Unspecified Vulnerability in Oracle Database Server OJVM Component

Oracle Database is a large database of commercial nature. An unspecified security vulnerability in the Oracle Database Server OJVM component could be exploited by remote attackers to compromise system confidentiality, integrity, and availability...

theZoo aka Malware DB

theZoo is a project created to make the possibility of malware analysis open and available to the public. Since we have found out that almost all versions of malware are very hard to come by in a way which will allow analysis we have decided to gather all of them for you in an available and safe...

Ubuntu 12.04 LTS : linux vulnerabilities (USN-2463-1)

A race condition with MMIO and PIO transactions in the KVM Kernel Virtual Machine subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service guest OS crash via a specially crafted application. CVE-2014-7842 The KVM kernel virtual machine...

Ubuntu 10.04 LTS : linux vulnerabilities (USN-2462-1)

Lars Bull reported a race condition in the PIT programmable interrupt timer emulation in the KVM Kernel Virtual Machine subsystem of the Linux kernel. A local guest user with access to PIT i/o ports could exploit this flaw to cause a denial of service crash on the host. CVE-2014-3611 Lars Bull an...

USN-2466-1 linux vulnerabilities

A null pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service system crash via a malformed INIT chunk. CVE-2014-7841 A race condition with MMIO and PIO transactions in the KV...

DEBIAN-CVE-2015-0361

Use-after-free vulnerability in Xen 4.2.x, 4.3.x, and 4.4.x allows remote domains to cause a denial of service system crash via a crafted hypercall during HVM guest teardown...

Facebook HipHop Virtual Machine Expected Access Restriction Bypass Vulnerability

Facebook HipHop Virtual Machine is a HipHop virtual machine developed by Facebook Inc. that significantly improves PHP performance for loading dynamic pages. Facebook HipHop Virtual Machine versions prior to 3.1.0 suffer from an Expected Access Restriction Bypass vulnerability that allows remote...

Facebook HipHop Virtual Machine crypgraphic protection mechanism bypass vulnerability

Facebook HipHop Virtual Machine is a HipHop virtual machine developed by Facebook Inc. that significantly improves PHP performance for loading dynamic pages. A crypgraphic protection mechanism bypass vulnerability exists in Facebook HipHop Virtual Machine versions prior to 3.3.0. The vulnerabilit...

Facebook HipHop Virtual Machine Information Disclosure Vulnerability

Facebook HipHop Virtual Machine is a HipHop virtual machine developed by Facebook Inc. that significantly improves PHP performance for loading dynamic pages. An information disclosure vulnerability exists in versions of Facebook HipHop Virtual Machine prior to 3.3.0, which allows remote attackers...

UBUNTU-CVE-2014-9767

Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/phpzip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/extzip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive...

CVE-2014-2208

CRLF injection vulnerability in the LightProcess protocol implementation in hphp/util/light-process.cpp in Facebook HipHop Virtual Machine HHVM before 2.4.2 allows remote attackers to execute arbitrary commands by entering a \n newline character before the end of a string...

CVE-2014-5386

CVE-2014-5386 affects Facebook HHVM: the mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp does not seed the random number generator before HHVM 3.3.0, which enables remote attackers to defeat cryptographic protections by reusing a single initialization vector. Root cause is lac...

PT-2014-8424 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.19 Description: The issue makes it easier for guest OS users to bypass the ASLR protection mechanism. This is achieved via a crafted application that reads a 16-bit value, exploiting the improper paravirt...

USN-2420-1: Linux kernel vulnerabilities

A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service kill arbitrary processes, or system disruption by leveraging /dev/kvm access...

USN-2417-1: Linux kernel vulnerabilities

Nadav Amit reported that the KVM Kernel Virtual Machine mishandles noncanonical addresses when emulating instructions that change the rip Instruction Pointer. A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service system crash of the guest. CVE-2014-3647 A flaw...

Ubuntu 12.04 LTS : linux vulnerabilities (USN-2417-1)

Nadav Amit reported that the KVM Kernel Virtual Machine mishandles noncanonical addresses when emulating instructions that change the rip Instruction Pointer. A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service system crash of the guest. CVE-2014-3647 A flaw...

DEBIAN-CVE-2014-9030

The dommuupdate function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMUMACHPHYSUPDATE...

UBUNTU-CVE-2014-8710

The decompresssigcompmessage function in epan/sigcomp-udvm.c in the SigComp UDVM dissector in Wireshark 1.10.x before 1.10.11 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet...

DEBIAN-CVE-2014-8594

The dommuupdate function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service NULL pointer dereference by leveraging hardware emulation services for HVM guests using Hardware Assisted Paging...

UBUNTU-CVE-2014-7840

The hostfromstreamoffset function in archinit.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted 1 offset or 2 length value in savevm data...