Lucene search
K

35 matches found

BDU FSTEC
BDU FSTEC
added 2022/11/07 12:0 a.m.5 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain full control over the application.

The vulnerability of the Core component of the Oracle VM VirtualBox software relates to the double memory release during the processing of input/output messages from the smart card. Exploiting this vulnerability allows an attacker to gain full control over the application by sending specially...

8.1CVSS6.7AI score0.01136EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/10/18 9:15 p.m.8 views

CVE-2022-39425

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.40. Difficult to exploit vulnerability allows unauthenticated attacker with network access via VRDP to compromise Oracle VM VirtualBox. Successful...

8.1CVSS7.3AI score0.01635EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/10/18 12:0 a.m.4 views

PT-2022-5337 · Oracle +1 · Virtualbox +1

Name of the Vulnerable Software and Affected Versions: Oracle VM VirtualBox versions prior to 6.1.40 Description: The issue is related to a double free memory error when handling smart card input/output messages in the Core component of Oracle VM VirtualBox. This can be exploited by a remote...

8.8CVSS6AI score0.02167EPSS
Exploits1References118
BDU FSTEC
BDU FSTEC
added 2022/04/20 12:0 a.m.8 views

The vulnerability of the Display Key Combination Switches in the Wayland server display protocol implementation allows a hacker to compromise data integrity or cause service failures.

The vulnerability of the Display Key Combination Demon in the Wayland display protocol implementation relates to the ability to save the PID of a process in the /tmp/swhks.pid file and incorporate the PID of an existing process into it. Exploiting this vulnerability allows a remote attacker to...

9.4CVSS7.1AI score0.00493EPSS
Exploits1References6Affected Software1
CNVD
CNVD
added 2022/04/18 12:0 a.m.20 views

SWHKD has unspecified vulnerabilities

SWHKD is a hotkey daemon made with Rust that is independent of the display protocol. SWHKD has security vulnerabilities that can be exploited by attackers to perform arbitrary file presence tests with the -c option...

3.3CVSS2.9AI score0.00446EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/07 12:0 a.m.14 views

SWHKD has unspecified vulnerabilities (CNVD-2022-43218)

SWHKD is a display protocol-independent hotkey daemon made with Rust. A security vulnerability exists in SWHKD, which stems from the insecure use of the /tmp/swhkd.sock pathname. An attacker could exploit the vulnerability to obtain sensitive information or launch a denial-of-service attack...

9.1CVSS2.1AI score0.01737EPSS
Exploits0References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.16 views

SWHKD Denial of Service Vulnerability

SWHKD is a display protocol independent hotkey daemon made in Rust. A denial of service vulnerability exists in SWHKD version 1.1.5, which stems from the insecure use of the /tmp/swhks.pid pathname and can be exploited by an attacker to potentially cause a denial of service...

7.1CVSS6.7AI score0.00493EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2020/06/30 2:15 p.m.6 views

QEMU: vnc: memory leakage upon disconnect

A memory leakage flaw was found in the way the VNC display driver of QEMU handled the connection disconnect when ZRLE and Tight encoding are enabled. Two VncState objects are created, and one allocates memory for the Zlib's data object. This allocated memory is not freed upon disconnection,...

3.5CVSS7.1AI score0.00866EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/02/11 12:0 a.m.93 views

CentOS 6 : spice-server (CESA-2019:0232)

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS7.1AI score0.01208EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/01/31 6:28 p.m.134 views

Important: Red Hat Security Advisory: spice-server security update

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS6.9AI score0.01208EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/11/21 12:0 a.m.29 views

CentOS 6 : spice-server (CESA-2018:3522)

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.8CVSS8AI score0.04204EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/11/21 12:0 a.m.31 views

Virtuozzo 6 : spice-server / spice-server-devel (VZLSA-2018-3522)

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.8CVSS7.9AI score0.04204EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/11/09 12:0 a.m.28 views

Oracle Linux 6 : spice-server (ELSA-2018-3522)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-3522 advisory. - Prevent potential buffer/integer overflows with invalid MonitorsConfig messages sent from an authenticated client Resolves: CVE-2017-7506 Tenable has extracte...

8.8CVSS7.7AI score0.04204EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/11/07 11:4 p.m.568 views

Important: Red Hat Security Advisory: spice-server security update

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.8CVSS7.5AI score0.04204EPSS
Exploits0References2
OSV
OSV
added 2018/10/17 1:31 a.m.3 views

CVE-2018-3294

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows low privileged attacker with network access via VRDP to compromise Oracle VM VirtualBox. Successful...

9CVSS7.3AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/09/20 3:27 p.m.75 views

Important: Red Hat Security Advisory: spice-gtk and spice-server security update

An update for spice-gtk and spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS7.6AI score0.03934EPSS
Exploits0References2
OSV
OSV
added 2017/09/06 9:29 p.m.3 views

UBUNTU-CVE-2015-8316

Array index error in LightDM aka Light Display Manager 1.14.3, 1.16.x before 1.16.6 when the XDMCP server is enabled allows remote attackers to cause a denial of service process crash via an XDMCP request packet with no address...

5.9CVSS6.3AI score0.01748EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/07/13 12:0 a.m.27 views

Virtuozzo 6 : spice-server / spice-server-devel (VZLSA-2017-0253)

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

8.8CVSS7.6AI score0.03844EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/06/14 3:20 p.m.9 views

Qemu: cirrus: heap buffer overflow via vnc connection

A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash...

9.9CVSS7.8AI score0.04448EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/04/18 1:55 p.m.4 views

Qemu: cirrus: heap buffer overflow via vnc connection

A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash...

9.9CVSS7.8AI score0.04448EPSS
Exploits0References4
Rows per page
Query Builder