Lucene search
K

5122 matches found

OSV
OSV
added 2017/10/18 8:29 a.m.2 views

UBUNTU-CVE-2017-15590

An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service hypervisor crash or possibly gain privileges because MSI mapping was mishandled...

8.8CVSS7.3AI score0.0041EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/10/18 8:0 a.m.24 views

CVE-2017-15590

An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service hypervisor crash or possibly gain privileges because MSI mapping was mishandled...

7AI score0.0041EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2017/10/18 8:0 a.m.36 views

CVE-2017-15590

An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service hypervisor crash or possibly gain privileges because MSI mapping was mishandled...

8.8CVSS8.1AI score0.0041EPSS
Exploits0
OSV
OSV
added 2017/10/16 1:29 a.m.2 views

CVE-2017-15302

In CPUID CPU-Z through 1.81, there are improper access rights to a kernel-mode driver e.g., cpuz143x64.sys for version 1.43 that can result in information disclosure or elevation of privileges, because of an arbitrary read of any physical address via ioctl 0x9C402604. Any application running on t...

7.8CVSS5.9AI score0.00379EPSS
Exploits0References1
Xen Project
Xen Project
added 2017/10/12 12:0 p.m.522 views

multiple MSI mapping issues on x86

ISSUE DESCRIPTION Multiple issues exist with the setup of PCI MSI interrupts: - unprivileged guests were permitted access to devices not owned by them, in particular allowing them to disable MSI or MSI-X on any device - HVM guests can trigger a codepath intended only for PV guests - some failure...

8.8CVSS0.7AI score0.0041EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/10/11 11:37 a.m.55 views

USN-3448-1: OpenStack Keystone vulnerability

Boris Bobrov discovered that OpenStack Keystone incorrectly handled federation mapping when there are rules in which group-based assignments are not used. A remote authenticated user may receive all the roles assigned to a project regardless of the federation mapping, contrary to expectations...

7.2CVSS6.8AI score0.02106EPSS
Exploits1
OSV
OSV
added 2017/10/11 11:37 a.m.4 views

USN-3448-1 keystone vulnerability

Boris Bobrov discovered that OpenStack Keystone incorrectly handled federation mapping when there are rules in which group-based assignments are not used. A remote authenticated user may receive all the roles assigned to a project regardless of the federation mapping, contrary to expectations...

7.2CVSS6.9AI score0.02106EPSS
Exploits1References2
OSV
OSV
added 2017/10/05 1:29 a.m.7 views

CVE-2017-1000253

Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 committed on April 14, 2015. This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 backported to Linux 3.10.7...

7.8CVSS7.4AI score0.10695EPSS
Exploits5References14
Imperva Blog
Imperva Blog
added 2017/10/03 3:30 p.m.40 views

Professional Services for GDPR Compliance

The GDPR effective date is less than seven months away and the stakes are high. GDPR non-compliance penalties have the potential to be quite significant up to 79 times higher than existing guidelines, and GDPR applies to any organization of any size that collects or processes personal data...

6.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2017/09/19 11:44 a.m.64 views

Apple's FaceID

This is a good interview with Apple's SVP of Software Engineering about FaceID. Honestly, I don't know what to think. I am confident that Apple is not collecting a photo database, but not optimistic that it can't be hacked with fake faces. I dislike the fact that the police can point the phone at...

6.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/09/13 12:0 a.m.26 views

openSUSE Security Update : postgresql94 (openSUSE-2017-1020)

This update for postgresql94 fixes the following issues : - CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684 -...

9.8CVSS7.1AI score0.61566EPSS
Exploits0References6
NVD
NVD
added 2017/09/12 3:29 p.m.24 views

CVE-2017-14319

A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...

8.8CVSS8.6AI score0.0041EPSS
Exploits0References6
Prion
Prion
added 2017/09/12 3:29 p.m.23 views

Code injection

A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...

7.2CVSS8.4AI score0.0041EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2017/09/12 3:29 p.m.30 views

CVE-2017-14319

A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...

8.8CVSS7AI score0.0041EPSS
Exploits0References2
OSV
OSV
added 2017/09/12 3:29 p.m.3 views

ALPINE-CVE-2017-14319

A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...

8.8CVSS6.7AI score0.0041EPSS
Exploits0References1
OSV
OSV
added 2017/09/12 3:29 p.m.1 views

DEBIAN-CVE-2017-14319

A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...

8.8CVSS8.6AI score0.0041EPSS
Exploits0References1
OSV
OSV
added 2017/09/12 3:29 p.m.30 views

CVE-2017-14319

A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...

8.8CVSS6.5AI score
Exploits0References6
Cvelist
Cvelist
added 2017/09/12 3:0 p.m.19 views

CVE-2017-14319

A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...

6.8AI score0.0041EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2017/09/12 3:0 p.m.28 views

CVE-2017-14319

A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...

8.8CVSS3.1AI score0.0041EPSS
Exploits0
Xen Project
Xen Project
added 2017/09/12 12:0 p.m.525 views

insufficient grant unmapping checks for x86 PV guests

ISSUE DESCRIPTION When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence of the mapping nor page writability were...

8.8CVSS0.6AI score0.0041EPSS
Exploits0Affected Software1
Rows per page
Query Builder