CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-45819 – libxl leaks data to PVH guests via ACPI tables
https://notcve.org/view.php?id=CVE-2024-45819
Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation, denial of service or information leaks. • https://xenbits.xenproject.org/xsa/advisory-464.html http://www.openwall.com/lists/oss-security/2024/11/12/1 http://www.openwall.com/lists/oss-security/2024/11/12/10 http://www.openwall.com/lists/oss-security/2024/11/12/7 http://xenbits.xen.org/xsa/advisory-464.html •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-45818 – Deadlock in x86 HVM standard VGA handling
https://notcve.org/view.php?id=CVE-2024-45818
Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation, denial of service or information leaks. • https://xenbits.xenproject.org/xsa/advisory-463.html http://www.openwall.com/lists/oss-security/2024/11/12/2 http://xenbits.xen.org/xsa/advisory-463.html •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-4230
https://notcve.org/view.php?id=CVE-2024-4230
External Control of File Name or Path vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicious local attacker to execute an arbitrary malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition. • https://jvn.jp/vu/JVNVU92857077/index.html https://www.edgecross.org/client_info/EDGECROSS/view/userweb/ext/en/data-download/pdf/ECD-TE10-0003-01-EN.pdf • CWE-73: External Control of File Name or Path •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-4229
https://notcve.org/view.php?id=CVE-2024-4229
Incorrect Default Permissions vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicious local attacker to execute an arbitrary malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition, if the product is installed in a folder other than a folder that only users with administrative privilege have permission to modify. • https://jvn.jp/vu/JVNVU92857077/index.html https://www.edgecross.org/client_info/EDGECROSS/view/userweb/ext/en/data-download/pdf/ECD-TE10-0003-01-EN.pdf • CWE-276: Incorrect Default Permissions •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2022-27600 – QTS, QuTS hero, QuTScloud
https://notcve.org/view.php?id=CVE-2022-27600
If exploited, the vulnerability could allow remote attackers to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2277 and later QTS 4.5.4.2280 build 20230112 and later QuTS hero h5.0.1.2277 build 20230112 and later QuTS hero h4.5.4.2374 build 20230417 and later QuTScloud c5.0.1.2374 and later Se ha informado de una vulnerabilidad de consumo de recursos no controlado que afecta a varias versiones del sistema operativo QNAP. Si se explota, la vulnerabilidad podría permitir a atacantes remotos lanzar un ataque de denegación de servicio (DoS). Ya hemos corregido la vulnerabilidad en las siguientes versiones: QTS 5.0.1.2277 y posteriores QTS 4.5.4.2280 compilación 20230112 y posteriores QuTS hero h5.0.1.2277 compilación 20230112 y posteriores QuTS hero h4.5.4.2374 compilación 20230417 y posteriores QuTScloud c5.0.1.2374 y posteriores • https://www.qnap.com/en/security-advisory/qsa-23-09 • CWE-400: Uncontrolled Resource Consumption CWE-798: Use of Hard-coded Credentials •