4438 matches found
Update Rollup 7 for System Center 2012 Virtual Machine Manager SP1
Update Rollup 7 for System Center 2012 Virtual Machine Manager SP1 Introduction This article describes the issues that are fixed in Update Rollup 7 for Microsoft System Center 2012 Virtual Machine Manager Service Pack 1 SP1. Additionally, this article contains the installation instructions for...
Update Rollup 6 for System Center 2012 Virtual Machine Manager Service Pack 1
Update Rollup 6 for System Center 2012 Virtual Machine Manager Service Pack 1 Summary This article describes the issues that are fixed in Update Rollup 6 for Microsoft System Center 2012 Virtual Machine Manager Service Pack 1 SP1. One update package is available for System Center 2012 Virtual...
Oracle VirtualBox Manager 5.2.18 r124319 - Name Attribute Denial of Service (PoC)
Oracle VirtualBox Manager 5.2.18 r124319 - Name Attribute Denial of Service PoC Exploit Title: Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service PoC Discovery by: Jose Eduardo Castro Discovery Date: 2018-09-14 Vendor Homepage: https://www.virtualbox.org/ Software Link:...
Update Rollup 1 for System Center 2016 Virtual Machine Manager
Update Rollup 1 for System Center 2016 Virtual Machine Manager Introduction This article describes the features that are available in Update Rollup 1 for Microsoft System Center 2016 Virtual Machine Manager. There are two updates available for System Center 2016 Virtual Machine Manager: one for...
Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service (PoC)
Exploit Title: Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service PoC Discovery by: Jose Eduardo Castro Discovery Date: 2018-09-14 Vendor Homepage: https://www.virtualbox.org/ Software Link:...
Droidefense - Advance Android Malware Analysis Framework
Droidefense originally named atom: a nalysis t hrough o bservation m achine is the codename for android apps/malware analysis/reversing tool. It was built focused on security issues and tricks that malware researcher have on they every day work. For those situations on where the malware has...
Windows Hyper-V Denial of Service Vulnerability
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the...
Windows Hyper-V Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source. To exploit this vulnerability, an attacker would need to reboot a guest virtual machine numerous times until the vulnerability is triggered. The security update addresses the...
UBUNTU-CVE-2018-10853
A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilegeCPL level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate...
CVE-2016-7071
It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions controls to VM IDs passed by users. A remote, authenticated attacker could use this flaw to execute arbitrary VMs on systems managed by CloudForms if they know the ID of the VM...
CVE-2018-16769
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because libRuntime.so!llvm::InstructionCombiningPass::runOnFunction is mishandled...
CVE-2018-16770
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because a certain newallocator allocate call fails...
CVE-2018-16770
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because a certain newallocator allocate call fails...
CVE-2018-16768
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in IR::FunctionValidationContext::end...
Heap overflow
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::popAndValidateOperand...
Heap overflow
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::else...
Code injection
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because libRuntime.so!llvm::InstructionCombiningPass::runOnFunction is mishandled...
Code injection
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because a certain newallocator allocate call fails...
CVE-2018-16766
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because Errors::unreachable is reached...
CVE-2018-16765
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::else...