USN-3930-2 linux-hwe, linux-azure vulnerabilities

USN-3930-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Mathias Payer and Hui Peng discovered a use-after-free vulnerability in the Advanced Linux Sou...

VMware Fusion Virtual Machine Side Remote Code Execution Vulnerability

VMware Fusion is a virtual machine software for the Mac operating system from VMware. A remote code execution vulnerability exists on the virtual machine side of VMware Fusion, which can be exploited by an attacker to execute arbitrary code on all virtual machines with VMware Tools installed via...

CVE-2019-5519

VMware ESXi 6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001, Workstation 15.x before 15.0.4, 14.x before 14.1.7, Fusion 11.x before 11.0.3, 10.x before 10.1.6 contain a Time-of-check Time-of-use TOCTOU vulnerability in the virtual USB 1.1 UHCI Universal Ho...

CVE-2019-5519

VMware ESXi 6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001, Workstation 15.x before 15.0.4, 14.x before 14.1.7, Fusion 11.x before 11.0.3, 10.x before 10.1.6 contain a Time-of-check Time-of-use TOCTOU vulnerability in the virtual USB 1.1 UHCI Universal Ho...

SUSE-SU-2019:14001-1 Security update for xen

This update for xen fixes the following issues: Security issues fixed: - Fixed multiple access violations introduced by XENMEMexchange hypercall which could allow a single PV guest to leak arbitrary amounts of memory, leading to a denial of service bsc1126192. - Fixed an issue which could allow a...

Commando VM: The First of Its Kind Windows Offensive Distribution

For penetration testers looking for a stable and supported Linux testing platform, the industry agrees that Kali is the go-to platform. However, if you’d prefer to use Windows as an operating system, you may have noticed that a worthy platform didn’t exist. As security researchers, every one of u...

DEBIAN-CVE-2019-3840

A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service...

DEBIAN-CVE-2019-7222

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak...

DEBIAN-CVE-2019-6778

In QEMU 3.0.0, tcpemu in slirp/tcpsubr.c has a heap-based buffer overflow...

DEBIAN-CVE-2019-7221

The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free...

Security Bulletin: A security vulnerability in IBM Java Runtime affects IBM Rational ClearQuest (CVE-2018-3180)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 6, 7 and 8, which are used by IBM Rational ClearQuest. These issues were disclosed as part of the IBM Java SDK updates in October 2018. Vulnerability Details CVEID: CVE-2018-3180 DESCRIPTION: A flaw in the JSSE...

Citrix Hypervisor Export Running VM - Export snapshot to file through CLI

...

UBUNTU-CVE-2019-7222

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak...

Intel Graphics Driver for Windows User Mode Driver Access Control Vulnerability

Intel Graphics Driver for Windows is an Intel graphics card driver for the Windows platform.User Mode Driver is one of the user mode drivers. A security vulnerability exists in the User Mode Driver of the Intel Graphics Driver for Windows platform, which arises from the program's failure to enfor...

CVE-2018-12223

Insufficient access control in User Mode Driver in IntelR Graphics Driver for Windows before versions 10.18.x.5059 aka 15.33.x.5059, 10.18.x.5057 aka 15.36.x.5057, 20.19.x.5063 aka 15.40.x.5063 21.20.x.5064 aka 15.45.x.5064 and 24.20.100.6373 potentially enables an unprivileged user to escape fro...

Improper access control

Insufficient access control in User Mode Driver in IntelR Graphics Driver for Windows before versions 10.18.x.5059 aka 15.33.x.5059, 10.18.x.5057 aka 15.36.x.5057, 20.19.x.5063 aka 15.40.x.5063 21.20.x.5064 aka 15.45.x.5064 and 24.20.100.6373 potentially enables an unprivileged user to escape fro...

CVE-2018-12223

CVE-2018-12223 is linked to Intel Graphics Driver for Windows* and is described in Intel’s advisory INTEL-SA-00189 as part of a family of vulnerabilities. The issue is caused by insufficient access control in the User Mode Driver, potentially enabling an unprivileged user to escape from a virtual...

CVE-2018-12223

Insufficient access control in User Mode Driver in IntelR Graphics Driver for Windows before versions 10.18.x.5059 aka 15.33.x.5059, 10.18.x.5057 aka 15.36.x.5057, 20.19.x.5063 aka 15.40.x.5063 21.20.x.5064 aka 15.45.x.5064 and 24.20.100.6373 potentially enables an unprivileged user to escape fro...

The vulnerability of the libvirt virtualization management package in the Astra Linux operating system, which allows a hacker to trigger a service failure

The vulnerability of the libvirt virtualization management package in the Astra Linux operating system is related to the incorrect assignment of token labels to external file storage systems with integrity control tokens enabled. Exploiting this vulnerability could allow an attacker to cause a...

50m-ctf: @ajxchapman 50m-ctf writeup

50m-ctf writeup TL;DR Flag is c8889970d9fb722066f31e804e351993, thanks for the challenge! Introduction My goal for this CTF was to primarily use tools and scripts that I had personally written to complete it. Throughout this challenge I used and extended my personal toolkit extensively. All the...