Virtuozzo Hybrid Server 7.5 Update 6 Hotfix 3 (7.5.6-126)

The Hotfix 3 for Virtuozzo Hybrid Server 7.5 Update 6 provides stability and usability bug fixes. Vulnerability id: PSBM-156725 Some virtual machines failed to start, and ‘libvirtd.service’ hung after the Virtuozzo Hybrid Server 7.5 Update 6 Hotfix 2 upgrade. Vulnerability id: PSBM-157279 Default...

Virtuozzo Hybrid Server 7.5 Update 3 Hotfix 3 (7.5.3-409)

The Hotfix 3 for Virtuozzo Hybrid Server 7.5 Update 3 provides new features...

CVE-2020-22428

The provided data confirms a concrete vulnerability: SolarWinds Serv-U prior to version 15.1.6 Hotfix 3 is affected by Cross-Site Scripting (XSS) via a directory name entered by an administrator containing a JavaScript payload. Affected component: Serv-U FTP server; vulnerability arises from impr...

Product release: Virtuozzo Infrastructure Platform 3.0 Update 5 Hotfix 3 (3.0.5-72)

This update provides a fix for the 3.0 to 3.5 upgrade procedure. Vulnerability id: VSTOR-34105 Upgrade from version 3.0 to 3.5 may fail in some cases due to the absence of an internal product file...

Virtuozzo Hybrid Server 7.5 Update 1 Hotfix 3 (7.5.1-737)

The Hotfix 3 for Virtuozzo Hybrid Server 7.5 Update 1 provides a stability and usability bug fix. Vulnerability id: PSBM-130586 VM disk resize functionality could stop working for non-root users after upgrading to version 7.5.1...

Product update: Virtuozzo 7.0 Update 13 Hotfix 3 (7.0.13-306)

The Hotfix 3 for Virtuozzo 7.0 Update 13 provides a stability and usability bug fix. Vulnerability id: VSTOR-32856, VSTOR-32857 Unreadable files may be created when using erasure coding during the upgrade from Update 12 to 13. Fix such files with the command 'vstorage -c -A set-attr -p...

Virtuozzo Hybrid Server 7.5 Hotfix 3 (7.5.0-610)

The Hotfix 3 for Virtuozzo Hybrid Server 7.5 provides stability and usability bug fixes. Vulnerability id: PSBM-124766 VM's filesystem could remain frozen and non-working after backup. Vulnerability id: PSBM-125260 EZ templates are now installed and their post-install scripts are now run in the...

Product update: Virtuozzo 7.0 Update 12 Hotfix 3 (7.0.12-361)

The Hotfix 3 for Virtuozzo 7.0 Update 12 provides stability and usability bug fixes. Vulnerability id: PSBM-100126 Ploop is corrupted after node reboot repair image outgrows device size. Vulnerability id: PSBM-101150 vzstat does not show actual IO and IOPS load and limits. Vulnerability id:...

Important product update: Virtuozzo 7.0 Update 7 Hotfix 3 (7.0.7-461)

The Hotfix 3 for Virtuozzo 7.0 Update 7 provides security and stability fixes. Vulnerability id: CVE-2018-1087 A flaw was found in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch...

Product update: Virtuozzo 7.0 Update 5 Hotfix 3 (7.0.5-646)

The Hotfix 3 for Virtuozzo 7.0 Update 5 provides security and stability bug fixes. Vulnerability id: CVE-2017-13672, PSBM-72398 QEMU aka Quick Emulator, when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service out-of-bounds read and QEM...

SolarWinds Log and Event Manager < 6.3.1 Hotfix 3 Jailbreak and Privilege Escalation

According to its self-reported version number, the SolarWinds Log and Event Manager installed on the remote host is prior to version 6.3.1 Hotfix 3. It is, therefore, affected by multiple vulnerabilities : - Due to the program setting insecure permissions for management scripts, a remote attacker...

SolarWinds Log and Event Manager (LEM) < 6.3.1 Hotfix 3 SSH Jailbreak and Privilege Escalation Vulnerabilities

SolarWinds Log and Event Manager LEM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Product update: Virtuozzo 7.0 Update 3 Hotfix 3 (7.0.3-641)

The new packages for Virtuozzo 7.0.3 introducing usability fixes and compatibility with Packet. Vulnerability id: PSBM-62644 Route of container with a host-routed interface was not cleared on source host after migration. Vulnerability id: PSBM-59017 Allowed access to '/dev/kmsg' inside containers...

Product security update: Virtuozzo Automator 6.1 Update 2 Hotfix 3

The new packages for Virtuozzo Automator 6.1 introducing a new feature, a security fix, and usability bug fixes for VA Agent for Linux. Vulnerability id: PVA-27270 In cases when multiple containers were processed in a single task by external tools like 'vzabackup', Power Panel of any container...

Autodesk Design Review < 2013 Hotfix 3 Multiple RCE

The version of Autodesk Design Review installed on the remote Windows host is prior to 2013 Hotfix 3. It is, therefore, affected by the following vulnerabilities : - A buffer overflow condition exists when handling FLI files due to improper validation of user-supplied input. An unauthenticated,...

BMC Track-It! < 11.4 Hotfix 3 (11.4.0.440) Multiple Vulnerabilities

BMC Track-It! is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:bmc:track-it%21"; if...

NetIQ Access Manager 4.0 < 4.0 SP1 Hotfix 3 Multiple Vulnerabilities

The remote host is running a version of NetIQ Access Manager 4.0 without service pack 1 hotfix 3. It is, therefore, affected by the following vulnerabilities : - An XML Entity Injection XXE flaw exists in the 'query' parameter of the webacc servlet that can allow an authenticated user to view the...

F5 FirePass 6.0.2.3 - /vdesk/admincon/webyfiers.php css_exceptions Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29574/info F5 FirePass SSL VPN is prone to multiple cross-site request-forgery vulnerabilities because it fails to adequately sanitize user-supplied input. Exploiting these issues may allow a remote attacker to execute...

CVE-2014-3138

SQL injection vulnerability in Xerox DocuShare before 6.53 Patch 6 Hotfix 2, 6.6.1 Update 1 before Hotfix 24, and 6.6.1 Update 2 before Hotfix 3 allows remote authenticated users to execute arbitrary SQL commands via the PATHINFO to /docushare/dsweb/ResultBackgroundJobMultiple/. NOTE: some of the...

F5 FirePass 1200 SNMP daemon DoS

F5 FirePass 1200 SNMP daemon DoS Product: F5 FirePass 1200 http://www.f5.com/products/firepass/ The F5 FirePass 1200 SSL VPN appliance contains a denial-of-service vulnerability in the SNMP daemon. Traversing walking OID branch hrSWInstalled in HOST-RESOURCES-MIB OID 1.3.6.1.2.1.25.6 will cause t...