Lucene search
K

5119 matches found

RedHat Linux
RedHat Linux
added 2015/04/07 3:8 p.m.3 views

kernel: integer overflow in fb_mmap

An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file /dev/fb could possibly use this flaw to escalate their privileges on the system...

7.8CVSS6.2AI score0.03373EPSS
Exploits1References5
myhack58
myhack58
added 2015/04/02 12:0 a.m.22 views

SpringMVC in the XXE vulnerability testing-vulnerability warning-the black bar safety net

SpringMVC framework support for XML to Object mapping, the interior is the use of two global interface Marshaller and Unmarshaller, one implementation is to use the Jaxb2Marshaller class implementation, the class nature implements two global interfaces for XML and Object bi-directional parsing. A...

0.2AI score
Exploits0
CNVD
CNVD
added 2015/04/02 12:0 a.m.4 views

Xen XEN_DOMCTL_memory_mapping hypercall local denial of service vulnerability

Xen is a virtualization technology for the Linux kernel that allows multiple operating systems to run simultaneously. A security vulnerability in Xen XENDOMCTLmemorymapping hypercall allows local X86 HVM domain users to conduct denial-of-service attacks via special device model requests when usin...

4.9CVSS6.1AI score0.00453EPSS
Exploits0References1
NVD
NVD
added 2015/04/01 2:59 p.m.17 views

CVE-2015-2752

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

4.9CVSS7.9AI score0.00453EPSS
Exploits0References9
OSV
OSV
added 2015/04/01 2:59 p.m.6 views

CVE-2015-2752

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

8.6AI score
Exploits0References10
OSV
OSV
added 2015/04/01 2:59 p.m.1 views

DEBIAN-CVE-2015-2752

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

4.9CVSS8.1AI score0.00453EPSS
Exploits0References1
OSV
OSV
added 2015/04/01 2:59 p.m.1 views

UBUNTU-CVE-2015-2752

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

4.9CVSS7.2AI score0.00453EPSS
Exploits0References3
Prion
Prion
added 2015/04/01 2:59 p.m.26 views

Cross site request forgery (csrf)

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

4.9CVSS6.4AI score0.00453EPSS
Exploits0References9Affected Software2
Cvelist
Cvelist
added 2015/04/01 2:0 p.m.32 views

CVE-2015-2752

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

5.4AI score0.00453EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2015/04/01 2:0 p.m.28 views

CVE-2015-2752

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

4.9CVSS5.8AI score0.00453EPSS
Exploits0
Xen Project
Xen Project
added 2015/03/31 12:0 p.m.78 views

Long latency MMIO mapping operations are not preemptible

ISSUE DESCRIPTION The XENDOMCTLmemorymapping hypercall allows long running operations without implementing preemption. This hypercall is used by the device model as part of the emulation associated with configuration of PCI devices passed through to HVM guests and is therefore indirectly exposed ...

4.9CVSS6.4AI score0.00453EPSS
Exploits0Affected Software1
FreeBSD
FreeBSD
added 2015/03/31 12:0 a.m.30 views

xen-kernel and xen-tools -- Long latency MMIO mapping operations are not preemptible

The Xen Project reports: The XENDOMCTLmemorymapping hypercall allows long running operations without implementing preemption. This hypercall is used by the device model as part of the emulation associated with configuration of PCI devices passed through to HVM guests and is therefore indirectly...

4.9CVSS6.6AI score0.00453EPSS
Exploits0References1
Fedora
Fedora
added 2015/03/19 6:42 p.m.28 views

[SECURITY] Fedora 20 Update: mapserver-6.2.2-1.fc20

Mapserver is an internet mapping program that converts GIS data to map images in real time. With appropriate interface pages, Mapserver can provide an interactive internet map based on custom GIS data...

6.8CVSS2.9AI score0.0222EPSS
Exploits1
Fedora
Fedora
added 2015/03/19 6:39 p.m.48 views

[SECURITY] Fedora 21 Update: mapserver-6.2.2-1.fc21

Mapserver is an internet mapping program that converts GIS data to map images in real time. With appropriate interface pages, Mapserver can provide an interactive internet map based on custom GIS data...

6.8CVSS2.9AI score0.0222EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2015/03/17 2:39 p.m.3 views

kernel: integer overflow in fb_mmap

An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file /dev/fb could possibly use this flaw to escalate their privileges on the system...

7.8CVSS6.2AI score0.03373EPSS
Exploits1References5
OSV
OSV
added 2015/03/16 10:59 a.m.2 views

DEBIAN-CVE-2015-1593

The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related ...

5CVSS7.5AI score0.03742EPSS
Exploits1References1
Veeam
Veeam
added 2015/03/13 12:0 a.m.12 views

How to Clone a Job and Map Existing Backups to Clone

Feature License Requirement Consider the following: Starting in Veeam Backup & Replication 12.1 build 12.1.0.2131 , the job cloning functionality is available for all types of licenses. Prior to Veeam Backup & Replication 12.1 build 12.1.0.2131 , the job cloning functionality required an Enterpri...

7AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/03/13 12:0 a.m.251 views

CentOS 6 : kernel (CESA-2015:0674)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

7.8CVSS6.1AI score0.05489EPSS
Exploits4References5
RedHat Linux
RedHat Linux
added 2015/03/11 3:27 p.m.76 views

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

7.8CVSS6.5AI score0.05489EPSS
Exploits4References5
RedHat Linux
RedHat Linux
added 2015/03/11 3:27 p.m.3 views

kernel: kvm: excessive pages un-pinning in kvm_iommu_map error path

It was found that the fix for CVE-2014-3601 was incomplete: the Linux kernel's kvmiommumappages function still handled IOMMU mapping failures incorrectly. A privileged user in a guest with an assigned host device could use this flaw to crash the host...

7.8CVSS6.6AI score0.01168EPSS
Exploits2References4
Rows per page
Query Builder