Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000962)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000962 advisory. The xenfailsafecallback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of...

EUVD-2017-17845

Malware in sbrugna...

Invoke-SessionHunter - Retrieve And Display Information About Active User Sessions On Remote Computers (No Admin Privileges Required)

Retrieve and display information about active user sessions on remote computers. No admin privileges required. The tool leverages the remote registry service to query the HKEYUSERS registry hive on the remote computers. It identifies and extracts Security Identifiers SIDs associated with active...

Incorrect Price-Feed Failsafe System

Lines of code https://github...

SUSE CVE-2013-0190

The xenfailsafecallback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service guest crash by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption...

SUSE CVE-2017-8905

Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215...

SUSE CVE-2018-14678

An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xenfailsafecallback entry point in arch/x86/entry/entry64.S does not properly maintain RBX, which allows local users to cause a denial of service uninitialized memory usage and system crash. Within Xen...

Hands-On IoT Hacking: Rapid7 at DefCon IoT Village, Part 1

This year, Rapid7 participated at the IoT Village during DefCon29 by running a hands-on hardware hacking exercise, with the goal of exposing attendees to concepts and methods for IoT hacking. Over the years, these exercises have covered several different embedded device topics, including how to u...

Ruby on Rails: Possible DOS in app with crashing `exceptions_app`

Vulnerability description not provided...

Santa - A Binary Whitelisting/Blacklisting System For macOS

Santa is a binary whitelisting/blacklisting system for macOS. It consists of a kernel extension or a system extension on macOS 10.15+ that monitors for executions, a userland daemon that makes execution decisions based on the contents of a SQLite database, a GUI agent that notifies the user in ca...

CVE-2020-10262

An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.58.10. Attackers can activate the failsafe mode during the boot process, and use the miconsole command cascaded by the SN code shown on the product to get the root shell password, and then the attacker can i read Wi-Fi SSID or password, ...

CVE-2020-10262

The CVE-2020-10262 entry affects Xiaomi Xiao AI Speaker Pro LX06 (firmware 1.58.10). The described vulnerability lets an attacker activate failsafe mode during boot, use the mi_console command (cascaded by the SN code) to obtain the root shell password, and then potentially: read Wi‑Fi SSID/passw...

CVE-2020-10262

An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.58.10. Attackers can activate the failsafe mode during the boot process, and use the miconsole command cascaded by the SN code shown on the product to get the root shell password, and then the attacker can i read Wi-Fi SSID or password, ...

VIDEO: Utilizing Tape Storage as a Malware Failsafe

Tape storage is commonly accepted as a cost-effective backup target, and it also can play an even more strategic role in combatting cybercrime. In a recent video with Storage Switzerland, Lead Analyst George Crump and David Balcar, security strategist for Carbon Black, discussed how to use tape...

The vulnerability of the xen_failsafe_callback function in Xen hypervisors allows a malicious actor to trigger a service failure or increase their privileges.

The vulnerability of the xenfailsafecallback function in Xen hypervisors is related to deficiencies in access control. Exploiting this vulnerability could allow a attacker running on a guest OS to cause service failures or increase their privileges...

Linux: Uninitialized state in x86 PV failsafe callback path

ISSUE DESCRIPTION Linux has a failsafe callback, invoked by Xen under certain conditions. Normally in this failsafe callback, errorentry is paired with errorexit; and errorentry uses %ebx to communicate to errorexit whether to use the user or kernel return path. Unfortunately, on 64-bit PV Xen on...

PT-2018-2684 · Xen +4 · Xen +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.17.12 Xen versions prior to 4.11.x Description: An issue in the Linux kernel and Xen hypervisor allows local users to cause a denial of service or possibly gain privileges. The xen failsafe callback entry poin...

Debian: Security Advisory (DLA-964-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-8905

Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215...

CVE-2017-8905

Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215...