4438 matches found
RedHat Update for qemu-kvm RHSA-2017:1430-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-4899
VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. An attacker may exploit this issue to crash the VM or trigger an out-of-bound read. Note: This issue can be triggered only when the host has no graphics card or no graphics drivers a...
USN-3312-2: Linux kernel (Xenial HWE) vulnerabilities
USN-3312-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the netfilter netlink implementation in the Linux kernel did no...
Power Managed Server VDA's does not receive shutdown request
Randomly some of the Power Managed Server VDA's receive a shutdown request approximately 20 mins after the scheduled reboot and do not power on automatically and remain Turned Off. Scout logs detect the following: Some Power Actions are marked as failures by Broker possibly because VDAs are not...
Parallels Desktop - Virtual Machine Escape Vulnerability
Exploit for windows platform in category local exploits + Title: Parallels Desktop - Virtual Machine Escape + Product: Parallels + Vendor: http://www.parallels.com/products/desktop/ + Affected Versions: All Version Author : Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Ma...
Parallels Desktop - Virtual Machine Escape
Title: Parallels Desktop - Virtual Machine Escape + Product: Parallels + Vendor: http://www.parallels.com/products/desktop/ + Affected Versions: All Version Author : Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Mail : meatrezadotes , reza.esparghamatgmaildotcom Website :...
Parallels Desktop - Virtual Machine Escape
Parallels Desktop - Virtual Machine Escape + Title: Parallels Desktop - Virtual Machine Escape + Product: Parallels + Vendor: http://www.parallels.com/products/desktop/ + Affected Versions: All Version Author : Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp...
Parallels Desktop 12.2.0 Virtual Machine Escape
Title:A Parallels Desktop - Virtual Machine Escape + Product: Parallels + Vendor: http://www.parallels.com/products/desktop/ + Affected Versions: All Version Author : Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Mail : meatrezadotes , reza.esparghamatgmaildotcom Website...
How to Troubleshoot Scheduled Snapshots issues
This article provides general guidance to troubleshoot VM Scheduled Snapshot VMSS issues...
QEMU elevation of privilege vulnerability (CNVD-2017-07298)
QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. An elevation of privilege vulnerability exists in QEMU. An attacker can exploit this vulnerability to elevate privileges in a virtual machine...
CVE-2017-2637
A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default by director listening on 0.0.0.0 all interfaces with no-authentication or encryption. Anyone able to make a TCP connection to any comput...
rhosp-director: libvirtd is deployed with no authentication
A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default by director listening on 0.0.0.0 all interfaces with no-authentication or encryption. Anyone able to make a TCP connection to any comput...
CentOS Update for qemu-guest-agent CESA-2017:1206 centos6
Check the version of qemu-guest-agent SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882712";...
Juniper Networks NorthStar Controller Information Disclosure Vulnerability
Juniper Networks NorthStar Controller is a powerful and flexible traffic engineering solution that enables granular visualization and control of IP/MPLS flows in carrier networks. An information disclosure vulnerability exists in Juniper Networks NorthStar Controller that could allow an...
DEBIAN-CVE-2017-8106
The handleinvept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service NULL pointer dereference and host OS crash via a single-context INVEPT instruction with a NULL EPT pointer...
Oracle Database Server Remote Vulnerability (CNVD-2017-06088)
Oracle Database Server is an object-relational database management system. It provides an open, comprehensive, and integrated approach to information management. A remote security vulnerability exists in the Oracle Database Server OJVM component, which can be exploited by a remote attacker to...
Important: Red Hat Security Advisory: qemu-kvm-rhev security update
An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
Windows Hyper-V Denial of Service Vulnerability
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual...
CVE-2017-3817
A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System UCS Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in a UCS domain. More Information: CSCvc32434. Known Affected Releases: 5.50.1...
Design/Logic Flaw
A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System UCS Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in a UCS domain. More Information: CSCvc32434. Known Affected Releases: 5.50.1...