Lucene search
K

662 matches found

OSV
OSV
added 2022/01/05 5:15 p.m.0 views

DEBIAN-CVE-2021-28712

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

6.5CVSS6.4AI score0.00332EPSS
Exploits0References1
Prion
Prion
added 2022/01/05 5:15 p.m.34 views

Design/Logic Flaw

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

2.1CVSS6.7AI score0.00332EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2022/01/05 5:15 p.m.28 views

Design/Logic Flaw

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

2.1CVSS6.7AI score0.00332EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2022/01/05 5:15 p.m.22 views

Design/Logic Flaw

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

2.1CVSS6.7AI score0.00332EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2022/01/05 5:15 p.m.29 views

CVE-2021-28713

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

6.5CVSS6.8AI score0.00332EPSS
Exploits0References11
OSV
OSV
added 2022/01/05 5:15 p.m.0 views

UBUNTU-CVE-2021-28712

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

6.5CVSS6.7AI score0.00332EPSS
Exploits0References11
OSV
OSV
added 2022/01/05 5:15 p.m.3 views

UBUNTU-CVE-2021-28713

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

6.5CVSS6.7AI score0.00332EPSS
Exploits0References12
OSV
OSV
added 2022/01/05 5:15 p.m.5 views

UBUNTU-CVE-2021-28711

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

6.5CVSS6.7AI score0.00332EPSS
Exploits0References9
Cvelist
Cvelist
added 2022/01/05 4:10 p.m.29 views

CVE-2021-28713

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

7.3AI score0.00332EPSS
Exploits0References5
CVE
CVE
added 2022/01/05 4:10 p.m.183 views

CVE-2021-28713

CVE-2021-28713 affects the hvc_xen (console) backend in Xen, where a malicious driver-domain can generate high-frequency events to exhaust guest interrupt handling and cause a Denial of Service. The initial entry notes three affected backends (blkfront CVE-2021-28711, netfront CVE-2021-28712, hvc...

6.5CVSS6.9AI score0.00332EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2022/01/05 4:10 p.m.41 views

CVE-2021-28713

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

6.5CVSS6.5AI score0.00332EPSS
Exploits0
CVE
CVE
added 2022/01/05 4:10 p.m.206 views

CVE-2021-28712

The CVE-2021-28712 entry concerns Xen PV backends running in unprivileged driver domains. The root cause is that malicious driver domains can overwhelm guest interrupts by sending high-frequency events, causing Denial of Service. Three backends are affected: blkfront patch 1 (CVE-2021-28711), net...

6.5CVSS6.9AI score0.00332EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2022/01/05 4:10 p.m.55 views

CVE-2021-28712

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

6.5CVSS6.5AI score0.00332EPSS
Exploits0
Debian CVE
Debian CVE
added 2022/01/05 4:10 p.m.48 views

CVE-2021-28711

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

6.5CVSS6.5AI score0.00332EPSS
Exploits0
Cvelist
Cvelist
added 2022/01/05 4:10 p.m.22 views

CVE-2021-28711

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

7.3AI score0.00332EPSS
Exploits0References5
OSV
OSV
added 2021/12/29 5:15 p.m.1 views

DEBIAN-CVE-2021-23727

This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends result stores. When reading task metadata from the backend, the data is deserialized. Given that an attacker can gain access to, or somehow manipulate the metadata within a celery...

7.5CVSS7.6AI score0.03877EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/12/29 4:35 p.m.23 views

CVE-2021-23727 Stored Command Injection

This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends result stores. When reading task metadata from the backend, the data is deserialized. Given that an attacker can gain access to, or somehow manipulate the metadata within a celery...

7.5CVSS7.8AI score0.03877EPSS
Exploits1References3
Xen Project
Xen Project
added 2021/12/20 12:0 p.m.64 views

Rogue backends can cause DoS of guests via high frequency events

ISSUE DESCRIPTION Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "driver domains". Running PV backends in driver domains has one primary security advantage: if a driver domain gets compromised, it doesn't have the privileges to take over the...

6.5CVSS1.6AI score0.00332EPSS
Exploits0
FreeBSD
FreeBSD
added 2021/12/09 12:0 a.m.30 views

py39-celery -- command injection vulnerability

Snyk reports: This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends result stores. When reading task metadata from the backend, the data is deserialized. Given that an attacker can gain access to, or somehow manipulate the metadata within ...

7.5CVSS8.1AI score0.03877EPSS
Exploits1References2
OSV
OSV
added 2021/10/15 11:3 a.m.2 views

OESA-2021-1392 sane-backends security update

SANE Scanner Access Now Easy is a sane and simple interface to both local and networked scanners and other image acquisition devices like digital still and video cameras. Security Fixes: An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local...

4.3CVSS6.6AI score0.01006EPSS
Exploits1References2
Rows per page
Query Builder