EUVD-2018-4308

Malware in sbrugna...

CVE-2024-45388 Arbitrary file read in the `/api/v2/simulation` endpoint in hoverfly (`GHSL-2023-274`)

Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary...

PT-2022-6045 · Linux +8 · Linux Kernel +8

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 6.2 Description: A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines o...

Unspecified Vulnerability in ECOS Secure Boot Stick (CNVD-2019-38284)

The ECOS Secure Boot Stick a.k.a. SBS is a security device from ECOS TECHNOLOGY, Germany for remote access to Citrix, Microsoft Terminal Server, VMware and other web applications. A security vulnerability exists in ECOS SBS version 5.6.5. An attacker could exploit the vulnerability to take contro...

CVE-2018-12334

Protection Mechanism Failure in ECOS Secure Boot Stick aka SBS 5.6.5 allows an attacker to compromise authentication and encryption keys via a virtualization attack...

CVE-2018-12334

Protection Mechanism Failure in ECOS Secure Boot Stick aka SBS 5.6.5 allows an attacker to compromise authentication and encryption keys via a virtualization attack...

Session fixation

Protection Mechanism Failure in ECOS Secure Boot Stick aka SBS 5.6.5 allows an attacker to compromise authentication and encryption keys via a virtualization attack...

CVE-2018-12334

Protection Mechanism Failure in ECOS Secure Boot Stick aka SBS 5.6.5 allows an attacker to compromise authentication and encryption keys via a virtualization attack...

CVE-2018-12334

The CVE-2018-12334 entry concerns ECOS Secure Boot Stick (SBS) 5.6.5. The vulnerability is a Protection Mechanism Failure that enables a virtualization attack to compromise authentication and encryption keys. This exposure affects the SBS device’s cryptographic protections, with the primary impac...

DEBIAN-CVE-2017-12190

The biomapuseriov and biounmapuser functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bioaddpcpage function merges them into one, but the page reference is never dropped. This...

virt: guest to host DoS by triggering an infinite loop in microcode via #AC exception

It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as AC alignment check exception is handled. A privileg...