EUVD-2021-15370

Malware in sbrugna...

EUVD-2021-15372

Malware in sbrugna...

Xen hypercall page unsafe against speculative attacks

ISSUE DESCRIPTION Xen guests need to use different processor instructions to make explicit calls into the Xen hypervisor depending on guest type and/or CPU vendor. In order to hide those differences, the hypervisor can fill a hypercall page with the needed instruction sequences, allowing the gues...

Vulnerabilities fixed in Xen

Xen has released updates to fix vulnerabilities in its hypervisor. Under specific circumstances, a virtualized system "guest" exploit the vulnerabilities to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Access to sensitive data Increased...

MGASA-2015-0415 Updated virtualbox packages fix security vulnerabilities

A vulnerability in the Oracle VM VirtualBox component prior to 4.0.34, 4.1.42, 4.2.34, 4.3.32 and 5.0.8. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash...

SSI & CSS execution in E-Guest (1.1) & ZAP Book (v1.0.3)

DownBload Security Research Lab Advisory ------------------------------------------------------------------------- Advisory name: SSI & CSS execution in E-Guest 1.1 & ZAP Book v1.0.3 Advisory number: 6 Application: E-Guest 1.1 & ZAP Book v1.0.3 CGI scripts --- E-Guest Author: Leung Eric E-mail:...