Lucene search
K

2301 matches found

Chainguard
Chainguard
added 4 days ago6 views

GHSA-QHPR-79XW-32M8 vulnerabilities

Vulnerabilities for packages: linux-azure, linux-vmware, linux-gcp, linux-qemu, linux-qemu-melange, linux-aws...

6.1AI score
Exploits0
Chainguard
Chainguard
added 4 days ago6 views

GHSA-CM56-MVX6-66QM vulnerabilities

Vulnerabilities for packages: linux-azure, linux-vmware, linux-gcp, linux-qemu, linux-qemu-melange, linux-aws...

6.1AI score
Exploits0
Chainguard
Chainguard
added 4 days ago7 views

GHSA-GVRM-XH5G-W8V6 vulnerabilities

Vulnerabilities for packages: linux-azure, linux-vmware, linux-gcp, linux-qemu, linux-qemu-melange, linux-aws...

6.1AI score
Exploits0
EUVD
EUVD
added 2026/06/19 4:23 p.m.33 views

EUVD-2026-38043

A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...

7.8CVSS7AI score0.00273EPSS
Exploits0References2
CVE
CVE
added 2026/06/19 4:23 p.m.56 views

CVE-2026-3196

CVE-2026-3196 describes an integer overflow in the virtio-snd device triggered by PCM_INFO requests from a guest, causing unbounded host memory allocation and potential denial-of-service. Documented in multiple feeds (CVE listing, AttackersKB, OSV/Nessus advisories) indicates the vulnerability af...

5.5CVSS5.9AI score0.00102EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 9:30 p.m.9 views

EUVD-2026-36745

An issue in Microvirt MEmu Android Emulator 9.2.7.0 allows a local attacker to escalate privileges via the MemuService.exe component...

5.2AI score0.00479EPSS
Exploits2References2
NVD
NVD
added 2026/06/15 8:16 p.m.12 views

CVE-2026-36213

An issue in Microvirt MEmu Android Emulator 9.2.7.0 allows a local attacker to escalate privileges via the MemuService.exe component...

7.8CVSS0.00479EPSS
Exploits2References1
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.33 views

CVE-2026-36213

An issue in Microvirt MEmu Android Emulator 9.2.7.0 allows a local attacker to escalate privileges via the MemuService.exe component...

0.00479EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.20 views

PT-2026-49285

Name of the Vulnerable Software and Affected Versions Microvirt MEmu Android Emulator version 9.2.7.0 Description A flaw in the MemuService.exe component allows a local attacker to perform a Windows Service Hijacking attack, leading to local privilege escalation to SYSTEM level. Recommendations A...

7.8CVSS5.2AI score0.00479EPSS
Exploits2References3
CVE
CVE
added 2026/06/15 12:0 a.m.31 views

CVE-2026-36213

The vulnerability CVE-2026-36213 affects Microvirt MEmu Android Emulator (Windows) up to version 9.2.7.0, in the MemuService.exe component. The issue enables local privilege escalation because the MemuSVC service runs with SYSTEM-level privileges while its binary is writable by a local user, allo...

7.8CVSS5.3AI score0.00479EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.29 views

QEMU 8.1.x < 10.0.10 / 10.2.x < 10.2.3 / 11.0.x < 11.0.1 Privilege Escalation

The version of QEMU installed on the remote Windows host is affected by a privilege escalation vulnerability: - An integer overflow exists in the calcimagehostmem function within the virtio-gpu driver due to the lack of proper validation of user-supplied data before allocating a buffer. A local...

8.2AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.19 views

EulerOS Virtualization 2.13.1 : vim (EulerOS-SA-2026-2392)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob...

8.2CVSS7.8AI score0.01162EPSS
Exploits0References11
Packet Storm
Packet Storm
added 2026/06/11 12:0 a.m.58 views

📄 MEmu Android Emulator 9.2.7.0 Privilege Escalation

MEmu Android Emulator version 9.2.7.0 suffers from a local privilege escalation vulnerability via insecure permissions. CVE-2026-36213 CVE-2026-36213 | Local Privilege Escalation in MEmu Android Emulator 9.2.7.0 via Insecure Service Binary Permissions | Patched in 9.3.2 CVE-2026-36213 — MEmu...

7.8CVSS5.4AI score0.00479EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.12 views

EulerOS Virtualization 2.10.1 : libvirt (EulerOS-SA-2026-2040)

According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption.CVE-2025-12748 Tenab...

5.5CVSS5.6AI score0.00204EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/20 7:57 a.m.11 views

CVE-2026-45036

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby before 1.0.233 automatically confirms ZMODEM protocol detection on all terminal session output without user interaction, enabling shell command execution when a user displays attacker-controlled content. T...

7CVSS6.2AI score0.0013EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Qemu

In QEMU, the softmmu/physmem.c file, versions up to 7.0.0, can perform an uninitialized read on the translatefail path, resulting in an ioreadx or iowritex crash. NOTE: A third-party report states that the “Non-virtualization Use Case” described in the qemu.org reference applies here. In other...

8.8CVSS7.6AI score0.00656EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Qemu

The ethgetgsotype function in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process by sending packet data that lacks a valid Layer 3 protocol...

6.5CVSS6.8AI score0.02515EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Qemu

In QEMU 5.1.0, the ideatapicmdreplyend variable in hw/ide/atapi.c allows out-of-bounds read access, as the buffer index is not validated...

3.9CVSS6.5AI score0.00369EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Qemu

In QEMU 5.0.0, the file hw/net/e1000ecore.c contains an infinite loop that occurs due to a NULL buffer address in the RX descriptor...

5.5CVSS6.8AI score0.00654EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Qemu

A “off-by-one” read/write issue was identified in the SDHCI device of QEMU. This issue occurs when reading/writing the Buffer Data Port Register using the sdhcireaddataport and sdhciwritedataport functions, specifically when datacount == blocksize. A malicious guest could exploit this flaw to cra...

8.6CVSS6.9AI score0.00802EPSS
Exploits0References2
Rows per page
Query Builder