Lucene search
K

52 matches found

Amazon
Amazon
added 2025/11/10 12:0 a.m.4 views

Important: qemu

Issue Overview: A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursoralloc function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QE...

8.2CVSS7.9AI score0.00834EPSS
Exploits1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-0273

Malware in sbrugna...

2.1CVSS6AI score0.00385EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-34065

Malicious code in bioql PyPI...

8.2CVSS6.9AI score0.00399EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-51506

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00281EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.9 views

Azure Linux 3.0 Security Update: qemu / qemu-kvm (CVE-2021-4207)

The version of qemu / qemu-kvm installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-4207 advisory. - A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled...

8.2CVSS7.5AI score0.00399EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/08/06 12:0 a.m.27 views

CBL Mariner 2.0 Security Update: qemu (CVE-2022-4144)

The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-4144 advisory. - An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxlphys2virt function doe...

6.5CVSS6.4AI score0.00281EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2024/08/05 7:0 a.m.3 views

An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition.

...

6.5CVSS7AI score0.00281EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/08/05 7:0 a.m.3 views

A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.

...

8.2CVSS7AI score0.00834EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.35 views

Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2023:0099)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:0099 advisory. - An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxlphys2virt function does not check the size of the structure pointed to...

6.5CVSS6.4AI score0.00281EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/07/25 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2446)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.00281EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/06/12 12:0 a.m.19 views

EulerOS Virtualization 3.0.6.0 : qemu (EulerOS-SA-2023-2255)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxlphys2virt function does not check the size ...

6.5CVSS6.4AI score0.00281EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/06/07 12:0 a.m.28 views

EulerOS Virtualization 2.11.0 : qemu (EulerOS-SA-2023-2134)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Bloc...

8.8CVSS7.2AI score0.02701EPSS
Exploits9References17
Tenable Nessus
Tenable Nessus
added 2023/06/07 12:0 a.m.30 views

EulerOS Virtualization 2.11.1 : qemu (EulerOS-SA-2023-2082)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Bloc...

8.8CVSS7.2AI score0.02701EPSS
Exploits9References17
OpenVAS
OpenVAS
added 2023/06/07 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2082)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.9AI score0.02701EPSS
Exploits9References2
OpenVAS
OpenVAS
added 2023/06/07 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2134)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.9AI score0.02701EPSS
Exploits9References2
Tenable Nessus
Tenable Nessus
added 2023/06/02 12:0 a.m.69 views

Oracle Linux 7 : qemu (ELSA-2023-12368)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12368 advisory. - qga/win32: Use rundll for VSS installation Konstantin Kostiuk Orabug: 35206108 CVE-2023-0664 - qga/win32: Remove change action from MSI installer...

7.8CVSS7AI score0.00308EPSS
Exploits0References3
Amazon
Amazon
added 2023/05/31 12:0 a.m.34 views

Medium: qemu

Issue Overview: A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on t...

8.2CVSS7.4AI score0.00475EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/04/27 12:0 a.m.23 views

EulerOS Virtualization 2.9.1 : qemu-kvm (EulerOS-SA-2023-1651)

According to the versions of the qemu-kvm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Regist...

8.6CVSS6.4AI score0.00802EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/04/27 12:0 a.m.26 views

EulerOS Virtualization 2.9.0 : qemu-kvm (EulerOS-SA-2023-1685)

According to the versions of the qemu-kvm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Regist...

8.6CVSS6.4AI score0.00802EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/03/24 12:0 a.m.42 views

SUSE SLES15: qemu / qemu-arm / qemu-audio-alsa / qemu-audio-oss / qemu-audio-pa / etc (SUSE-SU-2023:0877-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0877-1 advisory. - CVE-2022-4144: Fixed unsafe address translation that can lead to out-of-bounds read in qxlphys2virt bsc1205808. Tenable has extracted the...

6.5CVSS6.7AI score0.00281EPSS
Exploits0References4
Rows per page
Query Builder