Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-28197

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00654EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2023-44153

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00218EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/14 12:44 p.m.20 views

CVE-2023-3494

The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86 I/O ports. The interface lets the guest copy a string into a buffer resident in the bhyve process' memory. A bug in the state machine implementation can result in a buffer overflowing when copyin...

8.8CVSS7.6AI score0.00218EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/05 3:32 a.m.22 views

CVE-2024-41928 bhyve(8) privileged guest escape via TPM device passthrough

Malicious software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve...

0.00244EPSS
Exploits0References1
Prion
Prion
added 2024/02/15 6:15 a.m.13 views

Out-of-bounds

The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The missing check means that the receipt of a specially crafted message will cause lib9p to overwrite unrelated memory. The bug can be triggered by a malicious bhyve gue...

7.7AI score0.00654EPSS
Exploits0References1
NVD
NVD
added 2024/02/15 5:15 a.m.27 views

CVE-2022-23087

The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload "TSO". The e1000 device model uses an on-stack buffer to generat...

8.8CVSS7.1AI score0.00209EPSS
Exploits0References2
OSV
OSV
added 2024/02/15 5:15 a.m.8 views

CVE-2022-23087

The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload "TSO". The e1000 device model uses an on-stack buffer to generat...

8.8CVSS6.3AI score0.00209EPSS
Exploits0References2
Prion
Prion
added 2024/02/15 5:15 a.m.16 views

Stack overflow

The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload "TSO". The e1000 device model uses an on-stack buffer to generat...

8.1AI score0.00209EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/15 5:13 a.m.8 views

CVE-2022-23092 Missing bounds check in 9p message handling

The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The missing check means that the receipt of a specially crafted message will cause lib9p to overwrite unrelated memory. The bug can be triggered by a malicious bhyve gue...

7.1AI score0.00654EPSS
Exploits0References2
Prion
Prion
added 2023/08/01 11:15 p.m.19 views

Buffer overflow

The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86 I/O ports. The interface lets the guest copy a string into a buffer resident in the bhyve process' memory. A bug in the state machine implementation can result in a buffer overflowing when copyin...

4.3CVSS9AI score0.00218EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/10/25 12:0 a.m.21 views

FreeBSD : FreeBSD -- Insufficient validation of guest-supplied data (e1000 device) (499b22a3-f680-11e9-a87f-a4badb2f4699)

The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload 'TSO'. The e1000 device model uses an on-stack buffer to generat...

7.5CVSS7.6AI score0.01293EPSS
Exploits0References2
Rows per page
Query Builder