EUVD-2017-2558

Malware in sbrugna...

PT-2022-2299 · Cisco · Cisco Iox +1

Name of the Vulnerable Software and Affected Versions: Cisco IOx affected versions not specified Description: The issue exists due to incorrect restriction of the directory path name with limited access. An attacker could inject arbitrary commands into the underlying host operating system, execut...

CVE-2021-41569

SAS/Intrnet 9.4 build 1520 and earlier allows Local File Inclusion. The samples library included by default in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro...

CVE-2017-10918

Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222...

CVE-2017-10921

The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAPdevicemap and GNTMAPhostmap mapping, which allows guest OS users to cause a denial of service count mismanagement and memory corruption or obtain privileged host OS access, aka XSA-224 bug 2...

CVE-2010-2238

Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into disk-image backing stores without extracting the defined disk backing-store format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, via unknown vectors...

CVE-2008-1945

QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004...