CVE-2026-43486 arm64: contpte: fix set_access_flags() no-op check for SMMU/ATS faults

In the Linux kernel, the following vulnerability has been resolved: arm64: contpte: fix setaccessflags no-op check for SMMU/ATS faults contpteptepsetaccessflags compared the gathered ptepget value against the requested entry to detect no-ops. ptepget ORs AF/dirty from all sub-PTEs in the CONT...

CAPIO: Safe Kernel-Bypass of Commodity Devices Using Capabilities

Securing low-latency I/O in commodity systems forces a fundamental trade-off: rely on the kernel's high overhead mediated interface, or bypass it entirely, exposing sensitive hardware resources to userspace and creating new vulnerabilities. This dilemma stems from a hardware granularity mismatch:...

CVE-2024-43692

The CVE-2024-43692 issue affects Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE (and LX4) where an attacker can directly request a resource sub page to obtain full privileges, effectively bypassing authentication. Affected: MAGLINK LX CONSOLE (versions up to 3.4.2.2.6) and MAGLINK LX4 CONSOL...

PT-2024-30619 · Unknown · Progauge Maglink Lx Console

Name of the Vulnerable Software and Affected Versions: ProGauge MAGLINK LX CONSOLE affected versions not specified Description: An attacker can directly request the ProGauge MAGLINK LX CONSOLE resource sub page with full privileges by requesting the URL directly. Recommendations: At the moment,...

WordPress和WordPress plugin 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

Privilege Escalation

kvm is vulnerable to privilege escalation. The vulnerability exists as a flaw was found in QEMU-KVM, allowing the guest some control over the index used to access the callback array during sub-page MMIO initialization. A privileged guest user could use this flaw to crash the guest denial of servi...

Infovista VistaPortal SE Cross-Site Scripting Vulnerability (CNVD-2019-07233)

Infovista VistaPortal SE is a Web-based application from Infovista USA. A cross-site scripting vulnerability exists in the SubPagePackages.jsp page in Infovista VistaPortal SE version 5.1 build 51029, which can be exploited by a remote attacker to inject arbitrary web script or HTML with the help...

qemu-kvm security update

1.5.3-141.el74.6 - Fix CVE-2017-5715 1.5.3-141.el74.5 - kvm-vfio-pci-Only-mmap-TARGETPAGESIZE-regions.patch bz1515110 - Resolves: bz1515110 Regression in QEMU handling for sub-page MMIO BARs for vfio-pci devices rhel-7.4.z...

kmod, kvm security update

CentOS Errata and Security Advisory CESA-2010:0627 Updated kvm packages that fix three security issues and multiple bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring...

Important: Red Hat Security Advisory: rhev-hypervisor security and bug fix update

Updated rhev-hypervisor packages that fix multiple security issues and two bugs are now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are availabl...

The use of cain to restore the encrypted ftp password-vulnerability warning-the black bar safety net

Author: Lu Yu, source:it168, responsible editor: Han Bo Ying, 2008-04-24 0 9:1 6 Stumbled upon Cain in the penetration process, there is a good use of skills, let's take a look at flashfxp encryption ciphertext, flashfxp connection records stored in the Stats. dat this file. Perhaps you will...

Authentication flaw

The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote attackers to obtain sensitive information by canceling the authentication dialog when accessing a sub-page, which still displays the form field contents of the sub-page, as demonstrated using 1...

CVE-2007-3012

The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote attackers to obtain sensitive information by canceling the authentication dialog when accessing a sub-page, which still displays the form field contents of the sub-page, as demonstrated using 1...

CVE-2007-3012

The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote attackers to obtain sensitive information by canceling the authentication dialog when accessing a sub-page, which still displays the form field contents of the sub-page, as demonstrated using 1...