Lucene search
K

864 matches found

CNVD
CNVD
added 2015/06/04 12:0 a.m.4 views

Xen Denial of Service Vulnerability (CNVD-2015-03572)

Xen is an open source virtual machine monitor. Xen versions 3.3.x-4.5.x, fail to properly restrict access to the PCI MSI mask bit, which can be exploited by native x86 HVM clients to cause a denial of service unexpected outage and host crash...

7.8CVSS6.5AI score0.03427EPSS
Exploits0References1
OSV
OSV
added 2015/06/03 12:0 a.m.3 views

UBUNTU-CVE-2015-4104

Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service unexpected interrupt and host crash via unspecified vectors...

7.8CVSS7.3AI score0.03427EPSS
Exploits0References4
OSV
OSV
added 2015/04/01 2:59 p.m.1 views

DEBIAN-CVE-2015-2752

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

4.9CVSS8.1AI score0.00453EPSS
Exploits0References1
n0where
n0where
added 2015/02/05 11:56 p.m.23 views

OWASP SSL audit: O-Saft

O-Saft is an easy to use tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations. It’s designed to be used by penetration testers, security auditors or server administrators. The idea is to show the important...

0.3AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/04/18 12:0 a.m.41 views

JVN#13313061: TOSHIBA TEC e-Studio series vulnerable to cross-site request forgery

e-Studio provided by TOSHIBA TEC CORPORATION is a multi-function peripheral MFP. Multiple e-Studio series products contain a vulnerability in web-based management utility, which may result in a cross-site request forgery. Impact If the administrator views a malicious page while logged into the...

6.8CVSS6.5AI score0.01148EPSS
Exploits0
OSV
OSV
added 2013/02/12 12:0 a.m.6 views

UBUNTU-CVE-2013-0231

The pcibackenablemsi function in the PCI backend driver drivers/xen/pciback/confspacecapabilitymsi.c in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are...

4.9CVSS6.8AI score0.0044EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2012/06/26 6:32 p.m.5 views

kernel: kvm: device assignment DoS

The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...

4CVSS5.8AI score0.00367EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/04/05 12:0 a.m.32 views

JVN#92830293: TOSHIBA TEC e-Studio series vulnerable to authentication bypass

e-Studio is a multi-function peripheral MFP. Multiple e-Studio series products contain a vulnerability in web-based management utility, which may result in an authentication bypass. Impact An attacker that can access the product may log in with administrative privileges. As a result, settings may...

10CVSS6.5AI score0.04725EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2012/03/06 6:34 p.m.4 views

kernel: kvm: device assignment DoS

The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...

4CVSS5.8AI score0.00367EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/02/21 2:20 a.m.6 views

kernel: kvm: device assignment DoS

The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...

4CVSS5.8AI score0.00367EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2012/01/06 6:25 p.m.10 views

Apple Patent Links Power Cord To Password Recovery

The filing, 20120005747A1, describes a method for storing a password recover secret on a peripheral device, including a power adapter. The development would, in essence, turn power cords and other peripherals into a second factor that would make it harder for thieves to gain access to devices the...

1.4AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2011/11/29 2:22 p.m.7 views

virt: VT-d (PCI passthrough) MSI trap injection

Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt injection registers."...

7.4CVSS7.4AI score0.00852EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2011/10/20 5:20 p.m.8 views

kernel: xen: IOMMU fault livelock

Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCIE device to cause a denial of service CPU consumption and host hang via many crafted DMA requests that are denied by the IOMMU, which triggers a livelock...

4.6CVSS5.8AI score0.0044EPSS
Exploits1References4
Xen Project
Xen Project
added 2011/05/12 11:48 a.m.12 views

VT-d (PCI passthrough) MSI trap injection

ISSUE DESCRIPTION Intel VT-d chipsets without interrupt remapping do not prevent a guest which owns a PCI device from using DMA to generate MSI interrupts by writing to the interrupt injection registers. This can be exploited to inject traps and gain control of the host. VULNERABLE SYSTEMS You ar...

7.4CVSS7.2AI score0.00852EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2011/03/10 12:0 a.m.42 views

HP MFP Digital Sending Software 4.91.0 Local Authentication Bypass

The remote Windows host contains HP MFP Digital Sending Software version 4.91.0. This version is potentially affected by an authentication bypass vulnerability related to device configuration templates. A local attacker, exploiting this flaw, reportedly can gain unauthorized access to functionali...

2.1CVSS5.6AI score0.00582EPSS
Exploits0References3
NVD
NVD
added 2011/03/07 9:0 p.m.16 views

CVE-2011-0279

HP Multifunction Peripheral MFP Digital Sending Software DSS 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to require authentication...

2.1CVSS6.8AI score0.00582EPSS
Exploits0References6
Prion
Prion
added 2011/03/07 9:0 p.m.19 views

Authentication flaw

HP Multifunction Peripheral MFP Digital Sending Software DSS 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to require authentication...

2.1CVSS7.3AI score0.00582EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2011/03/07 8:0 p.m.28 views

CVE-2011-0279

HP Multifunction Peripheral MFP Digital Sending Software DSS 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to require authentication...

6.8AI score0.00582EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2010/05/19 12:0 a.m.20 views

HP MFP Digital Sending Software Detection

The remote Windows host contains HP MFP Digital Sending Software, an application that enables an HP Multifunction Peripheral MFP to send scanned documents directly to several types of destinations. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid46675;...

5.5AI score
Exploits0References1
NVD
NVD
added 2010/05/14 7:30 p.m.17 views

CVE-2010-1558

Unspecified vulnerability in HP Multifunction Peripheral MFP Digital Sending Software before 4.18.3 allows local users to bypass intended restrictions on the MFP "Send to e-mail" feature, and obtain sensitive information, via unknown vectors...

4.7CVSS6AI score0.00469EPSS
Exploits0References4
Rows per page
Query Builder