Lucene search
K

304 matches found

CNVD
CNVD
added 2021/01/11 12:0 a.m.3 views

IBM Spectrum Protect Plus Information Disclosure Vulnerability (CNVD-2021-03028)

IBM Spectrum Protect Plus is a data protection and availability solution for virtualized environments that can be deployed in minutes and protect your environment in less than an hour. An information disclosure vulnerability exists in IBM Spectrum Protect Plus 10.1.0-10.1.6. An attacker could...

5.5CVSS6.3AI score0.00283EPSS
Exploits0References1
Carbon Black Blog
Carbon Black Blog
added 2020/11/18 4:0 p.m.33 views

Defining Cloud Workload Protection

Organizations are now turning to an increasingly hybrid cloud infrastructure model to support remote workforces, a trend that has accelerated significantly amid the recent global health crisis. This presents a new challenge as cloud environments both private and public require a purpose-built...

0.2AI score
Exploits0
Oracle linux
Oracle linux
added 2020/06/18 12:0 a.m.67 views

microcode_ctl security, bug fix and enhancement update

3:1.17-33.26.0.1 - update 06-2d-07 to 0x71a - update 06-55-04 to 0x2006906 - update 06-55-07 to 0x5002f01 - merge Oracle changes for early load via dracut - enable late load on install for UEK4 kernels marked safe except BDW-79 - set earlymicrocode='no' in virtualized guests to avoid early load...

5.5CVSS0.9AI score0.00587EPSS
Exploits0
Oracle linux
Oracle linux
added 2020/06/18 12:0 a.m.63 views

microcode_ctl security, bug fix and enhancement update

2:2.1-61.6.0.1 - update 06-2d-07 to 0x71a - update 06-55-04 to 0x2006906 - update 06-55-07 to 0x5002f01 - for Intel, do not trigger load if on-disk microcode is not an update Orabug: 30634727 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 - do not late...

5.5CVSS0.9AI score0.00587EPSS
Exploits0
Veracode
Veracode
added 2020/04/10 12:55 a.m.38 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in fixuppagefault in the Xen hypervisor implementation. If a 64-bit para-virtualized guest accessed a certain area of memory, it could cause a denial of service on the host system running the Xen hyperviso...

6.1CVSS2.8AI score0.00761EPSS
Exploits0References13Affected Software1
Veracode
Veracode
added 2020/04/10 12:51 a.m.31 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A flaw was found in the Xen hypervisor implementation when running a system that has an Intel CPU without Extended Page Tables EPT support. While attempting to dump information about a crashing fully-virtualized guest, the flaw could cause the hypervisor...

4.9CVSS1.3AI score0.00346EPSS
Exploits1References11Affected Software1
Veracode
Veracode
added 2020/04/10 12:27 a.m.37 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as the Xen implementation did not prevent applications running in a para-virtualized guest from modifying CR4 TSC. This could cause a local denial of service...

4.7CVSS3.3AI score0.00354EPSS
Exploits0References12Affected Software1
Veracode
Veracode
added 2020/04/10 12:27 a.m.17 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a possible hypervisor panic was found in the Linux kernel. A privileged user of a fully virtualized guest could initiate a stress-test File Transfer Protocol FTP transfer between the guest and the hypervisor, possibly...

4.3CVSS2.4AI score0.01322EPSS
Exploits1References8Affected Software1
Veracode
Veracode
added 2020/04/10 12:27 a.m.24 views

Denial Of Service (DoS)

xen is vulnerable to denial of service DoS. The vulnerability exists as it was discovered that the hypervisor's para-virtualized framebuffer PVFB backend failed to validate the frontend's framebuffer description properly. This could allow a privileged user in the unprivileged domain DomU to cause...

2.1CVSS3.4AI score0.00379EPSS
Exploits0References11Affected Software1
Veracode
Veracode
added 2020/04/10 12:27 a.m.53 views

Information Disclosure

xen is vulnerable to information disclosure. The vulnerability exists as a flaw was found in the QEMU block format auto-detection, when running fully-virtualized guests and using Qemu images written on removable media USB storage, 3.5" disks. Privileged users of such fully-virtualized guests DomU...

2.1CVSS1.8AI score0.0047EPSS
Exploits1References16Affected Software1
Veracode
Veracode
added 2020/04/10 12:26 a.m.31 views

Information Disclosure

xen is vulnerable to information disclosure. A security vulnerability was discovered in the QEMU block format auto-detection, when running fully-virtualized guests. Such fully-virtualized guests, with a raw formatted disk image, were able to write a header to that disk image describing another...

4.9CVSS1.8AI score0.00508EPSS
Exploits1References16Affected Software1
Veracode
Veracode
added 2020/04/10 12:26 a.m.26 views

Denial Of Service (DoS)

xen is vulnerable to denial of service. The hypervisor's para-virtualized framebuffer PVFB backend failed to validate the frontend's framebuffer description. This could allow a malicious user to cause a denial of service, or to use a specially crafted frontend to compromise the privileged domain...

2.1CVSS3.3AI score0.00487EPSS
Exploits1References11Affected Software1
Veracode
Veracode
added 2020/04/10 12:20 a.m.34 views

Privilege Escalation

e2fsprogs is vulnerable to privilege escalation. The vulnerability exists when a victim opens a carefully crafted file system with a program using e2fsprogs, it may be possible to execute arbitrary code with the permissions of the victim. It may be possible to leverage this flaw in a virtualized...

5.8CVSS3AI score0.03978EPSS
Exploits0References40Affected Software1
RedhatCVE
RedhatCVE
added 2020/03/07 2:1 p.m.56 views

CVE-2019-14283

A vulnerability was found in the Linux kernel’s floppy disk driver implementation. A local attacker with access to the floppy device could call setgeometry in drivers/block/floppy.c, which does not validate the sect and head fields, causing an integer overflow and out-of-bounds read. This flaw ma...

6.8CVSS1.6AI score0.00734EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.32 views

Fedora Update for cobbler FEDORA-2019-502f1a2c67

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.6786EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2019/12/04 12:0 a.m.77 views

microcode_ctl security update

3:1.17-33.19.0.4 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618737 3:1.17-33.19.0.1 - merge Oracle changes for early load via dracut - enable late load on install for UEK4 kernels marked safe except BDW-79 - update 06-55-04 to 0x2000065 - update 06-55-07 to...

6.5CVSS2.4AI score0.03133EPSS
Exploits0
Oracle linux
Oracle linux
added 2019/12/04 12:0 a.m.105 views

microcode_ctl security update

2:2.1-53.3.0.4 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 2:2.1-53.3.0.1 - do not late load prior to 3.10.0 - ensure late loading fixes are present on 4.1.12- and 4.14.35- - enable early loading on 06-4f-01 - update 06-55-04 to 0x2000065 - update...

6.5CVSS1.4AI score0.03133EPSS
Exploits0
NVD
NVD
added 2019/10/08 1:15 a.m.13 views

CVE-2019-17347

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux and possibly other guest kernels...

7.8CVSS8.1AI score0.00352EPSS
Exploits0References5
OSV
OSV
added 2019/10/08 1:15 a.m.20 views

CVE-2019-17347

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux and possibly other guest kernels...

7.8CVSS5.9AI score
Exploits0References5
Fedora
Fedora
added 2019/09/11 9:18 p.m.64 views

[SECURITY] Fedora 29 Update: cobbler-2.8.5-0.1.fc29

Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. There is also a web interface 'cobbler-web'. Cobbler's advanced features include importing...

9.8CVSS9.1AI score0.6786EPSS
Exploits0
Rows per page
Query Builder