Facebook HHVM Data Forgery Issue Vulnerability

Facebook HHVM aka HipHop Virtual Machine is a virtual machine from Facebook that significantly improves the performance of loading dynamic pages in PHP. A data forgery issue vulnerability exists in Facebook HHVM versions prior to 3.9.5, 3.10.0 through 3.12.3, and 3.13.0 through 3.14.1, which stem...

CVE-2020-0306

In LLVM, there is a possible ineffective stack cookie placement due to stack frame double reservation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:...

Windows Hyper-V VM Enumeration

This module will check if the target machine is a Hyper-V host and, if it is, will return a list of all of the VMs running on the host, as well as stats such as their state, version, CPU Usage, uptime, and status. Module Options msf use post/windows/gather/enumhypervvms msf postenumhypervvms show...

CVE-2020-25490

Lack of cryptographic signature verification in the Sqreen PHP agent daemon before 1.16.0 makes it easier for remote attackers to inject rules for execution inside the virtual machine...

CVE-2020-25490

Lack of cryptographic signature verification in the Sqreen PHP agent daemon before 1.16.0 makes it easier for remote attackers to inject rules for execution inside the virtual machine...

CVE-2020-3990

VMware Workstation 15.x and Horizon Client for Windows 5.x before 5.4.4 contain an information disclosure vulnerability due to an integer overflow issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to leak memory from...

CVE-2020-3990

VMware Workstation 15.x and Horizon Client for Windows 5.x before 5.4.4 contain an information disclosure vulnerability due to an integer overflow issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to leak memory from...

Integer overflow

VMware Workstation 15.x and Horizon Client for Windows 5.x before 5.4.4 contain an information disclosure vulnerability due to an integer overflow issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to leak memory from...

CVE-2020-3990

VMware Workstation (15.x) and Horizon Client for Windows (5.x prior to 5.4.4) are affected by CVE-2020-3990 due to an integer overflow in Cortado ThinPrint. A local attacker with access to a guest VM can exploit this to disclose memory from the TPView process, only if virtual printing is enabled ...

FreeBSD-SA-20:28.bhyve_vmcs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:28.bhyvevmcs Security Advisory The FreeBSD Project Topic: bhyve privilege escalation via VMCS access Category: core Module: bhyve Announced: 2020-09-15...

RHEL 7 : openstack-nova (RHSA-2020:3708)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:3708 advisory. OpenStack Compute nova launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute...

AMD Radeon DirectX 11 Driver Vulnerabilities - Lenovo Support US

No description provided...

SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2020:2453-1)

This update for java-180-ibm fixes the following issues : Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 - Class Libraries : -...

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2020:2461-1)

This update for java-180-ibm fixes the following issues : Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 - Class Libraries : -...

SUSE-SU-2020:2461-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: -...

SUSE-SU-2020:2453-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 6 Fix Pack 15 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: -...

CVE-2020-15687

Missing access control restrictions in the Hypervisor component of the ACRN Project v2.0 and v1.6.1 allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads. This attack results in a corrupt state and...

Automate Virtual Machine Creation in Azure DevOps

See how you can enable more automation in your Microsoft® Azure® virtual machine infrastructure builds, deployments, and security implementation...

novnc: XSS vulnerability via the messages propagated to the status field

An XSS vulnerability was discovered in noVNC in which arbitrary HTML could be injected into the noVNC web page. An attacker having access to a VNC server could use target host values in a crafted URL to gain access to secure information such as VM tokens...

Important: Red Hat Security Advisory: RHV Manager (ovirt-engine) 4.4 security, bug fix, and enhancement update

Updated ovirt-engine packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...