VMware ESXi 缓冲区错误漏洞

VMware ESXi is a server virtualization platform from VMware that can be installed directly on physical servers. A security vulnerability exists in VMware ESXi| vCenter Server that originates from a contained heap overflow, which could be exploited by an attacker to achieve partial information...

VMware ESXi 代码问题漏洞

VMware ESXi is a server virtualization platform from VMware that can be installed directly on physical servers. A security vulnerability exists in VMware ESXi versions 6.5, 6.7, and 7.0, and VMware Cloud Foundation versions 3.x and 4.x series, which stems from a null pointer dereference, and can ...

Building on Your Existing DAM Instance is Smart Budget Planning

For organizations that use it, Imperva’s DAM Gateway is the workhorse of data auditing and security. Today, the explosion of data and data repositories that organizations need to manage - both on-premises and in cloud environments - requires a more flexible, higher-capacity technology platform to...

The vulnerability of the XHCI controllers in VMware ESXi, VMware Workstation, VMware Fusion, and the VMware Cloud Foundation virtualization platform allows a perpetrator to execute arbitrary code.

The vulnerability of the XHCI controllers in VMware ESXi, VMware Workstation, VMware Fusion, and the VMware Cloud Foundation virtualization platform relates to the use of memory after deallocation. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

Siemens Teamcenter

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Teamcenter Vulnerability: Privilege Defined with Unsafe Actions, Authorization Bypass Through User-Controlled Key, Improper Restriction of XML External Entity Reference 2. RISK...

VMware ESXi 授权问题漏洞

Vmware VMware ESXi is a server virtualization platform from Vmware that can be installed directly on physical servers. An authorization issue vulnerability exists in VMware ESXi, which stems from a vulnerability in the product's SFCB authentication feature, which allows an attacker to bypass SFCB...

CVE-2021-25653

A privilege escalation vulnerability was discovered in Avaya Aura Appliance Virtualization Platform Utilities AVPU that may potentially allow a local user to escalate privileges. Affects 8.0.0.0 through 8.1.3.1 versions of AVPU...

CVE-2021-25652 Avaya Aura Appliance Virtualization Platform Utilities Sensitive Information Disclosure Vulnerability

An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Appliance Virtualization Platform Utilities AVPU. This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be...

Versa Networks Versa Director 安全漏洞

Versa Networks Versa Director is a virtualization and service creation platform from Versa Networks, USA. It simplifies the creation, automation and delivery of services using Versa FlexVNF. A security vulnerability exists in Versa Director that stems from an unencrypted backup file containing...

The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system allows a hacker to gain increased privileges.

The vulnerability of the Hyper-V hardware virtualization technology in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

DEBIAN-CVE-2020-27777

A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down usually due to Secure Boot guest system running on top of PowerVM or KVM hypervisors pseries platform a root like local user could use this flaw to further increase their privileges to...

The vulnerability of the USB 2.0 controller EHCI in VMware ESXi, VMware Workstation, and VMware Fusion allows a attacker to execute arbitrary code.

The vulnerability of the USB 2.0 controller EHCI in VMware ESXi, VMware Workstation, and VMware Fusion stems from synchronization errors when using shared resources „Race Conditions“. Exploiting this vulnerability allows an attacker to execute arbitrary code...

CVE-2020-3965

VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.2, and Fusion 11.x before 11.5.2 contain an information leak in the XHCI USB controller. A malicious actor with local access to a virtual machine may b...

Haaukins - A Highly Accessible And Automated Virtualization Platform For Security Education

Haaukins is a highly accessible and automated virtualization platform for security education, it has three main components Docker, Virtualbox and Golang, the communication and orchestration between the components managed using Go programming language. The main reason of having Go environment to...

HPE 3PAR Service Processor Security Restriction Bypass Vulnerability

HPE 3PAR Service Processor SP is a suite of virtual service processors deployed on the VMware vSphere hypervisor from HPE, USA. A remote security restriction bypass vulnerability exists in HPE 3PAR Service Processor versions prior to 5.0.5.1. An attacker could exploit this vulnerability to bypass...

Vmware ESXi, Workstation and Fusion Buffer Overflow Vulnerability (CNVD-2019-27445)

VMware ESXi is a server virtualization platform that can be installed directly on physical servers. VMware Workstation is a suite of virtual machine software. VMware Fusion is a suite of virtual machine software specifically designed to run Windows applications on Macs. VMware Fusion is a set of...

CVE-2019-0550

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019...

Citrix XenServer Local Memory Disclosure Vulnerability (CTX235225)

The version of Citrix XenServer running on the remote host is missing a security hotfix. It is, therefore, affected by a local memory disclosure vulnerability. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid110265; scriptversion"1.7";...

CVE-2017-0169

An information disclosure vulnerability exists when Windows Hyper-V running on a Windows 8.1, Windows Server 2012. or Windows Server 2012 R2 host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure...

Xen elevation of privilege vulnerability (CNVD-2016-11704)

Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen suffers from an elevation of...