35 matches found
The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain full control over the application.
The vulnerability of the Core component of the Oracle VM VirtualBox software relates to the double memory release during the processing of input/output messages from the smart card. Exploiting this vulnerability allows an attacker to gain full control over the application by sending specially...
CVE-2022-39425
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.40. Difficult to exploit vulnerability allows unauthenticated attacker with network access via VRDP to compromise Oracle VM VirtualBox. Successful...
PT-2022-5337 · Oracle +1 · Virtualbox +1
Name of the Vulnerable Software and Affected Versions: Oracle VM VirtualBox versions prior to 6.1.40 Description: The issue is related to a double free memory error when handling smart card input/output messages in the Core component of Oracle VM VirtualBox. This can be exploited by a remote...
The vulnerability of the Display Key Combination Switches in the Wayland server display protocol implementation allows a hacker to compromise data integrity or cause service failures.
The vulnerability of the Display Key Combination Demon in the Wayland display protocol implementation relates to the ability to save the PID of a process in the /tmp/swhks.pid file and incorporate the PID of an existing process into it. Exploiting this vulnerability allows a remote attacker to...
SWHKD has unspecified vulnerabilities
SWHKD is a hotkey daemon made with Rust that is independent of the display protocol. SWHKD has security vulnerabilities that can be exploited by attackers to perform arbitrary file presence tests with the -c option...
SWHKD has unspecified vulnerabilities (CNVD-2022-43218)
SWHKD is a display protocol-independent hotkey daemon made with Rust. A security vulnerability exists in SWHKD, which stems from the insecure use of the /tmp/swhkd.sock pathname. An attacker could exploit the vulnerability to obtain sensitive information or launch a denial-of-service attack...
SWHKD Denial of Service Vulnerability
SWHKD is a display protocol independent hotkey daemon made in Rust. A denial of service vulnerability exists in SWHKD version 1.1.5, which stems from the insecure use of the /tmp/swhks.pid pathname and can be exploited by an attacker to potentially cause a denial of service...
QEMU: vnc: memory leakage upon disconnect
A memory leakage flaw was found in the way the VNC display driver of QEMU handled the connection disconnect when ZRLE and Tight encoding are enabled. Two VncState objects are created, and one allocates memory for the Zlib's data object. This allocated memory is not freed upon disconnection,...
CentOS 6 : spice-server (CESA-2019:0232)
An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: Red Hat Security Advisory: spice-server security update
An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
CentOS 6 : spice-server (CESA-2018:3522)
An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Virtuozzo 6 : spice-server / spice-server-devel (VZLSA-2018-3522)
An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Oracle Linux 6 : spice-server (ELSA-2018-3522)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-3522 advisory. - Prevent potential buffer/integer overflows with invalid MonitorsConfig messages sent from an authenticated client Resolves: CVE-2017-7506 Tenable has extracte...
Important: Red Hat Security Advisory: spice-server security update
An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
CVE-2018-3294
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows low privileged attacker with network access via VRDP to compromise Oracle VM VirtualBox. Successful...
Important: Red Hat Security Advisory: spice-gtk and spice-server security update
An update for spice-gtk and spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
UBUNTU-CVE-2015-8316
Array index error in LightDM aka Light Display Manager 1.14.3, 1.16.x before 1.16.6 when the XDMCP server is enabled allows remote attackers to cause a denial of service process crash via an XDMCP request packet with no address...
Virtuozzo 6 : spice-server / spice-server-devel (VZLSA-2017-0253)
An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
Qemu: cirrus: heap buffer overflow via vnc connection
A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash...
Qemu: cirrus: heap buffer overflow via vnc connection
A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash...