Oracle VirtualBox Shader Bytecode Type Confusion Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

Oracle VirtualBox Shader Bytecode Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

Oracle VirtualBox Shader Bytecode Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

Oracle VirtualBox Shader Bytecode Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system allows a hacker to gain increased privileges.

The vulnerability of the Hyper-V hardware virtualization technology in the Windows operating system relates to operations that go beyond the buffer limits in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

VMSA-2020-0023 : VMware ESXi, Workstation, Fusion and NSX-T updates address multiple security vulnerabilities

a. ESXi OpenSLP remote code execution vulnerability CVE-2020-3992 OpenSLP as used in ESXi has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remo...

CVE-2020-3995

In VMware ESXi 6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG, Workstation 15.x before 15.1.0, Fusion 11.x before 11.1.0, the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability. A malicious actor with access to a virtual machine may be able to trigg...

CVE-2020-3995

In VMware ESXi 6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG, Workstation 15.x before 15.1.0, Fusion 11.x before 11.1.0, the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability. A malicious actor with access to a virtual machine may be able to trigg...

CVE-2020-3995

In VMware ESXi 6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG, Workstation 15.x before 15.1.0, Fusion 11.x before 11.1.0, the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability. A malicious actor with access to a virtual machine may be able to trigg...

CVE-2020-3995

CVE-2020-3995: VMware VMCI host driver memory leak in ESXi/Workstation/Fusion (affected versions listed in VMware advisories) can permit a VM-guest attacker with access to trigger memory leakage, potentially exhausting hypervisor memory during sustained attacks. Concrete details across sources sh...

VMware Workstation BDOOR_CMD_PATCH_ACPI_TABLES Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

VMware Workstation BDOOR_CMD_PATCH_ACPI_TABLES Time-Of-Check Time-Of-Use Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

PT-2020-4727 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions up to 5.9.1 Xen versions up to 4.14.x Description: An issue in the Linux kernel allows guest OS users to cause a denial of service, resulting in a host OS hang, by sending a high rate of events to dom0. This issue is...

Xen x86 PV guest kernels DoS (XSA-339)

A denial of service DoS vulnerability exists in Xen servers when using x86 PV guest kernels due to a mishandling of SYSENTER state sanitization activities. An authenticated, local attacker can exploit this issue, via the SYSENTER instruction in 64bit mode, to cause a VM Denial of Service. Note th...

Xen evtchn_reset() race conditions privelege escalation (XSA-339)

A privilege escalation vulnerability exists in EVTCHNOPreset potentially by a guest on itself or XENDOMCTLsoftreset due to a race condition present in evtchnreset. An authenticated, local attacker can exploit this, via a violation of various internal assumptions, to gain elevate their privilege t...

CVE-2020-27152

A stack overflow flaw via an infinite loop condition issue was found in the KVM hypervisor of the Linux kernel. This flaw occurs while processing interrupts because the IRQ state is erroneously set. This flaw allows a guest user to crash the host kernel, resulting in a denial of service. The...

Fedora: Security Advisory for xen (FEDORA-2020-d46fe34349)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 31 Update: xen-4.12.3-5.fc31

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] [DSA 4769-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4769-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 02, 2020 https://www.debian.org/security/faq -...

Fedora: Security Advisory for xen (FEDORA-2020-f668e579be)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...