Lucene search
K

24 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-42588

Malicious code in bioql PyPI...

6.5CVSS6.8AI score0.0114EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-58904

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.01261EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2023-3354

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a...

7.5CVSS6.7AI score0.01606EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/05/22 10:16 a.m.2 views

QEMU: VNC: NULL pointer dereference in qemu_clipboard_request()

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

6.5CVSS7.1AI score0.01261EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/01/18 2:52 a.m.4 views

SUSE CVE-2023-6683

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

6.5CVSS6.4AI score0.01261EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/12/16 12:0 a.m.7 views

PT-2023-8255 · Qemu +10 · Qemu +10

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu clipboard request function can be reached before vnc server cut text caps was called and had...

8.8CVSS5.8AI score0.01891EPSS
Exploits5References150
RedHat Linux
RedHat Linux
added 2023/11/01 9:11 a.m.4 views

QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QE...

7.5CVSS7.1AI score0.01606EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/10/10 2:18 p.m.4 views

QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QE...

7.5CVSS7.1AI score0.01606EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2023/07/11 5:15 p.m.26 views

CVE-2023-3354

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QE...

7.5CVSS7.1AI score0.01606EPSS
Exploits0
OSV
OSV
added 2023/07/11 5:15 p.m.5 views

AZL-35171 CVE-2023-3354 affecting package qemu for versions less than 8.2.0-1

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QE...

7.5CVSS6.6AI score0.01606EPSS
Exploits0References1
OSV
OSV
added 2023/07/11 5:15 p.m.3 views

DEBIAN-CVE-2023-3354

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QE...

7.5CVSS6.4AI score0.01606EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/07/11 5:15 p.m.32 views

CVE-2023-3354

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QE...

7.5CVSS6.7AI score0.01606EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/05/19 12:0 a.m.44 views

AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2023:2757)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2757 advisory. ntfs-3g: heap-based buffer overflow in ntfsck CVE-2021-46790 QEMU: VNC: integer underflow in vncclientcuttextext leads to CPU exhaustion CVE-2022-3165...

7.8CVSS7.5AI score0.05552EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2023/05/16 12:0 a.m.32 views

CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2023:2757)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:2757 advisory. - ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+5123-2. NOTE: the upstream position is that ntfsck is deprecate...

7.8CVSS7.4AI score0.05552EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2022/12/21 12:0 a.m.29 views

Fedora 36 : qemu (2022-8dcdfe7297)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-8dcdfe7297 advisory. vnc-clipboard: fix integer underflow in vncclientcuttextext CVE-2022-3165 rhbz2129759 Tenable has extracted the preceding description block directly from the...

6.5CVSS7.1AI score0.0114EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/12/12 12:0 a.m.36 views

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : QEMU vulnerabilities (USN-5772-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5772-1 advisory. It was discovered that QEMU incorrectly handled bulk transfers from SPICE clients. A remote attacker could use this...

8.5CVSS7.1AI score0.02904EPSS
Exploits3References7
NVD
NVD
added 2022/10/17 4:15 p.m.21 views

CVE-2022-3165

An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...

6.5CVSS0.0114EPSS
Exploits0References4
OSV
OSV
added 2022/10/17 4:15 p.m.4 views

AZL-35160 CVE-2022-3165 affecting package qemu for versions less than 6.2.0-18

An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...

6.5CVSS5.7AI score0.0114EPSS
Exploits0References1
OSV
OSV
added 2022/10/17 4:15 p.m.0 views

DEBIAN-CVE-2022-3165

An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...

6.5CVSS6.7AI score0.0114EPSS
Exploits0References1
OSV
OSV
added 2022/10/17 4:15 p.m.6 views

UBUNTU-CVE-2022-3165

An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...

6.5CVSS6.8AI score0.0114EPSS
Exploits0References5
Rows per page
Query Builder