Xen 权限许可和访问控制问题漏洞

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen suffers from a permissions licensing and...

PT-2021-7400 · Qualcomm · Qualcomm Snapdragon Industrial Iot +3

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile affected versions not specified Description: The issue is related to improper handling of concurrent hypervisor operations to attach or detach...

PT-2021-5059 · Xen · Xen

Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified Description: The issue is related to the implementation of Intel Virtualization Technology for Directed I/O VT-d in the Xen hypervisor on Intel x86 architecture computers. It involves incorrect handling of...

CVE-2021-1921

Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...

Memory corruption

Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...

CVE-2021-1921

CVE-2021-1921 describes memory corruption due to improper handling of hypervisor unmap operations for concurrent memory operations in Qualcomm Snapdragon families (Auto/Compute/Connectivity/Consumer IOT/Industrial IOT/Mobile). Connected sources confirm this vulnerability across Qualcomm closed‑so...

CVE-2021-1921

Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...

Microsoft Hyper-V Denial of Service Vulnerability

Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. A denial of service vulnerability exists in Microsoft Hyper-V, which can be exploited by an attacker to cause the target system to stop responding...

Corel Parallels Desktop 权限许可和访问控制问题漏洞

Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Corel Canada. A privilege-granting and access control issue vulnerability exists in Corel Parallels Desktop that stems from a lack of proper validation of the length of user-supplied data before copying it ...

Security update for libvirt (moderate)

openSUSE Security Update: Security update for libvirt Announcement ID: openSUSE-SU-2021:3619-1 Rating: moderate References: 1177902 1183247 1186398 1190420 1190493 1190693 1190695 1190917 Affected Products: openSUSE Leap 15.3 An update that contains security fixes can now be installed. Descriptio...

How to manage unexpected volumes of logging in Citrix Hypervisor

In Citrix Hypervisor, the log partition can sometimes fill up with excessive logs. This article lists some ways to configure logging to decreasethe volume oflogs...

Xen / TSX Async Abort protections not restored after S3 (XSA-377)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a vulnerability as x86: TSX Async Abort protections not restored after S3. This issue relates to the TSX Async Abort speculative security vulnerability. Please see...

多款Qualcomm产品安全漏洞

The Qualcomm QCA6574AU and others are products of Qualcomm Incorporated, U.S.A. The QCA6574AU is a central processing unit CPU product.The SDX24 is a modem.The SDX55 is a modem.The QCA6574AU is a central processing unit CPU product.The SDX24 is a modem.The SDX55 is a modem. A security vulnerabili...

Hotfix XS82E034 - For Citrix Hypervisor 8.2

Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2. Information About this Hotfix Component| Details ---|--- Prerequisite| None Post-update tasks| Restart Host Content live patchable| Yes Baselines for Live Patch| XS82E024, XS82E030 Revision History|...

CVE-2021-34854

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

CVE-2021-34855

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.1.3 49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

CVE-2021-34864

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

CVE-2021-34857

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 49160. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists withi...

CVE-2021-34856

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 49160. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists withi...

CVE-2021-34854

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...