Lucene search
K

183 matches found

Tenable Nessus
Tenable Nessus
added 2020/12/21 12:0 a.m.38 views

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:3881-1)

This update for xen fixes the following issues : CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...

8.8CVSS6.2AI score0.00438EPSS
Exploits0References24
OSV
OSV
added 2020/12/15 5:15 p.m.26 views

CVE-2020-29570

An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or buggy guest kernels c...

6.2CVSS8.6AI score
Exploits0References6
NVD
NVD
added 2020/12/15 5:15 p.m.15 views

CVE-2020-29570

An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or buggy guest kernels c...

6.2CVSS7.3AI score0.00373EPSS
Exploits0References6
OSV
OSV
added 2020/12/15 5:15 p.m.3 views

DEBIAN-CVE-2020-29570

An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or buggy guest kernels c...

6.2CVSS7.5AI score0.00373EPSS
Exploits0References1
OSV
OSV
added 2020/12/15 5:15 p.m.5 views

ALPINE-CVE-2020-29570

An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or buggy guest kernels c...

6.2CVSS6.8AI score0.00373EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/12/15 5:15 p.m.30 views

CVE-2020-29570

An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or buggy guest kernels c...

6.2CVSS6.9AI score0.00373EPSS
Exploits0References2
Prion
Prion
added 2020/12/15 5:15 p.m.25 views

Design/Logic Flaw

An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or buggy guest kernels c...

4.9CVSS7.2AI score0.00373EPSS
Exploits0References6Affected Software3
Debian CVE
Debian CVE
added 2020/12/15 5:1 p.m.32 views

CVE-2020-29570

An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or buggy guest kernels c...

6.2CVSS7.2AI score0.00373EPSS
Exploits0
Xen Project
Xen Project
added 2020/12/15 12:0 p.m.58 views

FIFO event channels control block related ordering

ISSUE DESCRIPTION Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. IMPACT Malicious or buggy guest kernels can mount a Denial of...

6.2CVSS3.3AI score0.00373EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2020/12/15 12:0 a.m.6 views

Xen Security Vulnerabilities

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime.Service is an individual developer's...

6.2CVSS6.9AI score0.00373EPSS
Exploits0References14
OSV
OSV
added 2019/05/29 9:29 p.m.5 views

CVE-2018-13365

An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow attackers to learn private IP as well as the hostname of FortiGate via Application Control Block page...

5.3CVSS5.8AI score0.00909EPSS
Exploits0References1
NVD
NVD
added 2019/05/29 9:29 p.m.28 views

CVE-2018-13365

An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow attackers to learn private IP as well as the hostname of FortiGate via Application Control Block page...

5.3CVSS5.3AI score0.00909EPSS
Exploits0References1
Prion
Prion
added 2019/05/29 9:29 p.m.24 views

Information disclosure

An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow attackers to learn private IP as well as the hostname of FortiGate via Application Control Block page...

5CVSS5.3AI score0.00909EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2019/05/29 8:50 p.m.13 views

CVE-2018-13365

An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow attackers to learn private IP as well as the hostname of FortiGate via Application Control Block page...

7.1AI score0.00909EPSS
Exploits0References1
CVE
CVE
added 2019/05/29 8:50 p.m.163 views

CVE-2018-13365

CVE-2018-13365 affects Fortinet FortiOS 6.0.1, 5.6.5 and earlier, where the Application Control Block page leaks the FortiGate’s private IP address and hostname. The root cause is information disclosure via the Application Control block page. Fortinet’s advisory FG-IR-18-085 (and related NT vulne...

5.3CVSS5.2AI score0.00909EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/04/05 12:0 a.m.45 views

Cisco IOS XE Software TCP Denial of Service Vulnerability

According to its self-reported version, Cisco IOS XE Software is affected by following vulnerability - A vulnerability in the TCP socket code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a state...

7.1CVSS6.8AI score0.02004EPSS
Exploits0References3
NVD
NVD
added 2018/09/28 1:29 p.m.23 views

CVE-2018-6925

In FreeBSD before 11.2-STABLEr338986, 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLEr338985, and 10.4-RELEASE-p13, due to improper maintenance of IPv6 protocol control block flags through various failure paths, an unprivileged authenticated local user may be able to cause a NULL pointer dereferen...

5.5CVSS5.2AI score0.00321EPSS
Exploits0References2
Prion
Prion
added 2018/09/28 1:29 p.m.16 views

Null pointer dereference

In FreeBSD before 11.2-STABLEr338986, 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLEr338985, and 10.4-RELEASE-p13, due to improper maintenance of IPv6 protocol control block flags through various failure paths, an unprivileged authenticated local user may be able to cause a NULL pointer dereferen...

4.9CVSS5.1AI score0.00321EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/09/28 1:0 p.m.48 views

CVE-2018-6925

In FreeBSD before 11.2-STABLE (r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE (r338985), and 10.4-RELEASE-p13, an unprivileged authenticated local user could trigger a NULL pointer dereference in the IPv6 protocol control block due to improper maintenance of IPv6 flags across failure pa...

5.5CVSS5.4AI score0.00321EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2015/01/12 3:59 p.m.14 views

Design/Logic Flaw

The evtchnfifosetpending function in Xen 4.4.x allows local guest users to cause a denial of service host crash via vectors involving an uninitialized FIFO-based event channel control block when 1 binding or 2 moving an event to a different VCPU...

4.9CVSS6.7AI score0.00415EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder