6330 matches found
[SECURITY] Fedora 23 Update: qemu-2.4.0-2.fc23
QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...
Debian DSA-3348-1 : qemu - security update
Several vulnerabilities were discovered in qemu, a fast processor emulator. - CVE-2015-3214 Matt Tait of Google's Project Zero security team discovered a flaw in the QEMU i8254 PIT emulation. A privileged guest user in a guest with QEMU PIT emulation enabled could potentially use this flaw to...
Debian Security Advisory DSA 3348-1 (qemu - security update)
Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2015-3214 Matt Tait of Google OpenVAS Vulnerability Test $Id: deb3348.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3348-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks...
[SECURITY] Fedora 21 Update: qemu-2.1.3-9.fc21
QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...
CVE-2015-6272
Cisco IOS XE 2.1.0 through 2.2.3 and 2.3.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service Embedded Services Processor crash via a crafted H.323 packet, aka Bug ID CSCsx35393, CSCsx07094, and CSCsw93064...
CVE-2015-6271
Cisco IOS XE 2.1.0 through 2.4.3 and 2.5.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service Embedded Services Processor crash via a crafted SIP packet, aka Bug IDs CSCta74749 and CSCta77008...
CVE-2015-6269
Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service Embedded Services Processor crash via a crafted 1 IPv4 or 2 IPv6 packet, aka Bug ID CSCsw69990...
Code injection
Cisco IOS XE 2.1.0 through 2.2.3 and 2.3.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service Embedded Services Processor crash via a crafted H.323 packet, aka Bug ID CSCsx35393, CSCsx07094, and CSCsw93064...
Design/Logic Flaw
Cisco IOS XE 2.1.0 through 2.4.3 and 2.5.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service Embedded Services Processor crash via a crafted SIP packet, aka Bug IDs CSCta74749 and CSCta77008...
CVE-2015-6272
Cisco IOS XE 2.1.0 through 2.2.3 and 2.3.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service Embedded Services Processor crash via a crafted H.323 packet, aka Bug ID CSCsx35393, CSCsx07094, and CSCsw93064...
CVE-2015-6752
Cross-site scripting XSS vulnerability in the Search API Autocomplete module 7.x-1.x before 7.x-1.3 for Drupal, when the search index is configured to use the HTML filter processor, allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified...
Cross site scripting
Cross-site scripting XSS vulnerability in the Search API Autocomplete module 7.x-1.x before 7.x-1.3 for Drupal, when the search index is configured to use the HTML filter processor, allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified...
Code injection
Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automatic setup of Virtual Fragment Reassembly VFR by certain firewall and NAT components, which allows remote attackers to cause a denial of service Embedded Services Processor crash via crafted IP packets, aka Bug IDs CSCtf87624,...
Cisco ASR 1000 Series Router IP Message Handling Denial of Service Vulnerability
The Cisco ASR1000 Series Aggregation Services Routers provide a WAN edge solution that integrates information, communication, collaboration, and commerce. The Cisco ASR 1000 Series Router has a security vulnerability in the processing of IP v4 and IPv6 messages that allows a remote attacker to...
Cisco ASR 1000 Series Router UDP Message Processing Denial of Service Vulnerability
The Cisco ASR1000 Series Aggregation Services Routers provide a WAN edge solution that integrates information, communication, collaboration, and commerce. A security vulnerability in the Cisco ASR 1000 Series Router's processing of UDP messages allows remote attackers to exploit the vulnerability...
[SECURITY] Fedora 22 Update: qemu-2.3.1-1.fc22
QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...
Linux Kernel (x86) - Memory Sinkhole Privilege Escalation
; memory sinkhole proof of concept ; hijack ring -2 execution through the apic overlay attack. ; deployed in ring 0 ; the SMBASE register of the core under attack TARGETSMBASE equ 0x1f5ef800 ; the location of the attack GDT. ; this is determined by which register will be read out of the APIC ; fo...
Linux/x86 Memory Sinkhole Proof Of Concept
; memory sinkhole proof of concept ; hijack ring -2 execution through the apic overlay attack. ; deployed in ring 0 ; the SMBASE register of the core under attack TARGETSMBASE equ 0x1f5ef800 ; the location of the attack GDT. ; this is determined by which register will be read out of the APIC ; fo...
Linux Kernel (x86) - Memory Sinkhole Privilege Escalation
Linux Kernel x86 - Memory Sinkhole Privilege Escalation ; memory sinkhole proof of concept ; hijack ring -2 execution through the apic overlay attack. ; deployed in ring 0 ; the SMBASE register of the core under attack TARGETSMBASE equ 0x1f5ef800 ; the location of the attack GDT. ; this is...
libreoffice: HWP file filter vulnerability
A flaw was found in the way the LibreOffice HWP Hangul Word Processor file filter processed certain HWP documents. An attacker able to trick a user into opening a specially crafted HWP document could possibly use this flaw to execute arbitrary code with the privileges of the user opening that...