Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-34310

Malicious code in bioql PyPI...

7.1CVSS6.9AI score0.00376EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/04/13 12:0 a.m.12 views

Azure Linux 3.0 Security Update: qemu (CVE-2023-2861)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2861 advisory. - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit...

7.1CVSS6.8AI score0.00376EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/06 12:0 a.m.51 views

Ubuntu 20.04 LTS / 22.04 LTS : QEMU regression (USN-6567-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6567-2 advisory. USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in...

7.1CVSS6.3AI score0.00376EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.31 views

EulerOS 2.0 SP9 : qemu (EulerOS-SA-2023-2906)

According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands whe...

8.8CVSS6.9AI score0.01606EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.36 views

EulerOS Virtualization 2.9.0 : qemu (EulerOS-SA-2023-2999)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special file...

7.5CVSS6.4AI score0.01606EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/01/09 12:0 a.m.38 views

Ubuntu: Security Advisory (USN-6567-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7AI score0.01891EPSS
Exploits5References2
Ubuntu
Ubuntu
added 2024/01/08 5:46 p.m.74 views

USN-6567-1: QEMU vulnerabilities

Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2020-14394 It w...

8.8CVSS7.1AI score0.01891EPSS
Exploits5
NVD
NVD
added 2023/12/06 7:15 a.m.19 views

CVE-2023-2861

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...

7.1CVSS0.00376EPSS
Exploits0References5
OSV
OSV
added 2023/12/06 6:19 a.m.60 views

CVE-2023-2861 Qemu: 9pfs: improper access control on special files

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...

6CVSS6.8AI score0.00376EPSS
Exploits0References8
AlpineLinux
AlpineLinux
added 2023/12/06 6:19 a.m.35 views

CVE-2023-2861

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...

7.1CVSS6.7AI score0.00376EPSS
Exploits0
CVE
CVE
added 2023/12/06 6:19 a.m.183 views

CVE-2023-2861

The CVE-2023-2861 issue affects QEMU’s 9pfs (9p passthrough filesystem) where the server allowed opening host-side special files, potentially enabling a malicious client to escape the exported 9p tree by creating/opening a device file in the shared folder. Affected are QEMU implementations in var...

7.1CVSS6.5AI score0.00376EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2023/10/09 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2906)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.4AI score0.01606EPSS
Exploits0References2
Prion
Prion
added 2023/07/24 4:15 p.m.19 views

Design/Logic Flaw

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. When a local user in the guest writes an executable file with SUID or SGID, none of these privileged bits are correctly dropped. As a result, in rare circumstances, this flaw could be used by malicious users in the gue...

4.3CVSS7.3AI score0.00223EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2023/07/03 8:17 a.m.26 views

CVE-2023-2861

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...

6CVSS6.8AI score0.00376EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/07 12:0 a.m.4 views

PT-2023-9641 · Qemu +1 · Qemu +1

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: A flaw was found in the 9p passthrough filesystem 9pfs implementation. When a local user in the guest writes an executable file with SUID or SGID, none of these privileged bits are correctly...

7.8CVSS6.6AI score0.00223EPSS
Exploits0References20
Rows per page
Query Builder