CVE-2024-22250

Session Hijack vulnerability in Deprecated VMware Enhanced Authentication Plug-in could allow a malicious actor with unprivileged local access to a windows operating system can hijack a privileged EAP session when initiated by a privileged domain user on the same system...

PT-2024-29204 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue allows an untrusted application with access to only a non-secure fastrpc device node to attach to root pd or static PDs if it can make the respective init request. This can...

CVE-2023-34325 Multiple vulnerabilities in libfsimage disk handling

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...

Denial Of Service (DoS)

xen is vulnerable to denial of service. The hypervisor's para-virtualized framebuffer PVFB backend failed to validate the frontend's framebuffer description. This could allow a malicious user to cause a denial of service, or to use a specially crafted frontend to compromise the privileged domain...

Maxthon 5 Browser Has Unauthorized Access Vulnerability

Maxthon is a versatile and personalized multi-tab browser. An unauthorized access vulnerability exists in Maxthon 5 browser, which can be exploited by an attacker to access the privileged domain of the victim's browser...

Firefox 3 1 to 3 4 remote command execution vulnerability analysis-vulnerability warning-the black bar safety net

0x00 Preface Some time ago, the brother in a lot of the browser in the script-level vulnerabilities upgrade for remote command execution, almost daily all over the market on all domestic browser, which has become many people relish topic. Indeed, in today's this underlyingsecuritygrowing...

Lock order reversal between page_alloc_lock and mm_rwlock

ISSUE DESCRIPTION The locks pagealloclock and mmrwlock are not always taken in the same order. This raises the possibility of deadlock. The incorrect order occurs only in the implementation of the deprecated domctl hypercall XENDOMCTLgetmemlist. IMPACT A malicious guest administrator may be able ...

CentOS 5 : xen (CESA-2013:0241)

Updated xen packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

RedHat Update for xen RHSA-2012:1130-01

Check for the Version of xen OpenVAS Vulnerability Test RedHat Update for xen RHSA-2012:1130-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Scientific Linux Security Update : xen on SL5.x i386/x86_64

Note: Troy Dawson has tested this update on a machine hosting both paravirtualized and fully virtualized machines, both 32 bit and 64 bit. He did the update while all the machines were running, none of them had any problems. He also tried stopping, starting, and rebooting several of the machines...