754 matches found
The vulnerability of the command-line interface (CLI) of Cisco NX-OS and Cisco FXOS routers of Cisco UCS Fabric Interconnect allows a attacker to execute arbitrary code.
The vulnerability of the command-line interface CLI of Cisco NX-OS and Cisco FXOS router operating systems from Cisco UCS Fabric Interconnect is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code with root privileges on the...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ext4: block range must be validated before use in ext4mbclearbb CVE-2022-50021 A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. T...
kernel: perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map()
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in snruncoremmiomap pcigetdevice will increase the reference count for the returned pcidev, so snruncoregetmcdev will return a pcidev with its reference count increased. We need to...
kernel: PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors
In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: Deallocate EPC memory on dwpcieepinit errors If dwpcieepinit fails to perform any action after the EPC memory is initialized and the MSI memory region is allocated, the latter parts won't be undone thus causing a memory...
kernel: perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map()
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in snruncoremmiomap pcigetdevice will increase the reference count for the returned pcidev, so snruncoregetmcdev will return a pcidev with its reference count increased. We need to...
CVE-2023-28089
An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules...
CVE-2023-28089
An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules...
Code injection
An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules...
CVE-2023-28089
CVE-2023-28089 affects HPE OneView appliances. Affected component: the OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules. Root cause details are not provided in the supplied documents. Impact stated: exposure of FTP credentials; CVSS metrics indicate high confidenti...
CVE-2023-28089
An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules...
CVE-2023-28089
An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules...
PT-2023-21548 · Hewlett Packard · Hpe Oneview
Name of the Vulnerable Software and Affected Versions: HPE OneView affected versions not specified Description: The issue concerns an HPE OneView appliance dump that may expose FTP credentials for c7000 Interconnect Modules. Recommendations: At the moment, there is no information about a newer...
Hewlett Packard Enterprise OneView 安全漏洞
Hewlett Packard Enterprise OneView is a software from Hewlett Packard Enterprise that facilitates automated device management for IT departments. A security vulnerability exists in Hewlett Packard Enterprise OneView prior to version 8.2, which stems from a device dump that could expose the FTP...
Fedora: Security Advisory for glusterfs (FEDORA-2023-5a54eea360)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 37 Update: glusterfs-10.4-1.fc37
GlusterFS is a distributed file-system capable of scaling to several petabytes. It aggregates various storage bricks over TCP/IP interconnect into one large parallel network filesystem. GlusterFS is one of the most sophisticated file systems in terms of features and extensibility. It borrows a...
Cisco UCS Fabric Interconnects Command Injection (cisco-sa-nxfp-cmdinj-XXBZjtR)
According to its self-reported version, Cisco Unified Computing System UCS Fabric Interconnect is affected by a command injection vulnerability. Due to insufficient input validation of commands supplied by the user, an authenticated attacker can execute unauthorized commands within the CLI. On...
CVE-2023-20012
A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric Extender FEX when used in UCS Fabric Interconnect deployments could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability is due to the improper implementati...
Authentication flaw
A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric Extender FEX when used in UCS Fabric Interconnect deployments could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability is due to the improper implementati...
SUSE CVE-2011-4347
The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...
SUSE CVE-2013-3495
The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service kernel panic via a malformed Message Signaled Interrupt MSI from a PCI device that is bus mastering capable that triggers a System Error Reporting SERR Non-Maskable Interrupt NMI...