Lucene search
K

60 matches found

Tenable Nessus
Tenable Nessus
added 2021/04/29 12:0 a.m.35 views

Xen Paging Tables Race Condition (XSA-328)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by an issue allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, X...

7.8CVSS8AI score0.00276EPSS
Exploits0References2
Kitploit
Kitploit
added 2021/01/02 11:30 a.m.63 views

HyperDbg - The Source Code Of HyperDbg Debugger

HyperDbg is designed with a focus on using modern hardware technologies to provide new features to the reverse engineering world. It operates on top of Windows by virtualizing an already running system using Intel VT-x and Intel PT. This debugger aims not to use any APIs and software debugging...

6.8AI score
Exploits0References2
Citrix
Citrix
added 2020/11/20 12:0 a.m.20 views

Enable mitigations for CVE-2018-12207

Depending on your hardware, your Citrix Hypervisor or XenServer installation may be affected by the security issue with the identifierCVE-2018-12207. Citrix provides the following hotfixes to mitigate this issue: XS70E075, XS71ECU2024, XS76E012,XS80E008. For more information, seeCitrix Hypervisor...

6.5CVSS7AI score0.00915EPSS
Exploits0
OSV
OSV
added 2020/10/22 12:9 p.m.13 views

SUSE-SU-2020:14521-1 Security update for xen

This update for xen fixes the following issues: - CVE-2020-0543: Fixed a leak of Special Register Buffer Data Sampling SRBDS aka 'CrossTalk' bsc1172205,XSA-320 - CVE-2020-14364: Fixed an out-of-bounds read/write access while processing usb packets bsc1175534. - CVE-2020-15565: Fixed an issue cach...

8.8CVSS6.5AI score0.05447EPSS
Exploits1References23
Openbugbounty
Openbugbounty
added 2020/10/04 9:21 a.m.9 views

ept-xp.com Cross Site Scripting vulnerability OBB-1380898

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Veracode
Veracode
added 2020/08/06 9:33 p.m.28 views

Privilege Escalation

xen is vulnerable to privilege escalation. A guest OS user is able to gain privileges or crash the host OS due to non-atomic modification of a live EPT PTE...

7.8CVSS2.3AI score0.00276EPSS
Exploits0References10Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.51 views

openSUSE Security Update : xen (openSUSE-2020-985)

This update for xen fixes the following issues : - CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. - CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. - CVE-2020-15566: Fixed incorrect error handling in event channel port allocation...

8.8CVSS7.1AI score0.0054EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2020/07/19 12:0 a.m.22 views

openSUSE: Security Advisory for xen (openSUSE-SU-2020:0985-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7.2AI score0.0054EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2020/07/18 12:0 a.m.88 views

Security update for xen (important)

openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2020:0985-1 Rating: important References: 1027519 1172205 1173376 1173377 1173378 1173380 Cross-References: CVE-2020-0543 CVE-2020-15563 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567 Affected Products: openSUSE Leap 15....

8.8CVSS7.6AI score0.0054EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2020/07/16 12:0 a.m.40 views

Fedora 32 : xen (2020-fbc13516af)

incorrect error handling in event channel port allocation leads to DoS XSA-317, CVE-2020-15566 1854465 inverted code paths in x86 dirty VRAM tracking leads to DoS XSA-319, CVE-2020-15563 1854463 xen: insufficient cache write-back under VT-d leads to DoS XSA-321, CVE-2020-15565 1854467 missing...

8.8CVSS7AI score0.00413EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2020/07/15 12:0 a.m.53 views

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:1902-1)

This update for xen fixes the following issues : CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. CVE-2020-15566: Fixed incorrect error handling in event channel port allocation bsc1173376...

8.8CVSS7.2AI score0.0054EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2020/07/14 12:0 a.m.40 views

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:1889-1)

This update for xen fixes the following issues : CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. CVE-2020-15566: Fixed incorrect error handling in event channel port allocation bsc1173376...

8.8CVSS7.2AI score0.0054EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2020/07/14 12:0 a.m.34 views

SUSE SLES12 Security Update : xen (SUSE-SU-2020:1886-1)

This update for xen fixes the following issues : CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. CVE-2020-15567: Fixed non-atomic modification of live EPT PTE bsc1173380. Note that Tenable...

8.8CVSS7.2AI score0.00413EPSS
Exploits0References10
Prion
Prion
added 2020/07/07 1:15 p.m.23 views

Design/Logic Flaw

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield write...

4.4CVSS7.6AI score0.00276EPSS
Exploits0References8Affected Software4
UbuntuCve
UbuntuCve
added 2020/07/07 1:15 p.m.29 views

CVE-2020-15567

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield write...

7.8CVSS7.1AI score0.00276EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2020/07/07 12:26 p.m.30 views

CVE-2020-15567

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield write...

7.8CVSS8.2AI score0.00276EPSS
Exploits0
Xen Project
Xen Project
added 2020/07/07 12:0 p.m.41 views

non-atomic modification of live EPT PTE

ISSUE DESCRIPTION When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield writes. Depending on the compiler version and optimisation flags, Xen might expose a dangerous partially-written PTE to the hardware, which an attacker might be able ...

7.8CVSS0.4AI score0.00276EPSS
Exploits0
Veracode
Veracode
added 2020/04/10 12:51 a.m.31 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A flaw was found in the Xen hypervisor implementation when running a system that has an Intel CPU without Extended Page Tables EPT support. While attempting to dump information about a crashing fully-virtualized guest, the flaw could cause the hypervisor...

4.9CVSS1.3AI score0.00346EPSS
Exploits1References11Affected Software1
RedHat Linux
RedHat Linux
added 2020/03/31 8:15 p.m.14 views

ImageMagick: double free in WriteEPTImage function in coders/ept.c

WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service MagickCore/memory.c double free and application crash or possibly have unspecified other impact via a crafted file...

8.8CVSS6AI score0.03831EPSS
Exploits0References4
Cloud Foundry
Cloud Foundry
added 2019/11/21 12:0 a.m.45 views

USN-4185-3: Linux kernel vulnerability and regression | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description USN-4185-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 i915 missing Blitter Command Streamer check was incomplete on 64-bit Intel x86 systems. Also, th...

8.8CVSS8.6AI score0.03133EPSS
Exploits0
Rows per page
Query Builder