33 matches found
CVE-2025-22038 ksmbd: validate zero num_subauth before sub_auth is accessed
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate zero numsubauth before subauth is accessed Access psid-subauthpsid-numsubauth - 1 without checking if numsubauth is non-zero leads to an out-of-bounds read. This patch adds a validation step to ensure numsubauth !...
RHEL 7 : less (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - less: out of bounds read access in isutf8wellformed CVE-2014-9488 Note that Nessus has not tested for this issue bu...
RHEL 5 : less (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - less: out of bounds read access in isutf8wellformed CVE-2014-9488 Note that Nessus has not tested for this issue bu...
PT-2023-17801 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions prior to Android-13 Description: The issue is related to a possible out of bounds read in the p2p iface.cpp file due to a missing bounds check. This could lead to local information disclosure, with System execution privileges...
SUSE SLES15 Security Update : libslirp (SUSE-SU-2022:2941-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2941-1 advisory. - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6input functio...
SUSE SLES15 Security Update : libslirp (SUSE-SU-2022:1730-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1730-1 advisory. - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootpinp...
SUSE SLES15 Security Update : libslirp (SUSE-SU-2022:1465-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1465-1 advisory. - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootpinp...
EulerOS 2.0 SP9 : qemu (EulerOS-SA-2022-1014)
According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The ahcicommitbuf function in ide/ahci.c in QEMU allows attackers to cause a denial of service NULL dereference when the command header 'ad-curcmd'...
Ubuntu 21.10 : libslirp vulnerabilities (USN-5009-2)
The remote Ubuntu 21.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5009-2 advisory. USN-5009-1 fixed vulnerabilities in libslirp. This update provides the corresponding updates for Ubuntu 21.10. Tenable has extracted the preceding descriptio...
SUSE: Security Advisory (SUSE-SU-2021:3854-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : qemu (ALAS-2021-1671)
The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1671 advisory. A heap buffer overflow flaw was found in the iSCSI support of QEMU. This flaw could lead to an out-of- bounds read access and...
Information Disclosure
libslirp is vulnerable to information disclosure. An invalid pointer initialization in tftpinput function while processing a UDP packet that is smaller than the size of the tftpt structure leads to an out-of-bounds read access...
QEMU Invalid Pointer Initialization Vulnerability (CNVD-2021-45768)
QEMU is a suite of analog processor software. A security vulnerability exists in QEMU that stems from the function udp6input using memory outside of the working mbuf buffer when processing udp packets from incoming guests that are smaller than the size of the udphdr structure. An attacker could...
CVE-2021-3593
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6input function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or...
CVE-2020-36325
An issue was discovered in Jansson through 2.13.1. Due to a parsing error in jsonloads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification...
Design/Logic Flaw
An issue was discovered in Jansson through 2.13.1. Due to a parsing error in jsonloads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification...
CVE-2020-36325
An issue was discovered in Jansson through 2.13.1. Due to a parsing error in jsonloads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification...
Oracle Linux 7 : qemu (ELSA-2021-9104)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9104 advisory. - 9pfs: Fully restart unreclaim loop CVE-2021-20181 Greg Kurz Orabug: 32441198 CVE-2021-20181 - ide: atapi: check logical block address and read size...
CVE-2020-29443
ideatapicmdreplyend in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated...
CVE-2020-29443
ideatapicmdreplyend in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated...