Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Process Server (WPS) and WPS Hypervisor editions (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” attack for SSL/TLS affects IBM WebSphere Application Server that is used by WebSphere Process Server WPS and WPS Hypervisor editions. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow ...

Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Process Server (Java CPU July 2015)

Summary WebSphere Application Server is shipped as a component of WebSphere Process Server. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security Bulletin:...

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with WebSphere Process Server (CVE-2016-0475, CVE-2016-0466, CVE-2015-7575, CVE-2016-0448)

Summary WebSphere Application Server WAS is shipped as a component of WebSphere Process Server. Information about security vulnerabilities affecting WebSphere Application Server has been published in a security bulletin. These issues were disclosed as part of the IBM Java SDK updates in January...

Citrix Hypervisor Security Bulletin for CVE-2020-35498

An issue has been identified in Citrix Hypervisor 8.2 LTSR CU1 Hotfix XS82ECU1008 only that may allow malicious network traffic to cause subsequent packets to be dropped. This issue has the following identifier: CVE ID| Description| Type| Pre-requisites ---|---|---|--- CVE-2020-35498| Malicious...

CVE-2022-36067

A flaw was found in the vm2 sandbox when running untrusted code, as the sandbox setup does not manage proper exception handling. This flaw allows an attacker to bypass the sandbox protections and gain remote code execution on the hypervisor host or the host which is running the sandbox. Mitigatio...

USN-5594-1: Linux kernel vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...

USN-5594-1 linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-gkeop, linux-ibm, linux-kvm, linux-lowlatency vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...

The vulnerability of the SCSIFRONT driver in the PV command of the Xen hypervisor allows a hacker to cause a service failure.

The vulnerability of the PV driver of the Xen hypervisor is caused by synchronization errors when using a shared resource. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability of the blkfront driver in the PV command of the Xen hypervisor allows a hacker to cause a service failure.

The vulnerability of the blkfront driver in the PV command of the Xen hypervisor is caused by synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the hvc_xen component (console) of the Xen hypervisor allows a attacker to cause a service failure.

The vulnerability of the hvcxen component console of the Xen hypervisor is related to an uncontrolled resource consumption. Exploiting this vulnerability may allow a malicious actor to cause service interruptions remotely...

The vulnerability of the Xen supervisor tool, caused by synchronization errors when using a shared resource, allows a malicious actor to trigger a service failure.

The vulnerability of the PV virtualization mode implementation in Xen hypervisors arises due to synchronization errors when using a common resource. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the blkfront component in the Xen hypervisor allows a attacker to trigger a service failure.

The vulnerability of the blkfront component in the Xen hypervisor is related to resource release errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Ubuntu: Security Advisory (USN-4163-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-4303-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5062-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-4254-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Driver Disk for Qlogic fastlinq 8.70.10.0 - For Citrix Hypervisor 8.2 LTSR

Who Should Install this Driver Disk? Customers on Dell hardware running the Citrix Hypervisor 8.2 LTSR release who use Qlogic's fastlinq driver and wish to use the latest version of the following: Driver Module| Version ---|--- qed| 8.70.10.0 qede| 8.70.10.0 qedf| 8.70.10.0 qedi| 8.70.10.0 qedr|...

(0Day) (Pwn2Own) Oracle VirtualBox SLIRP sosendoob Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

The vulnerability of the netfront component in the Xen hypervisor allows a attacker to trigger a service failure.

The vulnerability of the netfront component in the Xen hypervisor is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the gntalloc driver of the Xen hypervisor allows a hacker to cause a service failure.

The vulnerability of the gntalloc driver in Xen hypervisors arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow attackers to cause service failures...