17 matches found
CVE-2020-35710
Parallels Remote Application Server RAS 18 allows remote attackers to discover an intranet IP address because submission of the login form even with blank credentials provides this address to the attacker's client for use as a "host" value. In other words, after an attacker's web browser sent a...
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2020-045)
According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - hw: Special Register Buffer Data Sampling SRBDS. Note that Tenable Network Security has extracted the...
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2020-037)
According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause...
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2020-011)
According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - Kernel: KVM: OOB memory access via mmio ring buffer. This issue is not critical for Virtuozzo 6.0, as it do...
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2019-089)
According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - hw: Machine Check Error on Page Size Change IFU - hw: Intel GPU blitter manipulation can allow for...
Virtuozzo 6 : parallels-server-bm-release / etc (VZA-2018-017)
According to the versions of the parallels-server-bm-release / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - In the Linux kernel through 4.14.13, the rdsmessageallocsgs function does not validate a value that is used during...
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2018-002)
According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the...
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-114)
According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - dccpdisconnect set the socket state to DCCPCLOSED but did not properly free some of the resources...
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-107)
According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - A use-after-free vulnerability was found when issuing an ioctl to a sound device. This could allow a user t...
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-090)
According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built...
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-085)
According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - Kernel crash due to missing error handling for negatively instantiated keys. - A stack buffer overflow...
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-061)
According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - An updated fix for CVE-2017-1000364 kernel: heap/stack gap jumping via unbounded stack allocations. The fix...
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-037)
According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for t...
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-031)
According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - It was found that keyctlsetreqkeykeyring function leaked thread keyring which could allow an unprivileged...
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-009)
According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - Possible crash in memcpyfromiovecend triggered from inside container. - Improved isolation for neighbor...
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-019)
According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - A flaw was discovered in the Linux kernel's key subsystem. Invoking the requestkey system call with a...
Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-001)
According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - Fixed handling of stored error in a negatively instantiated user key. Key management subsystems could be...