Facebook HHVM 缓冲区错误漏洞

Facebook HHVM a.k.a. HipHop Virtual Machine is a virtual machine from Facebook Inc. that significantly improves the performance of loading dynamic pages in PHP. A vulnerability exists in HHVM. The following products and versions are affected: 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0,...

Katy Voor HHVM 缓冲区错误漏洞

Katy Voor HHVM is an open source application by Katy Voor. Provides an open source virtual machine designed to execute programs written in Hack. A security vulnerability exists in HHVM that allows memory to be read before memory buffers. The following products and versions are affected: HHVM...

Katy Voor HHVM 缓冲区错误漏洞

Katy Voor HHVM is an open source application by Katy Voor. Provides an open source virtual machine designed to execute programs written in Hack. A security vulnerability exists in HHVM that stems from a write out-of-bounds if a buffer is full. The following products and versions are affected: HHV...

Katy Voor HHVM 缓冲区错误漏洞

Katy Voor HHVM is an open source application by Katy Voor. Provides an open source virtual machine designed to execute programs written in Hack. A security vulnerability exists in HHVM that stems from a crypt function that allows the size of the input salt to be null to terminate the buffer witho...

Katy Voor HHVM 输入验证错误漏洞

Katy Voor HHVM is an open source application by Katy Voor. Provides an open source virtual machine designed to execute programs written in Hack. A security vulnerability exists in HHVM that stems from an incorrect string size calculation in the pregquote function, where a large input string passe...

Katy Voor HHVM 缓冲区错误漏洞

Katy Voor HHVM is an open source application by Katy Voor. Provides an open source virtual machine designed to execute programs written in Hack. A security vulnerability exists in HHVM that stems from an incorrect size calculation in ldap escaping when incoming input is too long, which may result...

Facebook HHVM 安全漏洞

Facebook HHVM a.k.a. HipHop Virtual Machine is a virtual machine from Facebook Inc. that significantly improves the performance of loading dynamic pages in PHP. A security vulnerability exists in HHVM. The following products and versions are affected: 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1,...

Azure LoLBins: Protecting against the dual use of virtual machine extensions

Azure Defender for Resource Manager offers unique protection by automatically monitoring the resource management operations in your organization, whether theyre performed through the Azure portal, Azure REST APIs, Azure CLI, or other Azure programmatic clients. In this blog, we will look into the...

Azure LoLBins: Protecting against the dual use of virtual machine extensions

Azure Defender for Resource Manager offers unique protection by automatically monitoring the resource management operations in your organization, whether theyre performed through the Azure portal, Azure REST APIs, Azure CLI, or other Azure programmatic clients. In this blog, we will look into the...

QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c

A reachable assertion vulnerability was found in the USB EHCI emulation code of QEMU. This issue occurs while processing USB requests due to missed handling of DMA memory map failure. This flaw allows a malicious privileged user within the guest to send bogus USB requests and crash the QEMU proce...

Azure Virtual Machine Information Disclosure Vulnerability

...

CVE-2021-26988

Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine SVM names, volume names,...

UBUNTU-CVE-2021-27379

An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service host OS crash or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were not always correct...

Virtual Machine does not start after moving it to another cluster

No description provided...

EulerOS 2.0 SP5 : dpdk (EulerOS-SA-2021-1241)

According to the versions of the dpdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copydata function leads to a buffer...

CVE-2020-8589

Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptible to a vulnerability which could allow unauthorized tenant users to discover the names of other Storage Virtual Machines SVMs and filenames on those SVMs...

Xen Security Vulnerabilities

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen 4.12....

OPENSUSE-SU-2021:0165-1 Security update for virtualbox

This update for virtualbox fixes the following issues: Version update to 6.1.18 released January 19 2021 This is a maintenance release. The following items were fixed and/or added: - Nested VM: Fixed hangs when executing SMP nested-guests under certain conditions on Intel hosts bug 19315, 19561 -...

Eclipse OpenJ9 缓冲区错误漏洞

Eclipse OpenJ9 is a Java application engine from the Eclipse Foundation. The product is primarily used to run Java applications. A buffer overflow vulnerability exists in Eclipse OpenJ9 versions prior to 0.23, which stems from a stack-based buffer overflow that can occur when the virtual machine ...

CVE-2021-1993

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Java VM...