Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.25 views

CentOS 7 : qemu-kvm-ma (RHSA-2020:3907)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3907 advisory. - qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service guest crash by leveraging mishandling of the seccomp policy for...

5.5CVSS6.4AI score0.00866EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/23 12:0 a.m.8 views

QEMU 安全漏洞

QEMU Quick Emulator is a suite of simulation processor software by Fabrice Bellard, an individual developer in France. The software is fast and cross-platform. A security vulnerability exists in QEMU, which stems from the fact that an attacker can trigger a denial of service by triggering a...

6CVSS7AI score0.00552EPSS
Exploits1References6
F5 Networks
F5 Networks
added 2023/02/21 7:0 p.m.42 views

K75952001: QEMU vulnerability CVE-2019-15890

Security Advisory Description libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ipreass in ipinput.c. CVE-2019-15890 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported...

7.5CVSS7AI score0.04027EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.215 views

AlmaLinux 8 : virt:rhel (ALSA-2020:2774)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:2774 advisory. QEMU: Slirp: potential OOB access due to unsafe snprintf usages CVE-2020-8608 QEMU: vnc: memory leakage upon disconnect CVE-2019-20382 Tenable has extract...

6.8CVSS6.5AI score0.02486EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/06/12 12:0 a.m.76 views

SUSE SLES12: qemu / qemu-arm / qemu-block-curl / qemu-block-iscsi / etc (SUSE-SU-2021:1947-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1947-1 advisory. - Fix OOB access during mmio operations CVE-2020-13754, bsc1172382 - Fix out-of-bounds read information disclosure in...

7.5CVSS6.7AI score0.05447EPSS
Exploits2References30
Prion
Prion
added 2020/12/31 1:15 a.m.29 views

Heap overflow

iscsiaioioctlcb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker...

2.1CVSS4.4AI score0.00463EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2020/12/31 1:15 a.m.19 views

Out-of-bounds

In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation. It occurs in the aticursordefine routine while handling MMIO write operations through the atimmwrite callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service...

2.1CVSS6.1AI score0.0033EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/12/31 1:15 a.m.4 views

UBUNTU-CVE-2020-11947

iscsiaioioctlcb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker...

3.8CVSS6.8AI score0.00463EPSS
Exploits0References4
CVE
CVE
added 2020/12/31 12:13 a.m.352 views

CVE-2020-11947

CVE-2020-11947 affects QEMU 4.1.0: iscsi_aio_ioctl_cb in block/iscsi.c performs a heap-based buffer over-read, potentially disclosing unrelated process memory to an attacker (information disclosure). The provided documents do not specify a patched version or exact remediation steps. No exploitati...

3.8CVSS5AI score0.00463EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/12/31 12:13 a.m.24 views

CVE-2020-11947

iscsiaioioctlcb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker...

5.4AI score0.00463EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.45 views

Amazon Linux 2 : qemu (ALAS-2020-1570)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1570 advisory. A use-after-free issue was found in the SLiRP networking implementation of the QEMU emulator. The issue occurs in ipreass...

7.5CVSS6.9AI score0.04027EPSS
Exploits0References5
Cvelist
Cvelist
added 2020/03/05 6:27 p.m.28 views

CVE-2019-20382

QEMU 4.1.0 has a memory leak in zrlecompressdata in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd...

5.2AI score0.00866EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2019/12/10 12:0 a.m.10 views

PT-2020-6467

Name of the Vulnerable Software and Affected Versions QEMU version 4.1.0 Description The issue is related to a heap-based buffer over-read in the iscsi aio ioctl cb function in the block/iscsi.c file. This may disclose unrelated information from process memory to an attacker. The vulnerability is...

6.4CVSS6.7AI score0.00463EPSS
Exploits0References201
Prion
Prion
added 2019/09/06 5:15 p.m.19 views

Design/Logic Flaw

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ipreass in ipinput.c...

5CVSS7.2AI score0.04027EPSS
Exploits0References9Affected Software2
UbuntuCve
UbuntuCve
added 2019/09/06 5:15 p.m.48 views

CVE-2019-15890

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ipreass in ipinput.c...

7.5CVSS6.9AI score0.04027EPSS
Exploits0References5
CVE
CVE
added 2019/09/06 4:55 p.m.424 views

CVE-2019-15890

CVE-2019-15890 affects libslirp 4.0.0 (used in QEMU 4.1.0). A use-after-free in ip_reass() within ip_input.c can crash the process, leading to a potential denial of service. The vulnerability is exploitable over the network, with no authentication or user interaction required per the CVSS: AV:N/A...

7.5CVSS7.5AI score0.04027EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2019/09/06 4:55 p.m.42 views

CVE-2019-15890

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ipreass in ipinput.c...

7.5CVSS7.4AI score0.04027EPSS
Exploits0
Rows per page
Query Builder