The vulnerability of the XENMEM_exchange component in Xen hypervisors allows a hacker to gain unauthorized access to confidential data, cause service failures, and compromise data integrity.

The vulnerability of the XENMEMexchange component in Xen hypervisors is related to the simultaneous execution using a shared resource with incorrect synchronization. Exploiting this vulnerability allows an attacker to gain unauthorized access to confidential data, cause service failures, and...

The vulnerability of Xen hypervisors relates to the lack of a mechanism for verifying input data. This allows attackers to gain unauthorized access to confidential data, cause service failures, and compromise data integrity.

The vulnerability of Xen hypervisors is related to the lack of a mechanism for checking input data. Exploiting this vulnerability allows an attacker to gain unauthorized access to confidential data, cause service failures, and compromise data integrity...

The vulnerability of Xen hypervisors relates to the lack of a mechanism for checking input data, allowing attackers to trigger a service failure.

The vulnerability of Xen hypervisors is related to the lack of a mechanism for checking input data. Exploiting this vulnerability allows an attacker to cause service failures...

The vulnerability of comparison and exchange operations involving Xen hypervisors allows a perpetrator to trigger a service failure.

The vulnerability of comparison and exchange operations in Xen hypervisors is related to the infinite operation of the loop. Exploiting this vulnerability allows an attacker to cause service failures...

[SECURITY] Fedora 32 Update: xen-4.13.0-7.fc32

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Xen Bad error path in GNTTABOP_map_grant DoS (XSA-316)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service vulnerability. Grant table operations are expected to return 0 for success, and a negative number for errors. Some misplaced brackets cause one error path to return 1...

Amazon Linux AMI : kernel (ALAS-2020-1360)

The version of kernel installed on the remote host is prior to 4.14.173-106.229. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1360 advisory. 2023-11-29: CVE-2020-27418 was added to this advisory. A stack buffer overflow issue was found in the getrawsocket...

Medium: kernel

Issue Overview: A stack buffer overflow issue was found in the getrawsocket routine of the Host kernel accelerator for virtio net vhost-net driver. It could occur while doing an ictolVHOSTNETSETBACKEND call, and retrieving socket name in a kernel stack variable via getrawsocket. A user able to...

The vulnerability of the libxl function in Xen hypervisors allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the libxl function in Xen hypervisors is related to insufficient validation of input data. Exploiting this vulnerability allows attackers to access confidential data, compromise its integrity, and cause service failures...

Oracle VirtualBox vmsvga3dSetLightData Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

Oracle VirtualBox xHCI Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the xHCI...

Oracle VirtualBox xHCI Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the xHCI...

Oracle VirtualBox SLiRP Networking Out-Of-Bounds Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle VirtualBox. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of NAT. The issue results from the lack of proper validation of...

Oracle VirtualBox VBoxVGA VBoxVHWASurfaceBase Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the VBoxVGA...

Oracle VirtualBox xHCI Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

Oracle VirtualBox Virtual USB Numeric Truncation Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the virtual...

Oracle VirtualBox shader_glsl_get_register_name Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

Oracle VirtualBox vmsvgaR3FifoUpdateCursor Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1396)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

April 2020 Patch Tuesday – 113 Vulns, 19 Critical, Zero-Day Patches, SharePoint, Adobe ColdFusion

This month’s Microsoft Patch Tuesday addresses 113 vulnerabilities with 19 of them labeled as Critical. The 19 Critical vulnerabilities cover Adobe Font Manager Library 0-day, SharePoint, Hyper-V, Scripting Engines, Media Foundation, Microsoft Graphics, Windows Codecs, and Dynamics Business...