CVE-2020-11246

CVE-2020-11246 describes a double-free condition that can occur when a Snapdragon device enters suspend mode during secure playback across Snapdragon Auto, Compute, Connectivity, and various Snapdragon product lines (Mobile, IoT variants). The root cause is a double-free in the secure playback pa...

CVE-2020-11246

A double free condition can occur when the device moves to suspend mode during secure playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...

libvirt: Potential DoS by holding a monitor job while querying QEMU guest-agent

A flaw was found in the way the libvirtd daemon issued the 'suspend' command to a QEMU guest-agent running inside a guest, where it holds a monitor job while issuing the 'suspend' command to a guest-agent. A malicious guest-agent may use this flaw to block the libvirt daemon indefinitely, resulti...

libvirt: Potential DoS by holding a monitor job while querying QEMU guest-agent

A flaw was found in the way the libvirtd daemon issued the 'suspend' command to a QEMU guest-agent running inside a guest, where it holds a monitor job while issuing the 'suspend' command to a guest-agent. A malicious guest-agent may use this flaw to block the libvirt daemon indefinitely, resulti...

Updated libvirt packages fix security vulnerability

Updated libvirt packages fix security vulnerability: A flaw was found in the way the libvirtd daemon issued the 'suspend' command to a QEMU guest-agent running inside a guest, where it holds a monitor job while issuing the 'suspend' command to a guest-agent. A malicious guest-agent may use this...

RHEL 8 : kernel (RHSA-2020:2102)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2102 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: Kernel: NetLabel: null pointer...

libvirt: Potential DoS by holding a monitor job while querying QEMU guest-agent

A flaw was found in the way the libvirtd daemon issued the 'suspend' command to a QEMU guest-agent running inside a guest, where it holds a monitor job while issuing the 'suspend' command to a guest-agent. A malicious guest-agent may use this flaw to block the libvirt daemon indefinitely, resulti...

CVE-2020-8834

A flaw was found in the way the KVM hypervisor on the Power8 processor stores the r1 register state in the 'HSTATEHOSTR1' field on the Linux kernel stack. This flaw occurs while handling hypercalls in Transactional Memory TM suspend mode in the kvmppcsavetm and kvmppcrestoretm routines, leading t...

CVE-2012-6111

gnome-keyring does not discard stored secrets when using gnomekeyringlockallsync function...

CVE-2019-2220

In checkOperation of AppOpsService.java, there is a possible bypass of user interaction requirements due to mishandling application suspend. This could lead to local information disclosure no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2019-2220

CVE-2019-2220 affects the Android Framework (AppOpsService) and involves a bypass of user interaction requirements caused by mishandling of application suspend. The vulnerability could allow local information disclosure without requiring additional privileges. Affected products are Android 9 and ...

CVE-2017-18431

cPanel before 66.0.1 does not reliably perform suspend/unsuspend operations on accounts CPANEL-13941...

CVE-2017-18431

cPanel before 66.0.1 does not reliably perform suspend/unsuspend operations on accounts CPANEL-13941...

CVE-2017-18431

CVE-2017-18431 affects cPanel prior to 66.0.1 and relates to unreliable suspend/unsuspend operations on accounts (CPANEL-13941). Multiple sources (NVD entry and Red Hat advisory) document the issue with a CVSS v3 base score of 7.5 (HIGH) and an integrity impact described as HIGH, while attack vec...

openSUSE Security Update : xen (openSUSE-2019-418) (Meltdown) (Spectre)

This update for xen to version 4.10.1 fixes several issues bsc1027519. These security issues were fixed : - CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass SSB, Variant 4 bsc1092631. -...

Fedora 29 : systemd (2018-c402eea18b)

Fix a local vulnerability from a race condition in chown-recursive CVE-2018-15687, 1639076 - Fix a local vulnerability from invalid handling of long lines in state deserialization CVE-2018-15686, 1639071 - Fix a remote vulnerability in DHCPv6 in systemd-networkd CVE-2018-15688, 1639067 - The DHCP...

RHEL 7 : qemu-kvm-rhev (RHSA-2016:0084)

Updated qemu-kvm-rhev packages that fix two security issues and three bugs are now available for Red Hat Enterprise Virtualization. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...

portal.tennova.com XSS vulnerability

Open Bug Bounty ID: OBB-549272 Description| Value ---|--- Affected Website:| portal.tennova.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Product update: Virtuozzo 7.0 Update 4 Hotfix 1 (7.0.4-1091)

The new update for Virtuozzo 7.0.4 provides stability and usability bug fixes. Vulnerability id: PSBM-66625, PSBM-66445 guest.fs counters were reported in kilobytes for containers and in bytes for virtual machines. Vulnerability id: PSBM-66556 Backup location changed to default after update to...

SUSE SLES11 Security Update : open-vm-tools (SUSE-SU-2017:0705-1)

This update for open-vm-tools to 10.1.0 stable brings features, fixes bugs and security issues : - New vmware-namespace-cmd command line utility - GTK3 support - Common Agent Framework CAF - Guest authentication with xmlsec1 - Sub-command to push updated network information to the host on demand ...