CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

Microsoft CVE•added 2024/08/05 7:0 a.m.•1 views

An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message resulting in a denial of service.

...

6.5CVSS7AI score0.00151EPSS

Exploits0

RedHat Linux•added 2024/05/22 10:16 a.m.•0 views

QEMU: VNC: NULL pointer dereference in qemu_clipboard_request()

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

6.5CVSS7.1AI score0.00067EPSS

Exploits0References4

RedHat Linux•added 2024/05/22 10:16 a.m.•2 views

QEMU: VNC: infinite loop in inflate_buffer() leads to denial of service

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...

6.5CVSS7.3AI score0.00117EPSS

Exploits0References4

RedHat Linux•added 2024/04/30 10:36 a.m.•0 views

QEMU: VNC: infinite loop in inflate_buffer() leads to denial of service

6.5CVSS7.3AI score0.00117EPSS

Exploits0References4

OSV•added 2024/01/12 7:15 p.m.•1 views

UBUNTU-CVE-2023-6683

6.5CVSS6.7AI score0.00067EPSS

Exploits0References5

OSV•added 2023/11/03 11:6 a.m.•1 views

OESA-2023-1786 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib...

6.5CVSS6.6AI score0.00117EPSS

Exploits0References2

OSV•added 2023/09/13 5:15 p.m.•1 views

AZL-28791 CVE-2023-3255 affecting package qemu for versions less than 6.2.0-23

6.5CVSS6.8AI score0.00117EPSS

Exploits0References1

OSV•added 2023/09/13 5:15 p.m.•0 views

UBUNTU-CVE-2023-3255

6.5CVSS6.9AI score0.00117EPSS

Exploits0References4

Vulnrichment•added 2023/09/13 4:12 p.m.•1 views

CVE-2023-3255 Qemu: vnc: infinite loop in inflate_buffer() leads to denial of service

6.5CVSS6.1AI score0.00117EPSS

Exploits0References4

SUSE CVE•added 2023/07/07 2:19 a.m.•1 views

SUSE CVE-2023-3255

4.9CVSS6.6AI score0.00117EPSS

Exploits0References6

Positive Technologies•added 2023/07/04 12:0 a.m.•3 views

PT-2023-9176 · Qemu +10 · Qemu +10

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker-controlled zlib buffer ...

8.8CVSS5.9AI score0.00429EPSS

Exploits7References185

RedHat Linux•added 2023/05/16 9:7 a.m.•4 views

QEMU: VNC: integer underflow in vnc_client_cut_text_ext leads to CPU exhaustion

An integer underflow issue was found in the QEMU built-in VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...

6.5CVSS5.7AI score0.00151EPSS

Exploits0References4

RedHat Linux•added 2023/05/09 10:9 a.m.•4 views

QEMU: VNC: integer underflow in vnc_client_cut_text_ext leads to CPU exhaustion

6.5CVSS5.7AI score0.00151EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 5:16 a.m.•1 views

SUSE CVE-2015-5239

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service process crash via a CLIENTCUTTEXT message, which triggers an infinite loop...

6.5CVSS6.9AI score0.08407EPSS

Exploits1References16

OSV•added 2022/12/12 6:51 a.m.•1 views

USN-5772-1 qemu vulnerabilities

It was discovered that QEMU incorrectly handled bulk transfers from SPICE clients. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2021-3682 It...

8.5CVSS7AI score0.00477EPSS

Exploits3References7

OSV•added 2022/10/28 11:4 a.m.•1 views

OESA-2022-2024 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including one or several processors and various peripherals. It can be used to launch...

6.5CVSS6.6AI score0.00151EPSS

Exploits0References2

OSV•added 2022/10/17 4:15 p.m.•0 views

DEBIAN-CVE-2022-3165

6.5CVSS6.7AI score0.00151EPSS

Exploits0References1

OSV•added 2022/10/17 4:15 p.m.•0 views

UBUNTU-CVE-2022-3165

6.5CVSS6.8AI score0.00151EPSS

Exploits0References5

OSV•added 2020/01/23 8:15 p.m.•1 views

DEBIAN-CVE-2015-5239

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service process crash via a CLIENTCUTTEXT message, which triggers an infinite loop...

6.5CVSS7AI score0.08407EPSS

Exploits1References1