kernel: kvm: device assignment DoS

The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...

kernel: kvm: device assignment DoS

The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...

Apple Patent Links Power Cord To Password Recovery

The filing, 20120005747A1, describes a method for storing a password recover secret on a peripheral device, including a power adapter. The development would, in essence, turn power cords and other peripherals into a second factor that would make it harder for thieves to gain access to devices the...

virt: VT-d (PCI passthrough) MSI trap injection

Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt injection registers."...

kernel: xen: IOMMU fault livelock

Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCIE device to cause a denial of service CPU consumption and host hang via many crafted DMA requests that are denied by the IOMMU, which triggers a livelock...

VT-d (PCI passthrough) MSI trap injection

ISSUE DESCRIPTION Intel VT-d chipsets without interrupt remapping do not prevent a guest which owns a PCI device from using DMA to generate MSI interrupts by writing to the interrupt injection registers. This can be exploited to inject traps and gain control of the host. VULNERABLE SYSTEMS You ar...

HP MFP Digital Sending Software 4.91.0 Local Authentication Bypass

The remote Windows host contains HP MFP Digital Sending Software version 4.91.0. This version is potentially affected by an authentication bypass vulnerability related to device configuration templates. A local attacker, exploiting this flaw, reportedly can gain unauthorized access to functionali...

CVE-2011-0279

HP Multifunction Peripheral MFP Digital Sending Software DSS 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to require authentication...

Authentication flaw

HP Multifunction Peripheral MFP Digital Sending Software DSS 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to require authentication...

CVE-2011-0279

HP Multifunction Peripheral MFP Digital Sending Software DSS 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to require authentication...

HP MFP Digital Sending Software Detection

The remote Windows host contains HP MFP Digital Sending Software, an application that enables an HP Multifunction Peripheral MFP to send scanned documents directly to several types of destinations. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid46675;...

CVE-2010-1558

Unspecified vulnerability in HP Multifunction Peripheral MFP Digital Sending Software before 4.18.3 allows local users to bypass intended restrictions on the MFP "Send to e-mail" feature, and obtain sensitive information, via unknown vectors...

CVE-2010-1558

CVE-2010-1558 affects HP MFP Digital Sending Software for Windows prior to v4.18.3; a local attacker could bypass restrictions on the MFP’s Send to email feature and obtain sensitive information due to an unspecified authentication bypass. The vulnerability is rated CVSS v2 base score 4.7 (AV:L/A...

CVE-2010-1558

Unspecified vulnerability in HP Multifunction Peripheral MFP Digital Sending Software before 4.18.3 allows local users to bypass intended restrictions on the MFP "Send to e-mail" feature, and obtain sensitive information, via unknown vectors...

Debian Security Advisory DSA 1580-1 (phpgedview)

The remote host is missing an update to phpgedview announced via advisory DSA 1580-1. OpenVAS Vulnerability Test $Id: deb15801.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1580-1 phpgedview Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian DSA-1580-1 : phpgedview - programming error

It was discovered that phpGedView, an application to provide online access to genealogical data, allowed remote attackers to gain administrator privileges due to a programming error. Note: this problem was a fundamental design flaw in the interface API to connect phpGedView with external programs...