CVE-2019-17380

cPanel before 82.0.15 allows self XSS in the WHM Update Preferences interface SEC-528...

Trend Micro Deep Security Agent 安全漏洞

Trend Micro Deep Security Agent is a security solution from Trend Micro, Inc. that is primarily used to protect data and applications in servers, virtual machines, and cloud environments. A security vulnerability exists in versions prior to Trend Micro Deep Security Agent 20.0.1-17380, which stem...

BELL-CVE-2020-17380 CVE-2020-17380 does not affect BellSoft software

Bulletin has no description...

SUSE: Security Advisory (SUSE-SU-2023:0761-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-3362-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:3594-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for qemu (openSUSE-SU-2021:1942-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE: Security Advisory (SUSE-SU-2021:1942-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2021-1735)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2021-1763)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Out-of-bounds

The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious privileged guest to crash the QEMU process on the host, resultin...

CVE-2020-17380 affecting package qemu-kvm 4.2.0-48

CVE-2020-17380 affecting package qemu-kvm 4.2.0-48. A patched version of the package is available...

CVE-2020-17380

creationtimestamp| type| source ---|---|--- 2021-01-30 13:25:11+00:00| seen| https://t.me/cibsecurity/22874 2021-03-23 23:38:32+00:00| seen| https://t.me/cibsecurity/25344 2023-11-29 05:12:44+00:00| seen| https://t.me/arpsyndicate/669...

CVE-2020-17380

CVE-2020-17380 (QEMU SDHCI) affects QEMU up to 5.0.0 in the SDHCI device emulation (hw/sd/sdhci.c). The flaw is a heap-based buffer overflow that can occur during a multi-block SDMA transfer in sdhci_sdma_transfer_multi_blocks(). A guest user or process could crash the QEMU host process or, poten...

CVE-2020-17380

A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via the sdhcisdmatransfermultiblocks routine in hw/sd/sdhci.c. A guest user or process could use this flaw to crash the QEMU process on the...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-4650-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4650-1 advisory. Alexander Bulekov discovered that QEMU incorrectly handled SDHCI device emulation. An attacker inside the guest could use this...

CVE-2017-17380

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none...

CVE-2017-17380

...

CVE-2017-17380

CVE-2017-17380 is rejected and not used per the Initial Description.

CVE-2020-17380

A flaw was found in QEMU. A heap-based buffer overflow vulnerability was found in the SDHCI device emulation support allowing a guest user or process to crash the QEMU process on the host resulting in a denial of service condition, or potentially execute arbitrary code with privileges of the QEMU...