51 matches found
CVE-2021-1800
CVE-2021-1800 is tied to Apple Xcode 12.4. The vulnerability is a path handling issue in on-demand resources that could allow a malicious app to access arbitrary host files when using Xcode. Apple fixed this by improving path validation in Xcode 12.4. The cited sources (Apple advisory HT212153 an...
Important: Red Hat Security Advisory: virt:8.2 and virt-devel:8.2 security update
An update for the virt:8.2 and virt-devel:8.2 modules is now available for Advanced Virtualization for RHEL 8.2.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...
RHEL 8 : virt:8.2 and virt-devel:8.2 (RHSA-2021:0743)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0743 advisory. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat...
virt:ol and virt-devel:rhel security update
qemu-kvm 4.2.0-34.el83.4 - kvm-virtiofsd-extract-lodoopen-from-loopen.patch bz1919109 - kvm-virtiofsd-optionally-return-inode-pointer-from-lodo.patch bz1919109 - kvm-virtiofsd-prevent-opening-of-special-files-CVE-2020-.patch bz1919109 - Resolves: bz1919109 CVE-2020-35517 virt:rhel/qemu-kvm: QEMU:...
virt:rhel and virt-devel:rhel security update
An update is available for libnbd, nbdkit, libguestfs-winsupport, supermin, libiscsi, hivex, netcf, perl-Sys-Virt, seabios, sgabios, libvirt-dbus, libvirt-python. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Apple Xcode has an unspecified vulnerability
Apple Xcode is an integrated development environment provided by Apple for developers to develop applications for Mac OS X and iOS. Apple Xcode 12.4 contains a security vulnerability that could be exploited by attackers to access arbitrary files on the host device...
CVE-2020-35517
A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to create a device special file in the shared directory and use it to r/w access host devices...
Apple Xcode 安全漏洞
Apple Xcode is an integrated development environment provided by Apple for developers to develop applications for Mac OS X and iOS. Apple Xcode 12.4 contains a security vulnerability that could be exploited by attackers to access arbitrary files on the host device...
Blaauw Remote Kiln Control Path Traversal Vulnerability (CNVD-2020-28490)
The Blaauw Remote Kiln Control is an automated ceramic kiln controller from Blaauw in the Netherlands. A path traversal vulnerability exists in Blaauw Remote Kiln Control. An attacker could use this vulnerability to download arbitrary files from the host device...
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20150311)
It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the uverbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...