31 matches found
MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2021-1660:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1660:01 advisory. QEMU: Regression of CVE-2020-10756 fix in virt:rhel/qemu-kvm CVE-2021-20295 Tenable has extracted the preceding description block directly from the...
EUVD-2021-7720
Malicious code in bioql PyPI...
CVE-2025-20295
creationtimestamp| type| source ---|---|--- 2025-09-02 10:39:43+00:00| seen| https://bsky.app/profile/fraustief.bsky.social/post/3lxtwhkrlld2u 2025-09-02 10:39:44+00:00| seen| https://bsky.app/profile/fraustief.bsky.social/post/3lxtwhkroj32u 2025-09-02 10:39:46+00:00| seen|...
Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20295)
The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...
CVE-2022-20295
In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2020-20295
An issue was found in CMSWing project version 1.3.8. Because the updateAction function does not check the detail parameter, malicious parameters can execute arbitrary SQL commands...
CVE-2024-20295
A vulnerability in the CLI of the Cisco Integrated Management Controller IMC could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have read-only or high...
CVE-2024-20295
creationtimestamp| type| source ---|---|--- 2024-04-18 11:08:28+00:00| published-proof-of-concept| https://t.me/truesecator/5651 2026-07-06 11:00:07+00:00| seen| https://t.me/ZerodayAlert/219 2026-07-07 00:00:19+00:00| seen| https://t.me/ZerodayAlert/219 2026-07-12 00:00:17+00:00| seen|...
Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2021:1064)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:1064 advisory. - It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 https://access.redhat.com/errata/RHSA-2020:4676 erratum released as part of Re...
CVE-2021-20295 affecting package qemu-kvm 4.2.0-38
CVE-2021-20295 affecting package qemu-kvm 4.2.0-38. A patched version of the package is available...
CVE-2019-20295
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none...
CVE-2022-20295
creationtimestamp| type| source ---|---|--- 2022-08-12 18:33:24+00:00| seen| https://t.me/cibsecurity/48026...
CVE-2022-20295
CVE-2022-20295 affects Android 13 via a missing permission check in ContentService, enabling information disclosure by checking whether an account exists on the device. Impact is local, with no user interaction required beyond local access; exploits are described as requiring user privileges but ...
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 (https://access.redhat.com/errata/RHSA-2020:4676) erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756 which was previously corrected in virt:rhel/qemu-kvm via erratum RHSA-2020:4059 (https://access.redhat.com/errata/RHSA-2020:4059). CVE-2021-20295 was assigned to that Red Hat specific security regression. For more details about the original security issue CVE-2020-10756 refer to bug 1835986 or the CVE page: https://access.redhat.com/security/cve/CVE-2020-10756.
...
CVE-2021-20295
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 https://access.redhat.com/errata/RHSA-2020:4676 erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in...
CVE-2021-20295
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 https://access.redhat.com/errata/RHSA-2020:4676 erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in...
Security feature bypass
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 https://access.redhat.com/errata/RHSA-2020:4676 erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in...
CVE-2021-20295
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 https://access.redhat.com/errata/RHSA-2020:4676 erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in...
CVE-2021-20295
CVE-2021-20295 is a Red Hat–specific regression assigned to the absence of the previously delivered fix for CVE-2020-10756 in virt:rhel/qemu-kvm when updating RHSA-2020:4676 for RHEL 8.3. The issue arose because the update failed to include the fix that had been applied earlier via RHSA-2020:4059...
AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2021:1064)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1064 advisory. QEMU: Regression of CVE-2020-10756 fix in virt:rhel/qemu-kvm in AlmaLinux CVE-2021-20295 Tenable has extracted the preceding description block directly from the...