Summary
Detail | |||
---|---|---|---|
Vendor | Xen | First view | 2009-05-22 |
Product | Xen | Last view | 2024-01-05 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
3.3 | 2024-01-05 | CVE-2023-46837 | Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes (such as the ones during scrubbing) have reached memory before handing over the page to a guest. Unfortunately, the arithmetics in the helpers can overflow and would then result to skip the cache cleaning/invalidation. Therefore there is no guarantee when all the writes will reach the memory. This undefined behavior was meant to be addressed by XSA-437, but the approach was not sufficient. |
4.7 | 2024-01-05 | CVE-2023-46836 | The fixes for XSA-422 (Branch Type Confusion) and XSA-434 (Speculative Return Stack Overflow) are not IRQ-safe. It was believed that the mitigations always operated in contexts with IRQs disabled. However, the original XSA-254 fix for Meltdown (XPTI) deliberately left interrupts enabled on two entry paths; one unconditionally, and one conditionally on whether XPTI was active. As BTC/SRSO and Meltdown affect different CPU vendors, the mitigations are not active together by default. Therefore, there is a race condition whereby a malicious PV guest can bypass BTC/SRSO protections and launch a BTC/SRSO attack against Xen. |
5.5 | 2024-01-05 | CVE-2023-46835 | The current setup of the quarantine page tables assumes that the quarantine domain (dom_io) has been initialized with an address width of DEFAULT_DOMAIN_ADDRESS_WIDTH (48) and hence 4 page table levels. However dom_io being a PV domain gets the AMD-Vi IOMMU page tables levels based on the maximum (hot pluggable) RAM address, and hence on systems with no RAM above the 512GB mark only 3 page-table levels are configured in the IOMMU. On systems without RAM above the 512GB boundary amd_iommu_quarantine_init() will setup page tables for the scratch page with 4 levels, while the IOMMU will be configured to use 3 levels only, resulting in the last page table directory (PDE) effectively becoming a page table entry (PTE), and hence a device in quarantine mode gaining write access to the page destined to be a PDE. Due to this page table level mismatch, the sink page the device gets read/write access to is no longer cleared between device assignment, possibly leading to data leaks. |
5.5 | 2024-01-05 | CVE-2023-34328 | [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of the guest state, leading to denials of service. 1) CVE-2023-34327 - An HVM vCPU can end up operating in the context of 2) CVE-2023-34328 - A PV vCPU can place a breakpoint over the live GDT. |
5.5 | 2024-01-05 | CVE-2023-34327 | [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of the guest state, leading to denials of service. 1) CVE-2023-34327 - An HVM vCPU can end up operating in the context of 2) CVE-2023-34328 - A PV vCPU can place a breakpoint over the live GDT. |
7.8 | 2024-01-05 | CVE-2023-34326 | The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022) is incorrect on some hardware, as devices will malfunction (see stale DMA mappings) if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can point to memory ranges not owned by the guest, thus allowing access to unindented memory regions. |
7.8 | 2024-01-05 | CVE-2023-34325 | [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the same user as the toolstack (root in a priviledged domain). At least one issue has been reported to the Xen Security Team that allows an attacker to trigger a stack buffer overflow in libfsimage. After further analisys the Xen Security Team is no longer confident in the suitability of libfsimage when run against guest controlled input with super user priviledges. In order to not affect current deployments that rely on pygrub patches are provided in the resolution section of the advisory that allow running pygrub in deprivileged mode. CVE-2023-4949 refers to the original issue in the upstream grub project ("An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.") CVE-2023-34325 refers specifically to the vulnerabilities in Xen's copy of libfsimage, which is decended from a very old version of grub. |
4.9 | 2024-01-05 | CVE-2023-34324 | Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest. The closing of an event channel is e.g. triggered by removal of a paravirtual device on the other side. As this action will cause console messages to be issued on the other side quite often, the chance of triggering the deadlock is not neglectable. Note that 32-bit Arm-guests are not affected, as the 32-bit Linux kernel on Arm doesn't use queued-RW-locks, which are required to trigger the issue (on Arm32 a waiting writer doesn't block further readers to get the lock). |
5.5 | 2024-01-05 | CVE-2023-34323 | When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xenstored are assuming that the quota cannot be negative and are using assert() to confirm it. This will lead to C Xenstored crash when tools are built without -DNDEBUG (this is the default). |
7.8 | 2024-01-05 | CVE-2023-34322 | For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this means running on the shadow of the guest root page table. In the course of dealing with shortage of memory in the shadow pool associated with a domain, shadows of page tables may be torn down. This tearing down may include the shadow root page table that the CPU in question is presently running on. While a precaution exists to supposedly prevent the tearing down of the underlying live page table, the time window covered by that precaution isn't large enough. |
3.3 | 2024-01-05 | CVE-2023-34321 | Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes (such as the ones during scrubbing) have reached memory before handing over the page to a guest. Unfortunately, the arithmetics in the helpers can overflow and would then result to skip the cache cleaning/invalidation. Therefore there is no guarantee when all the writes will reach the memory. |
6.7 | 2023-11-10 | CVE-2023-4949 | An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation. |
7.8 | 2023-09-22 | CVE-2023-34319 | The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many pieces as permitted by the protocol, yet still being smaller than the area that's specially dealt with to keep all (possible) headers together. Such an unusual packet would therefore trigger a buffer overrun in the driver. |
6.5 | 2023-08-11 | CVE-2022-40982 | Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. |
5.5 | 2023-08-08 | CVE-2023-20588 | A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. |
5.5 | 2023-07-24 | CVE-2023-20593 | An issue in “Zen 2†CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. |
8.8 | 2023-06-07 | CVE-2022-4949 | The AdSanity plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_upload' function in versions up to, and including, 1.8.1. This makes it possible for authenticated attackers with Contributor+ level privileges to upload arbitrary files on the affected sites server which makes remote code execution possible. |
3.3 | 2023-05-17 | CVE-2022-42336 | Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was introduced to keep track of how many threads require SSBD active in order to coordinate it, such logic relies on using a per-core counter of threads that have SSBD active. When running on the mentioned hardware, it's possible for a guest to under or overflow the thread counter, because each write to VIRT_SPEC_CTRL.SSBD by the guest gets propagated to the helper that does the per-core active accounting. Underflowing the counter causes the value to get saturated, and thus attempts for guests running on the same core to set SSBD won't have effect because the hypervisor assumes it's already active. |
7.8 | 2023-04-25 | CVE-2022-42335 | x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handling it is possible for a guest with a PCI device passed through to cause the hypervisor to access an arbitrary pointer partially under guest control. |
6.5 | 2023-03-21 | CVE-2022-42334 | x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. While not exposed to the affected guests themselves, the interface specifically exists for domains controlling such guests. This interface may therefore be used by not fully privileged entities, e.g. qemu running deprivileged in Dom0 or qemu running in a so called stub-domain. With this exposure it is an issue that - the number of the such controlled regions was unbounded (CVE-2022-42333), - installation and removal of such regions was not properly serialized (CVE-2022-42334). |
8.6 | 2023-03-21 | CVE-2022-42333 | x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. While not exposed to the affected guests themselves, the interface specifically exists for domains controlling such guests. This interface may therefore be used by not fully privileged entities, e.g. qemu running deprivileged in Dom0 or qemu running in a so called stub-domain. With this exposure it is an issue that - the number of the such controlled regions was unbounded (CVE-2022-42333), - installation and removal of such regions was not properly serialized (CVE-2022-42334). |
7.8 | 2023-03-21 | CVE-2022-42332 | x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tables as well as auxiliary data structures. To migrate or snapshot guests, Xen additionally runs them in so called log-dirty mode. The data structures needed by the log-dirty tracking are part of aformentioned auxiliary data. In order to keep error handling efforts within reasonable bounds, for operations which may require memory allocations shadow mode logic ensures up front that enough memory is available for the worst case requirements. Unfortunately, while page table memory is properly accounted for on the code path requiring the potential establishing of new shadows, demands by the log-dirty infrastructure were not taken into consideration. As a result, just established shadow page tables could be freed again immediately, while other code is still accessing them on the assumption that they would remain allocated. |
5.5 | 2023-03-21 | CVE-2022-42331 | x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be attacked with a variety of speculative attacks. |
7.5 | 2023-01-26 | CVE-2022-42330 | Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" (e.g. for performing a kexec) the libxl based Xen toolstack will normally perform a XS_RELEASE Xenstore operation. Due to a bug in xenstored this can result in a crash of xenstored. Any other use of XS_RELEASE will have the same impact. |
5.5 | 2022-11-09 | CVE-2022-23824 | IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
12% (49) | CWE-20 | Improper Input Validation |
12% (46) | CWE-264 | Permissions, Privileges, and Access Controls |
7% (30) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
7% (29) | CWE-362 | Race Condition |
7% (28) | CWE-399 | Resource Management Errors |
7% (28) | CWE-200 | Information Exposure |
4% (17) | CWE-770 | Allocation of Resources Without Limits or Throttling |
2% (10) | CWE-787 | Out-of-bounds Write |
2% (10) | CWE-476 | NULL Pointer Dereference |
2% (10) | CWE-284 | Access Control (Authorization) Issues |
2% (9) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
2% (9) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
2% (9) | CWE-17 | Code |
2% (8) | CWE-459 | Incomplete Cleanup |
1% (7) | CWE-755 | Improper Handling of Exceptional Conditions |
1% (7) | CWE-189 | Numeric Errors |
1% (6) | CWE-416 | Use After Free |
1% (6) | CWE-269 | Improper Privilege Management |
1% (5) | CWE-682 | Incorrect Calculation |
1% (4) | CWE-212 | Improper Cross-boundary Removal of Sensitive Data |
0% (3) | CWE-404 | Improper Resource Shutdown or Release |
0% (3) | CWE-254 | Security Features |
0% (3) | CWE-203 | Information Exposure Through Discrepancy |
0% (3) | CWE-125 | Out-of-bounds Read |
0% (3) | CWE-16 | Configuration |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:10313 | The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to... |
oval:org.mitre.oval:def:19861 | DSA-2508-1 kfreebsd-8 - privilege escalation |
oval:org.mitre.oval:def:19281 | CRITICAL PATCH UPDATE OCTOBER 2012 |
oval:org.mitre.oval:def:15596 | User Mode Scheduler Memory Corruption Vulnerability (CVE-2012-0217) |
oval:org.mitre.oval:def:21551 | RHSA-2012:1130: xen security update (Moderate) |
oval:org.mitre.oval:def:23412 | ELSA-2012:1130: xen security update (Moderate) |
oval:org.mitre.oval:def:27844 | DEPRECATED: ELSA-2012-1130 -- xen security update (moderate) |
oval:org.mitre.oval:def:20953 | RHSA-2013:0241: xen security update (Moderate) |
oval:org.mitre.oval:def:23430 | ELSA-2013:0241: xen security update (Moderate) |
oval:org.mitre.oval:def:25518 | SUSE-SU-2014:0411-1 -- Security update for Xen |
oval:org.mitre.oval:def:26932 | DEPRECATED: ELSA-2013-0241 -- xen security update (moderate) |
oval:org.mitre.oval:def:17653 | DSA-2544-1 xen - denial of service |
oval:org.mitre.oval:def:25115 | SUSE-SU-2014:0446-1 -- Security update for Xen |
oval:org.mitre.oval:def:21575 | RHSA-2012:1234: qemu-kvm security update (Important) |
oval:org.mitre.oval:def:21464 | RHSA-2012:1235: kvm security update (Important) |
oval:org.mitre.oval:def:21145 | RHSA-2012:1236: xen security update (Important) |
oval:org.mitre.oval:def:19980 | DSA-2545-1 qemu - multiple |
oval:org.mitre.oval:def:18326 | DSA-2542-1 qemu-kvm - multiple |
oval:org.mitre.oval:def:18182 | USN-1590-1 -- qemu-kvm vulnerability |
oval:org.mitre.oval:def:23955 | ELSA-2012:1234: qemu-kvm security update (Important) |
oval:org.mitre.oval:def:22996 | ELSA-2012:1236: xen security update (Important) |
oval:org.mitre.oval:def:22862 | ELSA-2012:1235: kvm security update (Important) |
oval:org.mitre.oval:def:27797 | DEPRECATED: ELSA-2012-1236 -- xen security update (important) |
oval:org.mitre.oval:def:27721 | DEPRECATED: ELSA-2012-1234 -- qemu-kvm security update (important) |
oval:org.mitre.oval:def:27565 | DEPRECATED: ELSA-2012-1235 -- kvm security update (important) |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
75279 | Qemu hw/scsi-disk.c scsi_disk_emulate_command() Function Command Parsing Loca... |
75241 | Linux Kernel SAHF Instruction Emulation Remote DoS |
74873 | Xen x86_64__addr_ok() Macro Off-by-one Unprivileged Local Host DoS |
74868 | Xen VM Exit CPUID Instruction Emulation Handling Unprivileged Local DoS |
74656 | Linux Kernel Xen Hypervisor Implementation SMP Guest Malicious User Process L... |
74629 | Xen DMA Request Parsing IOMMU Fault Local DoS |
71331 | Xen xen/arch/x86/domain.c arch_set_info_guest() Pagetable Local DoS |
54474 | Xen arch/i386/kernel/entry-xen.S hypervisor_callback() Function Local DoS |
OpenVAS Exploits
id | Description |
---|---|
2013-09-18 | Name : Debian Security Advisory DSA 2582-1 (xen - several vulnerabilities) File : nvt/deb_2582_1.nasl |
2012-12-18 | Name : Fedora Update for xen FEDORA-2012-19828 File : nvt/gb_fedora_2012_19828_xen_fc16.nasl |
2012-12-14 | Name : Fedora Update for xen FEDORA-2012-19717 File : nvt/gb_fedora_2012_19717_xen_fc17.nasl |
2012-12-13 | Name : SuSE Update for XEN openSUSE-SU-2012:1572-1 (XEN) File : nvt/gb_suse_2012_1572_1.nasl |
2012-12-13 | Name : SuSE Update for xen openSUSE-SU-2012:0886-1 (xen) File : nvt/gb_suse_2012_0886_1.nasl |
2012-12-13 | Name : SuSE Update for qemu openSUSE-SU-2012:1170-1 (qemu) File : nvt/gb_suse_2012_1170_1.nasl |
2012-12-13 | Name : SuSE Update for Security openSUSE-SU-2012:1172-1 (Security) File : nvt/gb_suse_2012_1172_1.nasl |
2012-12-13 | Name : SuSE Update for Security openSUSE-SU-2012:1174-1 (Security) File : nvt/gb_suse_2012_1174_1.nasl |
2012-12-06 | Name : RedHat Update for kernel RHSA-2012:1540-01 File : nvt/gb_RHSA-2012_1540-01_kernel.nasl |
2012-12-06 | Name : CentOS Update for kernel CESA-2012:1540 centos5 File : nvt/gb_CESA-2012_1540_kernel_centos5.nasl |
2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18249 File : nvt/gb_fedora_2012_18249_xen_fc16.nasl |
2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18242 File : nvt/gb_fedora_2012_18242_xen_fc17.nasl |
2012-11-15 | Name : CentOS Update for kernel CESA-2012:1445 centos5 File : nvt/gb_CESA-2012_1445_kernel_centos5.nasl |
2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17408 File : nvt/gb_fedora_2012_17408_xen_fc16.nasl |
2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17204 File : nvt/gb_fedora_2012_17204_xen_fc17.nasl |
2012-11-15 | Name : RedHat Update for kernel RHSA-2012:1445-01 File : nvt/gb_RHSA-2012_1445-01_kernel.nasl |
2012-10-19 | Name : Fedora Update for qemu FEDORA-2012-15606 File : nvt/gb_fedora_2012_15606_qemu_fc16.nasl |
2012-10-16 | Name : Fedora Update for qemu FEDORA-2012-15740 File : nvt/gb_fedora_2012_15740_qemu_fc17.nasl |
2012-10-03 | Name : Ubuntu Update for qemu-kvm USN-1590-1 File : nvt/gb_ubuntu_USN_1590_1.nasl |
2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13434 File : nvt/gb_fedora_2012_13434_xen_fc17.nasl |
2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13443 File : nvt/gb_fedora_2012_13443_xen_fc16.nasl |
2012-09-15 | Name : Debian Security Advisory DSA 2542-1 (qemu-kvm) File : nvt/deb_2542_1.nasl |
2012-09-15 | Name : Debian Security Advisory DSA 2543-1 (xen-qemu-dm-4.0) File : nvt/deb_2543_1.nasl |
2012-09-15 | Name : Debian Security Advisory DSA 2544-1 (xen) File : nvt/deb_2544_1.nasl |
2012-09-15 | Name : Debian Security Advisory DSA 2545-1 (qemu) File : nvt/deb_2545_1.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0202 | Citrix XenServer Information Disclosure Vulnerability Severity: Category I - VMSKEY: V0061343 |
2015-A-0112 | Oracle Linux & Virtualization Buffer Overflow Vulnerability Severity: Category I - VMSKEY: V0060735 |
2015-A-0115 | QEMU Virtual Floppy Drive Controller (FDC) Buffer Overflow Vulnerability Severity: Category II - VMSKEY: V0060741 |
2014-B-0099 | Multiple Vulnerabilities in Citrix XenServer Severity: Category I - VMSKEY: V0053313 |
2013-B-0048 | Multiple Vulnerabilities in Citrix XenServer Severity: Category I - VMSKEY: V0037950 |
2012-A-0020 | Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity: Category I - VMSKEY: V0031252 |
Snort® IPS/IDS
Date | Description |
---|---|
2019-09-24 | OMRON CX-One MCI file stack buffer overflow attempt RuleID : 51192 - Type : FILE-OTHER - Revision : 1 |
2019-09-24 | OMRON CX-One MCI file stack buffer overflow attempt RuleID : 51191 - Type : FILE-OTHER - Revision : 1 |
2018-07-10 | Microsoft Windows Interrupt Service Routine stack rollback attempt RuleID : 46910 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows Interrupt Service Routine stack rollback attempt RuleID : 46909 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows processor modification return to user-mode attempt RuleID : 46908 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows processor modification return to user-mode attempt RuleID : 46907 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows malicious CONTEXT structure creation attempt RuleID : 46906 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows malicious CONTEXT structure creation attempt RuleID : 46905 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows SYSTEM token stealing attempt RuleID : 46904 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows SYSTEM token stealing attempt RuleID : 46903 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-03 | Microsoft Windows kernel privilege escalation attempt RuleID : 46835 - Type : OS-WINDOWS - Revision : 1 |
2018-07-03 | Microsoft Windows kernel privilege escalation attempt RuleID : 46834 - Type : OS-WINDOWS - Revision : 1 |
2018-07-03 | Microsoft Windows ROP gadget locate attempt RuleID : 46833 - Type : OS-WINDOWS - Revision : 1 |
2018-07-03 | Microsoft Windows ROP gadget locate attempt RuleID : 46832 - Type : OS-WINDOWS - Revision : 1 |
2018-07-03 | Microsoft Windows kernel privilege escalation attempt RuleID : 46831 - Type : OS-WINDOWS - Revision : 1 |
2018-07-03 | Microsoft Windows kernel privilege escalation attempt RuleID : 46830 - Type : OS-WINDOWS - Revision : 1 |
2015-06-23 | QEMU floppy disk controller buffer overflow attempt RuleID : 34488 - Type : OS-OTHER - Revision : 4 |
2015-06-23 | QEMU floppy disk controller buffer overflow attempt RuleID : 34487 - Type : OS-OTHER - Revision : 4 |
2015-06-23 | QEMU floppy disk controller buffer overflow attempt RuleID : 34486 - Type : OS-OTHER - Revision : 4 |
2015-06-23 | QEMU floppy disk controller buffer overflow attempt RuleID : 34485 - Type : OS-OTHER - Revision : 4 |
2015-06-23 | QEMU floppy disk controller buffer overflow attempt RuleID : 34484 - Type : OS-OTHER - Revision : 4 |
2015-06-23 | QEMU floppy disk controller buffer overflow attempt RuleID : 34483 - Type : OS-OTHER - Revision : 4 |
2015-06-23 | QEMU floppy disk controller buffer overflow attempt RuleID : 34482 - Type : OS-OTHER - Revision : 4 |
2015-06-23 | QEMU floppy disk controller buffer overflow attempt RuleID : 34481 - Type : OS-OTHER - Revision : 4 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-15 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4369.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-683dfde81a.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-73dd8de892.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2018-8422d94975.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-a24754252a.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-a7862a75f5.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-a7ac26523d.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2018-cc812838fb.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-dbebca30d0.nasl - Type: ACT_GATHER_INFO |
2018-11-26 | Name: A server virtualization platform installed on the remote host is missing a se... File: citrix_xenserver_CTX239432.nasl - Type: ACT_GATHER_INFO |
2018-11-13 | Name: The remote Debian host is missing a security update. File: debian_DLA-1577.nasl - Type: ACT_GATHER_INFO |
2018-11-13 | Name: The remote Fedora host is missing a security update. File: fedora_2018-f20a0cead5.nasl - Type: ACT_GATHER_INFO |
2018-11-09 | Name: A server virtualization platform installed on the remote host is missing a se... File: citrix_xenserver_CTX239100.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL17403481.nasl - Type: ACT_GATHER_INFO |
2018-10-31 | Name: The remote Debian host is missing a security update. File: debian_DLA-1559.nasl - Type: ACT_GATHER_INFO |
2018-10-31 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201810-06.nasl - Type: ACT_GATHER_INFO |
2018-10-19 | Name: The remote Debian host is missing a security update. File: debian_DLA-1549.nasl - Type: ACT_GATHER_INFO |
2018-10-10 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4313.nasl - Type: ACT_GATHER_INFO |
2018-10-04 | Name: The remote Debian host is missing a security update. File: debian_DLA-1531.nasl - Type: ACT_GATHER_INFO |
2018-10-02 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4308.nasl - Type: ACT_GATHER_INFO |
2018-09-18 | Name: The remote EulerOS Virtualization host is missing multiple security updates. File: EulerOS_SA-2018-1263.nasl - Type: ACT_GATHER_INFO |
2018-09-18 | Name: The remote EulerOS Virtualization host is missing multiple security updates. File: EulerOS_SA-2018-1270.nasl - Type: ACT_GATHER_INFO |
2018-09-07 | Name: The remote Debian host is missing a security update. File: debian_DLA-1493.nasl - Type: ACT_GATHER_INFO |
2018-09-07 | Name: The remote Debian host is missing a security update. File: debian_DLA-1497.nasl - Type: ACT_GATHER_INFO |
2018-09-04 | Name: The remote Fedora host is missing a security update. File: fedora_2018-915602df63.nasl - Type: ACT_GATHER_INFO |