91 matches found
CVE-2021-21538
Dell EMC iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the virtual console...
DELL Dell EMC iDRAC9 授权问题漏洞
Dell EMC iDRAC9 is an integrated Dell Remote Access Controller that helps IT administrators deploy, update, monitor and maintain servers without installing any additional software.Dell EMC iDRAC9 has an improper authentication vulnerability. An attacker could use this vulnerability to gain...
CVE-2021-21538
Dell EMC iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the virtual console. Recent assessments: Assessed Attacker Value: 0 Assessed...
kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c
A flaw was found in the Linux kernel’s virtual console resize functionality. An attacker with local access to virtual consoles can use the virtual console resizing code to gather kernel internal data structures...
kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c
A flaw was found in the Linux kernel’s virtual console resize functionality. An attacker with local access to virtual consoles can use the virtual console resizing code to gather kernel internal data structures...
kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c
A flaw was found in the Linux kernel’s virtual console resize functionality. An attacker with local access to virtual consoles can use the virtual console resizing code to gather kernel internal data structures...
kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c
A flaw was found in the Linux kernel’s virtual console resize functionality. An attacker with local access to virtual consoles can use the virtual console resizing code to gather kernel internal data structures...
Cisco 809 Industrial ISRs, 829 Industrial ISRs, and Cisco CGR1000 IOS Software Trust Management Issue Vulnerabilities
Cisco 1000 Series Connected Grid Routers CGR1000 is a 1000 Series Internet Grid Router from Cisco. A trust management issue exists in the virtual console authentication of the IOS Software in Cisco 809 Industrial ISRs, 829 Industrial ISRs, and Cisco CGR1000. The vulnerability stems from the...
CVE-2020-3234
The CVE-2020-3234 issue affects Cisco IOS Software for Cisco 809/829 Industrial ISRs and CGR1000 devices, where the Virtual Device Server (VDS) authentication uses hard-coded/default credentials. A local, authenticated, low-privilege attacker can log in to VDS via the device’s virtual console and...
CVE-2019-19252
A flaw was found in the Linux kernel’s virtual console implementation of Unicode usage. This flaw allows a local attacker with permissions on the /dev/vcsu devices to crash the system or corrupt memory. Mitigation At this time there is no workaround that is suitable for a production system that...
CVE-2020-8647
A flaw was found in the Linux kernel’s virtual console resize functionality. An attacker with local access to virtual consoles can use the virtual console resizing code to gather kernel internal data structures. Mitigation The attack vector can be significantly reduced by preventing users from...
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4258-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4258-1 advisory. It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically...
USN-4258-1: Linux kernel vulnerabilities
It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2019-15099 It was discovered that a race condition existed in the...
The vulnerability of the vcs_write function in the Linux kernel’s drivers/tty/vt/vc_screen.c file, which allows a hacker to increase their privileges.
The vulnerability of the vcswrite function in the Linux kernel’s drivers/tty/vt/vcscreen.c file is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...
Linux kernel vcsu device write access vulnerability
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A write access vulnerability exists in the Linux kernel vcsu device. The vulnerability stems from the fact that...
How to Restore NetScaler SDX to Factory Default Settings
This article describes how to restore NetScaler SDX to factory default settings. Important Points to Note 1. The procedure mentioned in this article is for troubleshooting or a last resort step only. The recommend procedure to restoreNetScaler SDX to factory default settings is using SVM GUI . 2...
Kernel: tty: driver reference leakage in tty_open
A NULL pointer dereference flaw was found in the way the Linux kernel's virtual console implementation handled reference counting when accessing pseudo-terminal device files /dev/pts/. A local, unprivileged attacker could use this flaw to crash the system...
Linux Kernel <= 2.6.28.3 - set_selection() UTF-8 Off By One Local Exploit
No description provided by source. / CVE-2009-1046 Virtual Console UTF-8 setselection off-by-onetwo Memory Corruption Linux Kernel = 2.6.28.3 coded by: sgrakkyu at antifork.org http://kernelbof.blogspot.com/2009/07/even-when-one-byte-matters.html Dedicated to all people talking nonsense about non...
qemu: VT100 emulation vulnerability
Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."...
Debian DSA-2542-1 : qemu-kvm - multiple vulnerabilities
Multiple vulnerabilities have been discovered in KVM, a full virtualization solution on x86 hardware. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2012-2652 : The snapshot mode of QEMU -snapshot incorrectly handles temporary files used to store the...