303 matches found
CVE-2022-2977
A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured this is not the default a local attacker can create a use-after-free and create a situation where it may be possible to escalate privileges on the syste...
Malicious code in dynamic-virtualized-list (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00ad5dca37ce4e1a6a3af411200d84a6cb4666b6b8a7541346fe19de8b16c4fe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2637 Malicious code in dynamic-virtualized-list (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00ad5dca37ce4e1a6a3af411200d84a6cb4666b6b8a7541346fe19de8b16c4fe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Intel® Processors MMIO Undefined Access Advisory
Summary: A potential security vulnerability in Memory Mapped I/O MMIO for some 14nm Client/Xeon E3 Intel® Processors may allow a denial of service in certain virtualized environments. Vulnerability Details: CVEID: CVE-2022-21180 Description: Improper input validation for some Intel® Processors ma...
microcode_ctl security update
2:2.1-73.13.0.3 - update 06-55-04 to 0x2006d05 - update 06-55-07 to 0x5003302 - update 06-6a-04 to 0xb000280 - update 06-6a-06 to 0xd000375 2:2.1-73.13.0.2 - roll back 06-6a-06 to 0xd0002a0 due to PCIe issues on reset Orabug: 34076312 2:2.1-73.13.0.1 - for Intel, do not trigger load if on-disk...
Amazon Linux AMI : kernel (ALAS-2022-1591)
The version of kernel installed on the remote host is prior to 4.14.281-144.502. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1591 advisory. A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMAFROMDEVICE. This flaw...
The vulnerability in the protection of configuration files of the Cisco Virtualized Infrastructure Manager (VIM) allows a perpetrator to access confidential information and enhance their privileges.
The vulnerability of the configuration file protection mechanism in the Cisco Virtualized Infrastructure Manager VIM is related to lack of access control. Exploiting this vulnerability can allow an attacker to gain access to confidential information and enhance their privileges...
Cisco Virtualized Infrastructure Manager访问控制错误漏洞
Cisco Virtualized Infrastructure Manager is a fully automated cloud lifecycle management system from Cisco, U.S. An access control error vulnerability exists in Cisco Virtualized Infrastructure Manager, which stems from certain configuration files' The vulnerability is caused by an access privile...
CVE-2022-20732
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager VIM could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain...
CVE-2022-20732 Cisco Virtualized Infrastructure Manager Privilege Escalation Vulnerability
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager VIM could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain...
Cisco Virtualized Infrastructure Manager Privilege Escalation Vulnerability
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager VIM could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain...
CVE-2022-20732
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager VIM could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain...
Cisco Virtualized Infrastructure Manager 访问控制错误漏洞
Cisco Virtualized Infrastructure Manager is a fully automated cloud lifecycle management system from Cisco, U.S. An access control error vulnerability exists in Cisco Virtualized Infrastructure Manager, which stems from certain configuration files' The vulnerability is caused by an access privile...
Fedora: Security Advisory for cobbler (FEDORA-2022-445ec90e7c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: cobbler-3.3.2-1.fc36
Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...
[SECURITY] Fedora 36 Update: cobbler-3.3.1-1.fc36
Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...
CVE-2021-33098
A flaw was found in the Linux kernel. This flaw allows an attacker who can modify the MTU of a virtualized PCIe device in a guest, for example to crash the host system’s kernel if they set the MTU of the VF device to an unsupported value. Mitigation Mitigation for this issue is either not availab...
Fedora: Security Advisory for cobbler (FEDORA-2022-0649006be6)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for cobbler (FEDORA-2022-0c6402a6a3)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
ALSA-2021:5238 Low: virt:rhel and virt-devel:rhel security update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...