849 matches found
DEBIAN-CVE-2014-9718
The 1 BMDMA and 2 AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service memory consumption or infinite loop, and system crash via a PRDT with zero complete...
CVE-2014-9718
CVE-2014-9718 affects QEMU 1.0–2.1.3 (IDE: BMDMA and AHCI HBA). The vulnerability comes from multiple interpretations of a function return value in bmdma_prepare_buf/ahci_dma_prepare_buf, allowing a guest OS user to trigger host DoS via a PRDT with zero complete sectors, potentially causing memor...
CVE-2014-9718
The 1 BMDMA and 2 AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service memory consumption or infinite loop, and system crash via a PRDT with zero complete...
CVE-2014-9718
The 1 BMDMA and 2 AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service memory consumption or infinite loop, and system crash via a PRDT with zero complete...
CVE-2014-9718
The 1 BMDMA and 2 AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service memory consumption or infinite loop, and system crash via a PRDT with zero complete...
UBUNTU-CVE-2014-9718
The 1 BMDMA and 2 AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service memory consumption or infinite loop, and system crash via a PRDT with zero complete...
[SECURITY] Fedora 20 Update: qt-creator-3.2.2-2.fc20
Qt Creator is a cross-platform IDE integrated development environment tailored to the needs of Qt developers...
Mandriva Linux Security Advisory : qemu (MDVSA-2015:061)
Updated qemu packages fix multiple security vulnerabilities : Sibiao Luo discovered that QEMU incorrectly handled device hot-unplugging. A local user could possibly use this flaw to cause a denial of service CVE-2013-4377. Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 device...
Codiad short_name Cross-Site Scripting Vulnerability
Codiad is an open source Web-based IDE application for writing and editing code online . A cross-site scripting vulnerability exists in Codiad components/filemanager/dialog.php, which allows injection of arbitrary web script or HTML via the shortname parameter, which can obtain sensitive...
Faraday v1.0.7 - Integrated Penetration-Test Environment a multiuser Penetration test IDE
Faraday introduces a new concept IPE Integrated Penetration-Test Environment a multiuser Penetration test IDE. Designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the...
openSUSE Security Update : subversion (openSUSE-SU-2014:1725-1)
This Apache Subversion update fixes the following security and non security issues. - Apache Subversion 1.8.11 - This release addresses two security issues: boo909935 - CVE-2014-3580: moddavsvn DoS from invalid REPORT requests. - CVE-2014-8108: moddavsvn DoS from use of invalid transaction names....
Codiad 2.4.3 Cross Site Scripting / Local File Inclusion
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Exploit Title: Codiad - Cross Site Scripting - Local File Inclusion Vulnerability's Date: 19/12/2014 Url Vendor: http://codiad.com/ Vendor Name: Codiad Version:...
Codiad 2.4.3 Cross Site Scripting / Local File Inclusion Vulnerabilities
Codiad version 2.4.3 suffers from cross site scripting and local file inclusion vulnerabilities. Exploit Title: Codiad - Cross Site Scripting - Local File Inclusion Vulnerability's Date: 19/12/2014 Url Vendor: http://codiad.com/ Vendor Name: Codiad Version: 2.4.3 CVE: CVE-2014-1137 Author:...
Codiad 2.4.3 - Multiple Vulnerabilities
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Exploit Title: Codiad 2.4.3 - Cross Site Scripting - Local File Inclusion Vulnerability's Date: 19/12/2014 Url Vendor: http://codiad.com/ Vendor Name: Codiad...
Codiad 2.4.3 - Multiple Vulnerabilities
Codiad 2.4.3 - Multiple Vulnerabilities -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Exploit Title: Codiad 2.4.3 - Cross Site Scripting - Local File Inclusion Vulnerability's Date: 19/12/2014 Url Vendor:...
[SECURITY] Fedora 20 Update: rocs-4.14.1-1.fc20
Graph Theory IDE...
QEMU: out of bounds buffer accesses, guest triggerable via IDE SMART
Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption...
Oracle Linux 7 : qemu-kvm (ELSA-2014-0704)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-0704 advisory. 1.5.3-60.el70.2 - kvm-pc-add-hotaddcpu-callback-to-all-machine-types.patch bz1094820 - Resolves: bz1094820 Hot plug CPU not working with RHEL6 machine types...
SuSE 11.3 Security Update : KVM (SAT Patch Number 9302)
Several security issues in KVM have been fixed. Some issues could have resulted in arbitrary code execution or crash of the kvm host. - virtio-net: buffer overflow in virtionethandlemac function. CVE-2014-0150 - Fixed out of bounds buffer accesses, guest triggerable via IDE SMART. CVE-2014-2894 -...
Moderate: Red Hat Security Advisory: qemu-kvm security and bug fix update
Updated qemu-kvm packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...