893 matches found
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2020-4276)
Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...
Xen Denial of Service Vulnerability (XSA-304)
According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service vulnerability due to an incorrect fix for CVE-2017-15595 which incorrectly drops some linearptentry counts. A local, attacker could exploit this issue, by making loops...
CVE-2013-2213
The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the generator output...
SUSE SLES12 Security Update : xen (SUSE-SU-2020:0334-1)
This update for xen fixes the following issues : CVE-2020-7211: potential directory traversal using relative paths via tftp server on Windows host bsc1161181. CVE-2019-19579: Device quarantine for alternate pci assignment methods bsc1157888. CVE-2019-19581: findnextbit issues bsc1158003...
Linear eMerge Command Injection (CVE-2019-7256)
A command injection vulnerability exists in Linear eMerge E3-series devices. Successful exploitation of this vulnerability would allow remote attackers to execute arbitrary commands on the affected system...
VulnCheck KEV: CVE-2019-7256
Nice Linear eMerge E3-Series contains an OS command injection vulnerability that allows an attacker to conduct remote code execution...
CVE-2019-20090
An issue was discovered in Bento4 1.5.1.0. There is a use-after-free in AP4Sample::GetOffset in Core/Ap4Sample.h when called from Ap4LinearReader.cpp...
Xen Denial of Service Vulnerability (CNVD-2020-07292)
Xen is an open source virtual machine monitor product. A denial of service vulnerability exists in Xen 4.12. and earlier versions. An attacker can exploit this vulnerability to cause a denial of service via a concatenated chain of linear page tables...
DEBIAN-CVE-2019-19578
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to...
ALPINE-CVE-2019-19578
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to...
CVE-2019-19578
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to...
CVE-2019-19578
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to...
CVE-2019-19578
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to...
UBUNTU-CVE-2019-19578
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to...
CVE-2019-19578
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to...
CVE-2019-19578
CVE-2019-19578 affects the Xen hypervisor on x86 with PV guests that use linear pagetables. The issue stems from an incorrect reset of the linear-pagetable counters during validation, enabling degenerate chains of linear pagetables that can form loops. Exploitation could lead to host Denial of Se...
CVE-2019-19578
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to...
Linear pagetable use / entry miscounts
ISSUE DESCRIPTION "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to another pagetable of the same or higher level. Xen has limited support for linear pagetables: A page may either point to itself, or point to another pagetable of the same level i.e., L...
Linear eMerge E3 1.00-06 - Remote Code Execution
Title: Linear eMerge E3 1.00-06 - Remote Code Execution Author: LiquidWorm Date: 2019-11-13 Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Affected version: =2.3.0a Advisory:...
Linear eMerge E3 1.00-06 - Remote Code Execution Exploit
Exploit for hardware platform in category web applications Title: Linear eMerge E3 1.00-06 - Remote Code Execution Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Affected version: =2.3.0a Advisor...