux operating systems is due to a buffer overflow issue. Exploiting this vulnerability could allow an attacker to compromise the...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in versions of Linux kernel prior to 5.7, which stems from the KVM subsystem allowing out-of-scope access after deletion. No...
Linux kernel 安全漏洞
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in arch/x86/kvm/svm/sev.c in Linux kernel versions prior to 5.9. An attacker...
UAC - Unix-like Artifacts Collector
UAC is a Live Response collection tool for Incident Response that makes use of built-in tools to automate the collection of Unix-like systems artifacts. It respects the order of volatility and artifacts that are changed during the execution. It was created to facilitate and speed up data...
"Cannot Start App" when launching published applications
"Cannot start app" seen when launching applications Event ID 1101 seen in Delivery Controllers application event logs: "The Citrix Broker Service failed to broker a connection for to . The Citrix Broker Service cannot find any available virtual machines."...
CVE-2021-27075
Azure Virtual Machine Information Disclosure Vulnerability...
Information disclosure
Azure Virtual Machine Information Disclosure Vulnerability...
CVE-2021-27075 Azure Virtual Machine Information Disclosure Vulnerability
...
UBUNTU-CVE-2020-1899
The unserialize function supported a type code, "S", which was meant to be supported only for APC serialization. This type code allowed arbitrary memory addresses to be accessed as if they were static StringData objects. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56....
UBUNTU-CVE-2020-1898
The fbunserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to recurse, leading to stack exhaustion. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58....
Facebook HHVM 资源管理错误漏洞
Facebook HHVM a.k.a. HipHop Virtual Machine is a virtual machine from Facebook Inc. that significantly improves the performance of loading dynamic pages in PHP. A security vulnerability exists in HHVM, which arises from the deserialization of objects with dynamic attributes, resulting in the...