166 matches found
OpenStack Nova Directory traversal vulnerability
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...
GHSA-M454-CM7H-RQHH OpenStack Nova Directory traversal vulnerability
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...
Conti Group Targets ESXi Hypervisors With its Linux Variant
Conti Group Targets ESXi Hypervisors With its Linux Variant By Marc Elias, Jambul Tologonov and Alexandre Mundo · Apr 20, 2022 Despite the leak of the conversations of the Conti members that happened in March 2022, which we analyzed and published recently, the group seems to continue its operatio...
Conti Group Targets ESXi Hypervisors With its Linux Variant
Conti Group Targets ESXi Hypervisors With its Linux Variant By Marc Elias, Jambul Tologonov and Alexandre Mundo · Apr 20, 2022 Despite the leak of the conversations of the Conti members that happened in March 2022, which we analyzed and published recently, the group seems to continue its operatio...
The vulnerability of Xen hypervisors, related to improper authorization, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of Xen hypervisors is related to improper authorization. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...
The vulnerability of the XENMAPSPACE_grant_table function in Xen hypervisors allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the XENMAPSPACEgranttable function in Xen hypervisors is related to insecure management of privileges. Exploiting this vulnerability allows attackers to access confidential data, compromise its integrity, and cause service interruptions...
VMware ESXi Servers Encrypted by Lightning-Fast Python Script
Researchers have discovered a new Python ransomware from an unnamed gang that’s striking ESXi servers and virtual machines VMs with what they called “sniper-like” speed. Sophos said on Tuesday that the ransomware is being used to compromise and encrypt VMs hosted on an ESXi hypervisor in operatio...
The vulnerability of Xen hypervisors on Arm, related to information disclosure, allows attackers to gain access to confidential data.
The vulnerability of Xen hypervisors on ARM is related to the lack of cleaning of loading modules. Exploiting this vulnerability can allow an attacker to gain access to confidential data...
Fedora: Security Advisory for libslirp (FEDORA-2021-71de23bedd)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 33 Update: libslirp-4.3.1-5.fc33
A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services...
[SECURITY] Fedora 34 Update: libslirp-4.4.0-4.fc34
A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services...
SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0438-1)
The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2021-3348: Fixed a use-after-free in nbdaddsocket that could be triggered by local attackers with access to the nbd device via an I/O request at a certain point...
awesome-virtualization
This is a collection of resources about virtualization, not an exploit or offensive tool. It is a curated list of awesome resources about virtualization, including documentation, books, courses, papers, research projects, and more. The repository includes information on mainstream hypervisors,...
SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0108-1)
The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver bsc1180559. CVE-2020-27825: Fixed a race in the traceopen and buffer resi...
CVE-2020-27777
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down usually due to Secure Boot guest system running on top of PowerVM or KVM hypervisors pseries platform a root like local user could use this flaw to further increase their privileges to...
CVE-2020-27777
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down usually due to Secure Boot guest system running on top of PowerVM or KVM hypervisors pseries platform a root like local user could use this flaw to further increase their privileges to...
Design/Logic Flaw
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down usually due to Secure Boot guest system running on top of PowerVM or KVM hypervisors pseries platform a root like local user could use this flaw to further increase their privileges to...
CVE-2020-27777
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down usually due to Secure Boot guest system running on top of PowerVM or KVM hypervisors pseries platform a root like local user could use this flaw to further increase their privileges to...
Fedora: Security Advisory for libslirp (FEDORA-2020-77f93f41be)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 32 Update: libslirp-4.3.1-3.fc32
A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services...