MiracleLinux 9 : qemu-kvm-6.2.0-11.el9.3 (AXSA:2022-4021:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4021:02 advisory. QEMU: virtio-net: map leaking on error during receive CVE-2022-26353 QEMU: vhost-vsock: missing virtqueue detach on error can lead to memory leak...

Linux Distros Unpatched Vulnerability : CVE-2022-26353

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached...

CVE-2025-26353

A CWE-35 "Path Traversal" in maxtime/api/sql/sql.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to read sensitive files via crafted HTTP requests...

CVE-2025-26353

A CWE-35 "Path Traversal" in maxtime/api/sql/sql.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to read sensitive files via crafted HTTP requests...

CVE-2025-26353

CVE-2025-26353 corresponds to a CWE-35 Path Traversal in Q-Free MaxTime

CVE-2025-26353

A CWE-35 "Path Traversal" in maxtime/api/sql/sql.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to read sensitive files via crafted HTTP requests...

Azure Linux 3.0 Security Update: qemu (CVE-2022-26353)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-26353 advisory. - A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for...

CBL Mariner 2.0 Security Update: qemu (CVE-2022-26353)

The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-26353 advisory. - A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for...

CVE-2022-26353 affecting package qemu for versions less than 6.2.0-18

CVE-2022-26353 affecting package qemu for versions less than 6.2.0-18. A patched version of the package is available...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2082)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-26353

Adobe Dimension versions 3.4.7 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...

CVE-2023-26353

Adobe Dimension before 3.4.8 is affected by an out-of-bounds read vulnerability in USD file parsing that could disclose sensitive memory and bypass mitigations such as ASLR. Exploitation requires a victim to open a malicious file (user interaction). No in-the-wild exploitation is documented in th...

Adobe Dimension < 3.4.8 Multiple Vulnerabilities (APSB23-20) (macOS)

The version of Adobe Dimension installed on the remote macOS host is prior to 3.4.8. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB23-20 advisory. - Adobe Dimension versions 3.4.7 and earlier is affected by a Stack-based Buffer Overflow vulnerability that could...

K63714476: Linux kernel vulnerabilities CVE-2022-26353 and CVE-2021-3748

Security Advisory Description CVE-2022-26353 A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage and other unexpected results. Affected QEM...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-2880)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.1 : qemu (EulerOS-SA-2022-2898)

According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursoralloc function can lead to the...

EulerOS Virtualization 2.10.0 : qemu (EulerOS-SA-2022-2880)

According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursoralloc function can lead to the...

CVE-2020-26353

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

AlmaLinux 9 : qemu-kvm (ALSA-2022:5263)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5263 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

Oracle Linux 8 : kvm_utils2 (ELSA-2022-9862)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9862 advisory. - A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated message...