Corel Parallels Desktop 缓冲区错误漏洞

Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Corel Canada. A buffer error vulnerability exists in Corel Parallels Desktop. Exploitation of this vulnerability allows a local administrator to elevate privileges and execute arbitrary code in the system...

(Pwn2Own) Parallels Desktop Toolgate Uncontrolled Memory Allocation Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate...

(Pwn2Own) Parallels Desktop Toolgate Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within t...

Hotfix XS82E030 - For Citrix Hypervisor 8.2

Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2. Information About this Hotfix Component| Details ---|--- Prerequisite| None Post-update tasks| Restart Host Content live patchable| Yes Baselines for Live Patch| XS82E024 Revision History| Published on J...

Citrix Provisioning Services - Machine Creation Fails While Running The PVS CVAD Setup Wizard

The PVS CVAD Setup Wizard fails to create new virtual machines when running on a VMware Hypervisor. vCenter displays an error when the CVAD Setup Wizard fails to complete its task similar to the following: Unable to find device or file /Failed to clone a VM, error: Invalid configuration for devic...

Oracle VirtualBox NAT Numeric Truncation Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

The vulnerability of the virtualization paravirtualization mode implementation in Xen hypervisors allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the PV mode implementation in Xen hypervisors relates to the use of the Indirect Branch Restricted Speculation IBRS mechanism for indirect branch control. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Xen: Multiple vulnerabilities

Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

Citrix Hypervisor Open Source Licensing and Attribution

The Citrix Hypervisor product is a compilation of software packages. Each package is governed by its own license. The complete licensing terms applicable to a given package can be found in the source RPM of the package, unless the package is covered by a proprietary license which does not permit...

ACRN Buffer Overflow Vulnerability

ACRN is an open source project released by the Linux Foundation, a hypervisor designed for IoT and embedded devices. An irteallocbitmap buffer overflow vulnerability exists in dmarfreeirte in hypervisor/arch/x86/vtd.c in versions prior to ACRN 2.5. No detailed vulnerability details are provided a...

ACRN Null Pointer Dereference Vulnerability (CNVD-2021-49151)

ACRN is an open source project released by the Linux Foundation, which is a hypervisor designed for IoT and embedded devices. A null pointer dereference vulnerability exists in devicemodel/hw/pci/xhci.c in versions prior to ACRN 2.5. No details of the vulnerability are provided at this time...

ACRN Reuse After Release Vulnerability

ACRN is an open source project released by the Linux Foundation, which is a hypervisor designed for IoT and embedded devices. Device Model in ACRN suffers from a devicemodel/core/mem.c post-release reuse vulnerability. No details of the vulnerability are available at this time...

CVE-2021-36146

ACRN before 2.5 has a devicemodel/hw/pci/xhci.c NULL Pointer Dereference for a trb pointer...

CVE-2021-36147

An issue was discovered in ACRN before 2.5. It allows a devicemodel/hw/pci/virtio/virtionet.c virtionetpingrxq NULL pointer dereference for vq-used...

CVE-2021-36148

An issue was discovered in ACRN before 2.5. dmarfreeirte in hypervisor/arch/x86/vtd.c allows an irteallocbitmap buffer overflow...

Buffer overflow

An issue was discovered in ACRN before 2.5. dmarfreeirte in hypervisor/arch/x86/vtd.c allows an irteallocbitmap buffer overflow...

CVE-2021-36148

An issue was discovered in ACRN before 2.5. dmarfreeirte in hypervisor/arch/x86/vtd.c allows an irteallocbitmap buffer overflow...

ACRN 代码问题漏洞

ACRN is an open source project released by the Linux Foundation, a hypervisor designed for IoT and embedded devices. A null pointer dereference vulnerability exists in virtionetpingrxq in devicemodel/hw/pci/virtio/virtionet.c in versions prior to ACRN 2.5. No details of the vulnerability are...

ACRN 安全漏洞

ACRN is an open source project released by the Linux Foundation, a hypervisor designed for IoT and embedded devices. An irteallocbitmap buffer overflow vulnerability exists in dmarfreeirte in hypervisor/arch/x86/vtd.c in versions prior to ACRN 2.5. No detailed vulnerability details are provided a...

ACRN 资源管理错误漏洞

ACRN is an open source project released by the Linux Foundation, which is a hypervisor designed for IoT and embedded devices. A post-release reuse vulnerability exists in the polling timer handler in ACRN related to devicemodel/hw/pci/virtio/.c. The vulnerability is not known. No detailed...