Lucene search
K

166 matches found

RedhatCVE
RedhatCVE
added 2020/11/23 8:51 p.m.46 views

CVE-2020-27777

A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down usually due to Secure Boot guest system running on top of PowerVM or KVM hypervisors pseries platform a root like local user could use this flaw to further increase their privileges to...

7.2CVSS1.6AI score0.00501EPSS
Exploits1References6
Prion
Prion
added 2020/10/20 5:15 p.m.21 views

Memory corruption

In VMware ESXi 6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG, Workstation 15.x before 15.1.0, Fusion 11.x before 11.1.0, the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability. A malicious actor with access to a virtual machine may be able to trigg...

3.5CVSS6.1AI score0.01097EPSS
Exploits0References1Affected Software4
Fedora
Fedora
added 2020/07/15 1:20 a.m.53 views

[SECURITY] Fedora 32 Update: libslirp-4.3.1-1.fc32

A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services...

6.5CVSS2.2AI score0.0051EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/05/11 12:0 a.m.44 views

Fedora: Security Advisory for libslirp (FEDORA-2020-1608d52724)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6AI score0.02293EPSS
Exploits1References2
Fedora
Fedora
added 2020/05/09 4:12 a.m.47 views

[SECURITY] Fedora 31 Update: libslirp-4.1.0-2.fc31

A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services...

7.5CVSS2.2AI score0.02293EPSS
Exploits1
OpenVAS
OpenVAS
added 2020/05/02 12:0 a.m.34 views

Fedora: Security Advisory for libslirp (FEDORA-2020-30c45be10c)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6AI score0.02293EPSS
Exploits1References2
Fedora
Fedora
added 2020/05/01 12:37 a.m.56 views

[SECURITY] Fedora 32 Update: libslirp-4.2.0-2.fc32

A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services...

7.5CVSS2.2AI score0.02293EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2020/04/14 12:0 a.m.6 views

The vulnerability of Xen hypervisors arises from synchronization errors when using shared resources, allowing a malicious actor to cause service failures or increase their privileges.

The vulnerability of Xen hypervisors arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause service failures or increase their privileges by adding a device with persistent communication capabilities...

7.8CVSS6.8AI score0.00259EPSS
Exploits0References7Affected Software10
BDU FSTEC
BDU FSTEC
added 2020/04/13 12:0 a.m.6 views

The vulnerability of Xen hypervisors relates to insufficient validation of input data. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of Xen hypervisors is related to the limited support for linear tables: a page can either point to itself or to another table at the same level. Exploiting this vulnerability could allow an attacker to access confidential data, compromise its integrity, and even cause service...

8.8CVSS6.7AI score0.0039EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/04/13 12:0 a.m.6 views

The vulnerability of Xen hypervisors arises from the simultaneous execution using a shared resource with incorrect synchronization. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of Xen hypervisors relates to the simultaneous use of common resources. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...

8.5CVSS6.8AI score0.01187EPSS
Exploits0References9Affected Software5
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.41 views

F5 Networks BIG-IP : vCMP vulnerability (K05765031)

vCMP hypervisors incorrectly expose the plaintext unit key for their vCMP guests on the file system.CVE-2019-6670 Impact An attacker may use this vulnerability to extract the master key of vCMP guests. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

4.4CVSS5.2AI score0.00207EPSS
Exploits0References2
NVD
NVD
added 2019/11/27 10:15 p.m.25 views

CVE-2019-6670

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5, vCMP hypervisors are incorrectly exposing the plaintext unit key for their vCMP guests on the filesystem...

4.4CVSS4.8AI score0.00207EPSS
Exploits0References1
Prion
Prion
added 2019/11/27 10:15 p.m.21 views

Design/Logic Flaw

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5, vCMP hypervisors are incorrectly exposing the plaintext unit key for their vCMP guests on the filesystem...

2.1CVSS4.9AI score0.00207EPSS
Exploits0References1Affected Software13
Tenable Nessus
Tenable Nessus
added 2019/11/14 12:0 a.m.15 views

Debian DSA-4566-1 : qemu - security update

This update for QEMU, a fast processor emulator, backports support to passthrough the pschange-mc-no CPU flag. The virtualised MSR seen by a guest is set to show the bug as fixed, allowing to disable iTLB Multihit mitigations in nested hypervisors cf. DSA 4564-1. C Tenable Network Security, Inc...

5.5AI score
Exploits0References4
Debian
Debian
added 2019/11/12 10:10 p.m.15 views

[SECURITY] [DSA 4566-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4566-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 12, 2019 https://www.debian.org/security/faq -...

2.1AI score
Exploits0
OpenVAS
OpenVAS
added 2019/08/12 12:0 a.m.54 views

Fedora Update for libslirp FEDORA-2019-77bafc4454

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7.2AI score0.16658EPSS
Exploits3References2
Fedora
Fedora
added 2019/08/11 1:14 a.m.64 views

[SECURITY] Fedora 30 Update: libslirp-4.0.0-2.fc30

A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services...

8.8CVSS2.2AI score0.16658EPSS
Exploits3
BDU FSTEC
BDU FSTEC
added 2019/08/06 12:0 a.m.5 views

The vulnerability in the implementation of 3D-acceleration functions for hypervisors such as VMware ESXi, VMware Fusion, and Vmware Workstation allows a attacker to cause service failures.

The vulnerability of the 3D-acceleration function implementation in VMware ESXi, VMware Fusion, and Vmware Workstation relates to uncontrolled resource consumption. Exploiting this vulnerability can allow attackers to cause service failures...

6.5CVSS5.5AI score0.00426EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2019/07/11 12:0 a.m.6 views

The vulnerability of VMware ESXi, VMware Fusion, and Vmware Workstation lies in synchronization errors when using shared resources (“Race Conditions”), allowing a attacker to execute arbitrary code.

The vulnerability of VMware ESXi, VMware Fusion, and Vmware Workstation hypervisors is related to synchronization errors when using shared resources. Exploiting this vulnerability allows an attacker to execute arbitrary code by using a virtual USB controller...

7.2CVSS6AI score0.01004EPSS
Exploits0References2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2019/06/27 6:55 p.m.36 views

Security Bulletin: Speculative Store Bypass (SSB) vulnerability also known as SpectreNG or Variant 4 affects IBM Spectrum Protect Plus (CVE-2018-3639)

Summary IBM Spectrum Protect Plus may be affected by the Speculative Storage Bypass SSB vulnerability which is also known as SpetreNG or Variant 4. Vulnerability Details CVEID: CVE-2018-3639 DESCRIPTION: Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by...

5.5CVSS1AI score0.60631EPSS
Exploits2Affected Software1
Rows per page
Query Builder