Oracle VM VirtualBox Access Control Error Vulnerability (CNVD-2021-08016)

Oracle Virtualization is a set of virtualization solutions from Oracle Corporation. The product is used to unify the management of the entire hardware and software system from applications to disks, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the virtual...

PT-2025-27667 · Hashicorp · Hashicorp Vagrant

Name of the Vulnerable Software and Affected Versions: HashiCorp Vagrant affected versions not specified Description: An authenticated virtual machine escape issue exists in HashiCorp Vagrant when using the default synced folder configuration. This configuration automatically mounts the host...

Oracle Database Server 授权问题漏洞

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in the Java VM component of Oracle Database Server. An...

Oracle Virtualization 安全漏洞

Oracle Virtualization is a set of virtualization solutions from Oracle Corporation. The product is used to unify the management of the entire hardware and software system from applications to disks, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the virtual...

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2021:0032-1)

This update for java-180-ibm fixes the following issues : Update to Java 8.0 Service Refresh 6 Fix Pack 20 bsc1180063,bsc1177943 CVE-2020-14792 CVE-2020-14797 CVE-2020-14781 CVE-2020-14779 CVE-2020-14798 CVE-2020-14796 CVE-2020-14803 - Class libraries : - SOCKETADAPTOR$SOCKETINPUTSTREAM.READ is...

SUSE-SU-2021:0032-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 6 Fix Pack 20 bsc1180063,bsc1177943 CVE-2020-14792 CVE-2020-14797 CVE-2020-14781 CVE-2020-14779 CVE-2020-14798 CVE-2020-14796 CVE-2020-14803 Class libraries: - SOCKETADAPTOR$SOCKETINPUTSTREAM.READ is...

SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2020:3932-1)

This update for java-180-ibm fixes the following issues : Update to Java 8.0 Service Refresh 6 Fix Pack 20 bsc1180063,bsc1177943 CVE-2020-14792 CVE-2020-14797 CVE-2020-14781 CVE-2020-14779 CVE-2020-14798 CVE-2020-14796 CVE-2020-14803 - Class libraries : - SOCKETADAPTOR$SOCKETINPUTSTREAM.READ is...

SUSE-SU-2020:3932-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 6 Fix Pack 20 bsc1180063,bsc1177943 CVE-2020-14792 CVE-2020-14797 CVE-2020-14781 CVE-2020-14779 CVE-2020-14798 CVE-2020-14796 CVE-2020-14803 Class libraries: - SOCKETADAPTOR$SOCKETINPUTSTREAM.READ is...

CVE-2020-3999

VMware ESXi 7.0 prior to ESXi70U1c-17325551, VMware Workstation 16.x prior to 16.0 and 15.x prior to 15.5.7, VMware Fusion 12.x prior to 12.0 and 11.x prior to 11.5.7 and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicious...

Input validation

VMware ESXi 7.0 prior to ESXi70U1c-17325551, VMware Workstation 16.x prior to 16.0 and 15.x prior to 15.5.7, VMware Fusion 12.x prior to 12.0 and 11.x prior to 11.5.7 and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicious...

CVE-2020-3999

VMware ESXi 7.0 prior to ESXi70U1c-17325551, VMware Workstation 16.x prior to 16.0 and 15.x prior to 15.5.7, VMware Fusion 12.x prior to 12.0 and 11.x prior to 11.5.7 and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicious...

Security Bulletin: Multiple vulnerabilities in the IBM Java Runtime affect IBM Rational ClearQuest

Summary There are multiple vulnerabilities in the IBM® Runtime Environment Java™ Versions 7 and 8, which are used by IBM Rational ClearQuest. These issues were disclosed in the IBM Java SDK updates in July 2020. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details CVEI...

PT-2020-5285 · Vmware · Vmware Workstation +3

Name of the Vulnerable Software and Affected Versions: VMware ESXi versions 7.0 prior to ESXi70U1c-17325551 VMware Workstation versions 16.x prior to 16.0 and 15.x prior to 15.5.7 VMware Fusion versions 12.x prior to 12.0 and 11.x prior to 11.5.7 VMware Cloud Foundation affected versions not...

UBUNTU-CVE-2020-29480

An issue was discovered in Xen through 4.14.x. Neither xenstore implementation does any permission checks when reporting a xenstore watch event. A guest administrator can watch the root xenstored node, which will cause notifications for every created, modified, and deleted key. A guest...

CVE-2020-29480

Xen CVE-2020-29480 affects Xen up to 4.14.x. Xenstore watches lack permission checks, enabling a guest administrator to observe root xenstore notifications for all created, modified, and deleted keys and domain lifecycle events. The watch data may reveal counts/identities of other VMs, domains, d...

Xen Security Vulnerabilities

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. A security vulnerability exists in Xen 4....

Xen Code Issues Vulnerabilities

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen versi...

Fedora: Security Advisory for libslirp (FEDORA-2020-77f93f41be)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: libslirp-4.3.1-3.fc32

A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services...

CVE-2017-14451

CVE-2017-14451 is an exploitable out-of-bounds read in libevm (CPP‑Ethereum). The root cause, per TALOS/Red Hat/NVD details, is the pow2N function returning exp[_n] without bounds checks, with exp defined as size 6. The _type parameter (0–255) can drive laneCount/laneWidth to values beyond the ar...