754 matches found
The vulnerability of the VFIO PCI kernel driver for Linux operating systems, related to insufficient handling of exceptional conditions, allows a hacker to trigger a service failure.
The vulnerability of the VFIO PCI kernel driver in the Linux operating system is related to insufficient handling of exceptional conditions. Exploiting this vulnerability can allow an attacker to cause a service failure...
Moderate: Red Hat Security Advisory: Red Hat AMQ Interconnect 1.9.0 release and security update
Red Hat AMQ Interconnect 1.9.0 release packages are available for A-MQ Interconnect on RHEL 6, 7, and 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer.
...
UBUNTU-CVE-2020-25742
pcichangeirqlevel in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pcigetbus might not return a valid pointer...
DEBIAN-CVE-2020-25595
An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't ...
ALPINE-CVE-2020-25595
An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't ...
UBUNTU-CVE-2020-25595
An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't ...
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
...
Logic flaw vulnerability in Bee.com Internet Enterprise Router
Founded in October 2016, Chengdu ZhiBee.com Technology Limited Liability Company is an emerging high-tech company integrating research and development, production and sales. A logic flaw vulnerability exists in the BeeNet Interconnect Enterprise Router, which can be exploited by attackers to obta...
PT-2020-5392 · Linux +6 · Linux Kernel +6
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.6.13 Description: The issue is related to the VFIO PCI driver in the Linux kernel, which mishandles attempts to access disabled memory space. This can be exploited to cause a denial of service. Recommendations:...
Cisco Unified Computing System Fabric Interconnect Root Privilege Escalation (cisco-sa-20190828-ucs-privescalation)
According to its self-reported version, Cisco NX-OS Software on Cisco Unified Computing System Fabric Interconnects is affected by a vulnerability in a specific CLI command within the local management local-mgmt context due to extraneous subcommand options. An authenticated, local attacker can...
UBUNTU-CVE-2019-18806
A memory leak in the qlalloclargebuffers function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel before 5.3.5 allows local users to cause a denial of service memory consumption by triggering pcidmamappingerror failures, aka CID-1acb8f2a7a9f...
CVE-2019-1966
A vulnerability in a specific CLI command within the local management local-mgmt context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand...
CVE-2019-1966
A vulnerability in a specific CLI command within the local management local-mgmt context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand...
Command injection
A vulnerability in a specific CLI command within the local management local-mgmt context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand...
CVE-2019-1966
Cisco UCS Fabric Interconnect vulnerability (CVE-2019-1966) allows local privilege escalation via the local-mgmt CLI. The issue arises from extraneous subcommand options on a specific command, enabling an authenticated, local attacker with valid credentials to execute arbitrary OS commands as roo...
CVE-2019-1966 Cisco Unified Computing System Fabric Interconnect root Privilege Escalation Vulnerability
A vulnerability in a specific CLI command within the local management local-mgmt context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand...
CVE-2019-1966 Cisco Unified Computing System Fabric Interconnect root Privilege Escalation Vulnerability
A vulnerability in a specific CLI command within the local management local-mgmt context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand...
Critical Cisco VM Bug Allows Remote Takeover of Routers
A critical remote authentication-bypass vulnerability – with the highest possible severity level of 10 out of 10 on the CvSS scale – has been found in the Cisco REST API virtual service container for Cisco IOS XE Software. The bug CVE-2019-12643 affects the following hardware if running the REST...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review t...