Linux Distros Unpatched Vulnerability : CVE-2017-17381

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service divide- by-zero error and QEMU process crash by unsetting vring...

RHEL 7 : qemu-kvm-ma (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - QEMU: msix: OOB access during mmio operations may lead to DoS CVE-2020-13754 - The Virtio Vring...

SUSE: Security Advisory (SUSE-SU-2018:0831-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-17381

The CVE-2020-17381 entry concerns Ghisler Total Commander 9.51. The issue is a local privilege escalation caused by insufficient access restrictions in the default installation directory, enabling an attacker to replace the TOTALCMD64.EXE binary under %SYSTEMDRIVE% (Total Commander directory) to ...

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2020-1573)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2020-1367)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-17381

SQL Injection exists in the Dutch Auction Factory 2.0.2 component for Joomla! via the filterorderDir or filterorder parameter...

CVE-2018-17381

The CVE-2018-17381 vulnerability affects the Joomla! Dutch Auction Factory 2.0.2 component. A SQL Injection exists via the filter_order_Dir or filter_order parameter due to insufficient validation of externally supplied SQL statements in the database layer, enabling potentially unauthorized queri...

qemu security update

15:3.1.0-3.el7 - x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as fixed Mark Kanda Orabug: 29744956 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 15:3.1.0-2.el7 - x86: Add mds feature Karl Heubaum - e1000: Never increment the RX undersize count register...

qemu security update

15:3.0.0-1.el7 - net: ignore packet size greater than INTMAX Jason Wang Orabug: 28763782 CVE-2018-17963 - pcnet: fix possible buffer overflow Jason Wang Orabug: 28763774 CVE-2018-17962 - rtl8139: fix possible out of bound access Jason Wang Orabug: 28763765 CVE-2018-17958 - ne2000: fix possible ou...

[SECURITY] [DSA 4213-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4213-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 29, 2018 https://www.debian.org/security/faq -...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2018:0831-1) (Spectre)

This update for qemu fixes the following issues: This update has the next round of Spectre v2 related patches, which now integrate with corresponding changes in libvirt. CVE-2017-5715 bsc1068032 The January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by...

Security update for qemu (important)

This update for qemu fixes the following issues: This update has the next round of Spectre v2 related patches, which now integrate with corresponding changes in libvirt. CVE-2017-5715 bsc1068032 The January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by...

USN-3575-2: QEMU regression

USN-3575-1 fixed vulnerabilities in QEMU. The fix for CVE-2017-11334 caused a regression in Xen environments. This update removes the problematic fix pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that QEMU incorrectly handled guest...

USN-3575-1: QEMU vulnerabilities

It was discovered that QEMU incorrectly handled guest ram. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2017-11334 David Buchanan discovered that QEMU...

CVE-2017-17381

The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service divide-by-zero error and QEMU process crash by unsetting vring alignment while updating Virtio rings...

CVE-2017-17381

CVE-2017-17381 is rejected/not used per the Initial Description.

CVE-2017-17381

The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service divide-by-zero error and QEMU process crash by unsetting vring alignment while updating Virtio rings...