CVE-2017-3817

A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System UCS Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in a UCS domain. More Information: CSCvc32434. Known Affected Releases: 5.50.1...

CVE-2017-3817

A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System UCS Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in a UCS domain. More Information: CSCvc32434. Known Affected Releases: 5.50.1...

CVE-2017-3817

CVE-2017-3817 affects Cisco UCS Director. The issue is an information-disclosure vulnerability due to improper role-based access checks in the RBAC for VM information; an authenticated remote attacker could view unauthorized VM data in a UCS domain. Affected releases include 5.5(0.1) and 6.0(0.0)...

Cisco UCS Director Virtual Machine Information Disclosure Vulnerability

A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System UCS Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in a UCS domain. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions...

The vulnerability of the Kernel Samepage Merging (KSM) component in the Linux operating system allows a hacker to influence the confidentiality of information.

The vulnerability of the Linux operating system’s Kernel Samepage Merging KSM component is related to the lack of protection for service data when the ASLR mechanism is used. Exploiting this vulnerability allows a local attacker to partially compromise the confidentiality of information through a...

Cisco UCS Director Virtual Machine Information Disclosure Vulnerability

A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System UCS Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in a UCS domain. The vulnerability is due to improper role-based user checks. An...

Denial Of Service (DoS)

XStream is vulnerable to denial of service attacks. A malicious user can cause the Java Virtual Machine to crash by passing a malicious XML or JSON file to the system...

CentOS 6 : libguestfs (CESA-2017:0564)

An update for libguestfs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

libguestfs, ocaml, perl, python, ruby security update

CentOS Errata and Security Advisory CESA-2017:0564 An update for libguestfs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

RHEL 6 : libguestfs (RHSA-2017:0564)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:0564 advisory. The libguestfs packages contain a library, which is used for accessing and modifying virtual machine VM disk images. Security Fixes: An integer...

RedHat Update for libguestfs RHSA-2017:0564-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VM Escape Earns Hackers $105K at Pwn2Own

Hackers managed to take down Microsoft Edge and escape a virtual machine to boot on the third day of Pwn2Own early Friday. Members from Qihoo’s 360 Security Team carried out the VM exploit, earning the group $105,000, by far the highest amount awarded to a group at the hacking challenge this week...

CVE-2017-0098

Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a denial of service via a crafted application, aka "Hyper-V Denial of Service Vulnerability." This vulnerability is different from those described in...

Github enterprise remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

Right now, almost everyone in the use of GitHub. If you have a lot of Green Paper or for your own code very paranoid, then you can run your own GitHub. Paid$ 2500 dollars, you can get a GitHub Enterprise version for 10 users for one year. In fact, Github enterprise is a virtual machine, but...

Multiple VMware Workstation Product Out-of-Bounds Read Denial of Service Vulnerabilities

VMware Workstation is a virtual machine software product from VMware. An out-of-bounds read denial of service vulnerability exists in multiple VMware Workstation products. An attacker could exploit this vulnerability to crash a virtual machine, resulting in a denial of service...

flash-plugin: multiple code execution issues fixed in APSB17-07

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution...

Hyper-V Denial of Service Vulnerability

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running ...

Hyper-V Denial of Service Vulnerability

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running ...

Hyper-V vSMB Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data. An attacker who successfully exploited these vulnerabilities could execute arbitrary code on a target operating system. To exploit these vulnerabilities, an attacker...

Hyper-V Denial of Service Vulnerability

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running ...