88 matches found
CVE-2024-22252
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...
SUSE CVE-2020-16092
In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in...
SUSE CVE-2020-26278
Weave Net is open source software which creates a virtual network that connects Docker containers across multiple hosts and enables their automatic discovery. Weave Net before version 2.8.0 has a vulnerability in which can allow an attacker to take over any host in the cluster. Weave Net is...
QEMU Buffer Overflow Vulnerability (CNVD-2022-84156)
QEMU Quick Emulator is a set of emulation processor software by Fabrice Bellard, a French personal developer. The software is fast and cross-platform. QEMU suffers from a buffer overflow vulnerability that stems from a lack of validation of the input data size or length in the readerstrecord and...
QEMU 安全漏洞
QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. A security vulnerability exists in QEMU's USB xHCI controller that stems from the presence of an infinite loop flaw. An attacker could exploit...
CVE-2021-3582
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. The issue occurs while handling a "PVRDMACMDCREATEMR" command due to improper memory remapping mremap. This flaw allows a malicious guest to crash the QEMU process on the host. The highest threat from this...
CVE-2021-22040
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host...
QEMU 数字错误漏洞
QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. A code issue vulnerability exists in QEMU, which stems from a found a division by zero issue in the dwc2handlepacket handler package in the...
Microsoft Windows splwow64 Out-Of-Bounds Read Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode...
QEMU msix_table_mmio_write() buffer overflow vulnerability
QEMU is a suite of analog processor software. A buffer overflow vulnerability exists in QEMU msixtablemmiowrite. An attacker could exploit the vulnerability to crash the QEMU process on the host, resulting in a denial of service...
CVE-2020-17380
A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via the sdhcisdmatransfermultiblocks routine in hw/sd/sdhci.c. A guest user or process could use this flaw to crash the QEMU process on the...
Lazarus Group Surfaces with Advanced Malware Framework
The North Korea-linked APT known as Lazarus Group has debuted an advanced, multipurpose malware framework, called MATA, to target Windows, Linux and macOS operating systems. Kaspersky researchers uncovered a series of attacks utilizing MATA so-called because the malware authors themselves call...
Domain controller freezes when an event subscription manager list is long in Windows 7 and Windows Server 2008 R2
Domain controller freezes when an event subscription manager list is long in Windows 7 and Windows Server 2008 R2 Symptoms Assume that a domain consists of Windows 7 Service Pack 1 SP1 and Windows Server 2008 R2 SP1 servers and clients. Additionally, an event subscription manager list that is...
DEBIAN-CVE-2019-20175
An issue was discovered in idedmacb in hw/ide/core.c in QEMU 2.4.0 through 4.2.0. The guest system can crash the QEMU process in the host system via a special SCSIIOCTLSENDCOMMAND. It hits an assertion that implies that the size of successful DMA transfers there must be a multiple of 512 the size...
CVE-2019-5540
VMware Workstation 15.x before 15.5.1 and Fusion 11.x before 11.5.1 contain an information disclosure vulnerability in vmnetdhcp. Successful exploitation of this issue may allow an attacker on a guest VM to disclose sensitive information by leaking memory from the host process...
Information disclosure
VMware Workstation 15.x before 15.5.1 and Fusion 11.x before 11.5.1 contain an information disclosure vulnerability in vmnetdhcp. Successful exploitation of this issue may allow an attacker on a guest VM to disclose sensitive information by leaking memory from the host process...
QEMU: slirp: heap buffer overflow during packet reassembly
A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the ipreass routine while reassembling incoming packets if the first fragment is bigger than the m-mdat buffer. An attacker could use this flaw to crash the QEMU process on the...
Denial Of Service (DoS)
spice-server is vulnerable to denial of service. A memory allocation flaw, leading to a heap-based buffer overflow, was found in spice's smartcard interaction, which runs under the QEMU-KVM context on the host. A user connecting to a guest VM using spice could potentially use this flaw to crash t...
Arbitrary Code Execution
QEMU is vulnerable to arbitrary code execution. An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions VBE support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on...
CVE-2016-8577
Memory leak in the v9fsread function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption via vectors related to an I/O read operation...