CVE-2017-2418

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Hypervisor" component. It allows guest OS users to obtain sensitive information from the CR8 control register via unspecified vectors...

CVE-2017-2418

CVE-2017-2418 concerns macOS before 10.12.4 where the Hypervisor framework could allow a guest OS user to read the CR8 control register from host/guest context via unspecified vectors. Connected documents confirm the affected product family and root cause: information leakage in Hypervisor state ...

Mac OS X 10.x < 10.12.4 Multiple Vulnerabilities

Binary data 700032.prm...

macOS 10.12.x < 10.12.4 Multiple Vulnerabilities (httpoxy)

The remote host is running a version of macOS that is 10.12.x prior to 10.12.4. It is, therefore, affected by multiple vulnerabilities in multiple components, some of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these remote code execution...

(Pwn2Own) VMware Workstation Uninitialized Memory Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling...

(Pwn2Own) VMware Workstation SVGA Uninitialized Memory Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling...

VMware Workstation SVGA Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling...

VMware Workstation SVGA Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling...

(Pwn2Own) VMware Workstation Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

[SECURITY] Fedora 25 Update: xen-4.7.2-2.fc25

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 24 Update: xen-4.6.4-8.fc24

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

RHEL 6 : qemu-kvm-rhev (RHSA-2017:0344)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:0344 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provi...

[SECURITY] Fedora 25 Update: xen-4.7.1-9.fc25

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

UBUNTU-CVE-2016-9818

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service host crash via vectors involving an asynchronous abort while at HYP...

ALPINE-CVE-2016-9815

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service host panic by sending an asynchronous abort...

ALPINE-CVE-2016-9818

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service host crash via vectors involving an asynchronous abort while at HYP...

DEBIAN-CVE-2016-9818

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service host crash via vectors involving an asynchronous abort while at HYP...

ALPINE-CVE-2016-9816

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service host crash via vectors involving an asynchronous abort while at EL2...

Xen Denial of Service Vulnerability (CNVD-2017-02502)

Xen is an open source virtual machine monitor product developed at the University of Cambridge in the United Kingdom. A denial of service vulnerability exists in Xen. An attacker could exploit this vulnerability to cause a hypervisor crash, resulting in a denial of service...

[SECURITY] Fedora 24 Update: xen-4.6.4-7.fc24

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...