Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities (FREAK)

The remote host is running a version of Mac OS X 10.10.x that is prior to 10.10.3. It is, therefore, affected multiple vulnerabilities in the following components : - Admin Framework - Apache - ATS - Certificate Trust Policy - CFNetwork HTTPProtocol - CFNetwork Session - CFURL - CoreAnimation -...

Apple Mac OS X hypervisor framework input validation vulnerability

Apple Mac OS X is an operating system developed by Apple Inc. An input validation vulnerability in the Apple Mac OS X hypervisor framework allows local attackers to conduct denial of service attacks...

RedHat Update for kernel RHSA-2015:0783-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 5 : kernel (CESA-2015:0783)

Updated kernel packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

CentOS Update for kernel CESA-2015:0783 centos5

Check the version of kernel SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882159";...

kernel security update

CentOS Errata and Security Advisory CESA-2015:0783 Updated kernel packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...

xen: Insufficient bounding of "REP MOVS" to MMIO emulated inside the hypervisor (xsa112)

An insufficient bound checking flaw was found in the Xen hypervisor's implementation of acceleration support for the "REP MOVS" instructions. A privileged HVM guest user could potentially use this flaw to crash the host...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

KLA10530 JRE update for multiple VMware products

Multiple VMware products were updated to address vulnerabilities in Oracle Java. For details look at KLA10447. Original advisories VMSA advisory KLA10447 Exploitation Public exploits exist for this vulnerability. Related products VMware-unclassified-products CVE list CVE-2014-6593 warning Solutio...

DEBIAN-CVE-2015-2756

QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service non-maskable interrupt and host crash by disabling the 1 memory or 2 I/O decoding for a PCI Express device and then accessing...

DEBIAN-CVE-2015-2751

Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service host lock via unspecified domctl operations...

UBUNTU-CVE-2015-2752

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

CentOS 7 : kernel (CESA-2015:0726)

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...

UBUNTU-CVE-2015-2756

QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service non-maskable interrupt and host crash by disabling the 1 memory or 2 I/O decoding for a PCI Express device and then accessing...

Scientific Linux Security Update : virt-who on SL7.x (noarch) (20150305)

It was discovered that the /etc/sysconfig/virt-who configuration file, which may contain hypervisor authentication credentials, was world- readable. A local user could use this flaw to obtain authentication credentials from this file. CVE-2014-0189 The virt-who package has been upgraded to upstre...

Fedora 21 : xen-4.4.1-16.fc21 (2015-3944)

Additional patch for XSA-98 on arm64 HVM qemu unexpectedly enabling emulated VGA graphics backends XSA-119, CVE-2015-2152 Hypervisor memory corruption due to x86 emulator flaw XSA-123, CVE-2015-2151 enable building pngs from fig files which is working again, fix oxenstored.service preset...

Fedora 20 : xen-4.3.3-12.fc20 (2015-3721)

HVM qemu unexpectedly enabling emulated VGA graphics backends XSA-119, CVE-2015-2152 Hypervisor memory corruption due to x86 emulator flaw XSA-123, CVE-2015-2151 Information leak via internal x86 system device emulation, Information leak through version information hypercall Note that Tenable...

SuSE 11.3 Security Update : util-linux (SAT Patch Number 10452)

util-linux has been updated to fix one security issue : - command injection flaw in blkid bnc907434. Additionally, these non-security issues have been fixed :. CVE-2014-9114 - Fix possible script hang. bnc888678 - Enable build of libmount / findmnt. bnc900965 - Don't stop trying filesystem when...

[SECURITY] Fedora 21 Update: xen-4.4.1-16.fc21

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Fedora 22 : xen-4.5.0-6.fc22 (2015-3935)

Additional patch for XSA-98 on arm64 HVM qemu unexpectedly enabling emulated VGA graphics backends XSA-119, CVE-2015-2152 Hypervisor memory corruption due to x86 emulator flaw XSA-123, CVE-2015-2151 Information leak via internal x86 system device emulation, Information leak through version...