HPSBHF03586 rev. 1 - DCI Policy Update

Potential Security Impact Information disclosure and escalation of privilege via limited physical presence. Source: HP, HP Product Security Response Team PSRT Reported by: Intel VULNERABILITY SUMMARY Intel platforms, starting with Skylake, support a USB 3-based debugging interface a.k.a. Direct...

CVE-2018-12893

An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leadi...

CVE-2018-12893

An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leadi...

Hardcoded credentials

An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leadi...

UBUNTU-CVE-2018-12893

An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leadi...

CVE-2018-12893

An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leadi...

CVE-2018-12893

An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leadi...

CVE-2018-12893

An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leadi...

Medtronic MyCareLink Patient Monitor Exposes Dangerous Method or Function Vulnerability

MyCareLink Patient Monitor is a patient monitor product developed by Medtronic, Inc. The Medtronic MyCareLink Patient Monitor has an Exposed Danger Method or Function vulnerability that can be exploited by an attacker with physical access to the device to access debugging functions of the monitor...

Xen Denial of Service Vulnerability (CNVD-2018-15166)

Xen is an open source virtual machine monitor, developed by the University of Cambridge. It is intended to run up to 101 full-featured operating systems on a single computer. Xen suffers from a denial-of-service vulnerability, which is caused by a Xen debugging trigger anomaly, that can be...

x86: #DB exception safety check can be triggered by a guest

ISSUE DESCRIPTION One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. IMPACT A malicious PV guest can crash Xen, leading to a Denial of...

PT-2018-11456 · Xen +1 · Xen +1

Name of the Vulnerable Software and Affected Versions: Xen versions prior to 4.11 Description: An issue in Xen allows a malicious PV guest to crash the system, leading to a Denial of Service. The vulnerability can be triggered by a guest and is caused by an oversight in safety checks added to...

PHPinfo Information Disclosure

Many PHP installation tutorials instruct the user to create a PHP file that calls the PHP function 'phpinfo' for debugging purposes, and various PHP applications may also include such a file by default. By accessing it, a remote attacker can discover a large amount of information about the remote...

The MIPS buffer overflow vulnerability practice-vulnerability warning-the black bar safety net

This practice from the learn-decrypt router vulnerability notes, and summaries. Mainly used to review and consolidate the entire process, the entire process is not very smooth, the main problem in the point that the overflow function of the address determination. This write your own exploit code ...

Energy-warning! Be wary EnMiner mining kill-vulnerability warning-the black bar safety net

Recently, sangfor found a high strength of the virus against the behavior of the new mining virus, its viral mechanisms and conventional mining large difference, once infected, the cleanup is extremely difficult. Currently the virus in the outbreak early, sangfor has this virus named EnMiner mini...

CVE-2018-12522

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard MaDDash 2.0.2. A direct request to /style/ provides a directory listing...

CVE-2018-12525

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard MaDDash 2.0.2. A direct request to /images/ provides a directory listing...

Design/Logic Flaw

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard MaDDash 2.0.2. A direct request to /images/ provides a directory listing...

CVE-2018-12524

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard MaDDash 2.0.2. A direct request to /lib/ provides a directory listing...

CVE-2018-12522

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard MaDDash 2.0.2. A direct request to /style/ provides a directory listing...