Lucene search
K

204 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:6 a.m.3 views

SUSE CVE-2019-19579

An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device and assignable-add is not used, because of an incomplete fix for CVE-2019-18424. XSA-302 relies on the use of libxl's...

6.9CVSS6.2AI score0.00451EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.4 views

SUSE CVE-2021-3308

An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors...

5.9CVSS6.7AI score0.00417EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2022/12/15 12:0 a.m.4 views

PT-2024-11781 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a null pointer dereference in the cxl/region component of the Linux kernel. This occurs when the cxl region decode reset function is called, and the -reset...

5.5CVSS6.4AI score0.00205EPSS
Exploits0References18
CNNVD
CNNVD
added 2022/11/14 12:0 a.m.6 views

IBM MQ Internet Pass-Thru 日志日志信息泄露漏洞

IBM MQ Internet Pass-Thru is an International Business Machines IBM product for supporting the implementation of messaging between remote sites on the Internet. The product is an extended functionality component of IBM MQ that serves as a protocol channel or proxy for establishing protocols durin...

5.5CVSS5.8AI score0.00171EPSS
Exploits0References5
CNVD
CNVD
added 2022/08/30 12:0 a.m.20 views

Tenda AC1206 Buffer Overflow Vulnerability (CNVD-2022-78498)

Tenda AC1206 is a wireless pass-through gigabit router from Tenda, China.Tenda AC1206 version V15.03.06.23 is vulnerable to a buffer overflow vulnerability caused by improper boundary checking of the formSetQosBand function. An attacker could exploit this vulnerability to overflow the buffer and...

9.8CVSS6.5AI score0.01013EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2022/05/10 1:58 p.m.3 views

kernel: iommu/amd: Fix I/O page table memory leak

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix I/O page table memory leak The current logic updates the I/O page table mode for the domain before calling the logic to free memory used for the page table. This results in IOMMU page table memory leak, and can be...

5.5CVSS6.3AI score0.0021EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/01 5:46 p.m.29 views

DotNetNuke Vulnerable to XSS in Pass-Through Values

Cross-site scripting XSS vulnerability in the IFrame module before 03.02.01 for DotNetNuke DNN, caused by improper validation of user-supplied input by an unspecified script. Pass through values were not getting filtered, leaving them vulnerable to XSS. A remote attacker could exploit this...

6.8CVSS6.5AI score0.01182EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/05/01 5:46 p.m.24 views

GHSA-XR96-7CCP-PG5C DotNetNuke Vulnerable to XSS in Pass-Through Values

Cross-site scripting XSS vulnerability in the IFrame module before 03.02.01 for DotNetNuke DNN, caused by improper validation of user-supplied input by an unspecified script. Pass through values were not getting filtered, leaving them vulnerable to XSS. A remote attacker could exploit this...

6.8CVSS5.9AI score0.01182EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/02/14 12:0 a.m.12 views

PT-2022-7617 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fix Description: The issue is related to a memory leak in the IOMMU page table, which can be observed when launching VM with pass-through devices. This is due to the current logic updating the I/O page table...

9.8CVSS6.5AI score0.06846EPSS
Exploits27References1807
Microsoft KB
Microsoft KB
added 2022/02/08 8:0 a.m.63 views

February 8, 2022—KB5010422 (Security-only update)

February 8, 2022—KB5010422 Security-only update Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. IMPORTANT Windows 7, Windows Server 2008 R2, Windows Embedded Standard 7, and Windows Embedded POS Ready 7 have reached the...

7.8CVSS7.8AI score0.41683EPSS
Exploits4
Microsoft CVE
Microsoft CVE
added 2021/12/17 8:0 a.m.4 views

HTML Cleaner allows crafted and SVG embedded scripts to pass through

...

8.2CVSS8.4AI score0.02456EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2021/06/16 12:0 a.m.103 views

Security update for ucode-intel (important)

openSUSE Security Update: Security update for ucode-intel Announcement ID: openSUSE-SU-2021:0876-1 Rating: important References: 1179833 1179836 1179837 1179839 Cross-References: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 CVSS scores: CVE-2020-24489 SUSE: 8.8...

8.8CVSS6.7AI score0.00472EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2021/06/08 8:45 p.m.117 views

Lewd Phishing Lures Aimed at Business Explode

Attackers have amped up their use of X-rated phishing lures in business email compromise BEC attacks. A new report found a stunning 974-percent spike in social-engineering scams involving suggestive materials, usually aimed at male-sounding names within a company. The Threat Intelligence team wit...

6.8AI score
Exploits0References3
Veracode
Veracode
added 2021/04/29 12:58 p.m.29 views

Denial Of Service (DoS)

xen is vulnerable to denial of service. A domain with a passed through PCI device can cause lockup of a physical CPU, resulting in a Denial of Service DoS to the entire host...

6.2CVSS2.6AI score0.0036EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/04/29 12:0 a.m.26 views

Xen IRQ Vector Leak DoS (XSA-360)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service DoS vulnerability. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X...

5.5CVSS5.7AI score0.00417EPSS
Exploits0References2
Veracode
Veracode
added 2021/02/28 5:29 p.m.18 views

Denial Of Service (DoS)

Xen is vulnerable to Denial of Service DoS. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors used by the MSI-X entries that the...

5.5CVSS2.7AI score0.00417EPSS
Exploits0References8Affected Software1
Citrix
Citrix
added 2021/02/18 12:0 a.m.10 views

Troubleshooting Citrix Pass-Through Authentication

This article outlines workarounds and resolutions to specific Citrix pass-through authentication issues. Common Pass-Through Authentication Issues and Inquiries Refer to the following links for information on common pass-through authentication issues and inquiries: Citrix Docs - Enabling...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.27 views

Fedora 32 : xen (2021-16c9c40d4d)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-16c9c40d4d advisory. - An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the...

5.5CVSS5.7AI score0.00417EPSS
Exploits0References2
NVD
NVD
added 2021/01/26 8:15 p.m.23 views

CVE-2021-3308

An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors...

5.5CVSS5.7AI score0.00417EPSS
Exploits0References4
OSV
OSV
added 2021/01/26 8:15 p.m.24 views

CVE-2021-3308

An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors...

5.5CVSS6.5AI score
Exploits0References4
Rows per page
Query Builder