Lucene search
K

50 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Vino

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data. This allows remote attackers to cause a denial of service memory consumption or daemon crash by processing a...

5CVSS7.3AI score0.07563EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2010-5263

Malware in sbrugna...

7.5CVSS7.3AI score0.03115EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-58904

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.01261EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-42588

Malicious code in bioql PyPI...

6.5CVSS6.8AI score0.0114EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/04/23 12:0 a.m.13 views

Azure Linux 3.0 Security Update: qemu (CVE-2023-6683)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6683 advisory. - A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The...

6.5CVSS6.5AI score0.01261EPSS
Exploits0References2
OSV
OSV
added 2024/12/04 4:58 p.m.20 views

MGASA-2024-0387 Updated qemu packages fix security vulnerabilities

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of...

8.8CVSS7AI score0.01405EPSS
Exploits3References7
Redos
Redos
added 2024/06/26 12:0 a.m.24 views

ROS-20240625-04

A vulnerability in the e1000e component of the QEMU server is related to DMA re-entry. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the registervfs function hw/pci/pciesriov.c of the QEMU hardware emulator is related to a buffer overflo...

6.5CVSS6.8AI score0.01261EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.40 views

SUSE SLED15: qemu / qemu-SLOF / qemu-accel-qtest / qemu-accel-tcg-x86 / qemu-arm / etc (SUSE-SU-2024:1438-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1438-1 advisory. - CVE-2024-3447: Fixed heap buffer overflow in sdhciwritedataport bsc1222845 - CVE-2023-6683:...

8.2CVSS7AI score0.01261EPSS
Exploits1References13
BDU FSTEC
BDU FSTEC
added 2024/04/01 12:0 a.m.5 views

The vulnerability of the ClientCutText component of the hardware emulation software QEMU allows a hacker to trigger a service failure.

The vulnerability of the ClientCutText component of the QEMU hardware emulator is related to overflow during message processing. Exploiting this vulnerability can allow a malicious actor to cause service failures...

6.8CVSS6.8AI score0.0114EPSS
Exploits0References5Affected Software4
AlpineLinux
AlpineLinux
added 2024/01/12 7:15 p.m.25 views

CVE-2023-6683

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

4CVSS6.8AI score0.01261EPSS
Exploits0
NVD
NVD
added 2024/01/12 7:15 p.m.21 views

CVE-2023-6683

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

6.5CVSS6.2AI score0.01261EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2024/01/12 7:15 p.m.28 views

CVE-2023-6683

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

6.5CVSS6.7AI score0.01261EPSS
Exploits0References4
NVD
NVD
added 2023/09/13 5:15 p.m.23 views

CVE-2023-3255

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...

6.5CVSS6.3AI score0.01405EPSS
Exploits0References5
OSV
OSV
added 2023/09/13 5:15 p.m.27 views

CVE-2023-3255

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...

6.5CVSS6.8AI score0.01405EPSS
Exploits0References5
OSV
OSV
added 2023/09/13 5:15 p.m.1 views

DEBIAN-CVE-2023-3255

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...

6.5CVSS6.7AI score0.01405EPSS
Exploits0References1
Prion
Prion
added 2023/09/13 5:15 p.m.26 views

Design/Logic Flaw

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...

4CVSS6.1AI score0.01405EPSS
Exploits0References3Affected Software3
Tenable Nessus
Tenable Nessus
added 2023/03/18 12:0 a.m.245 views

Oracle Linux 8 : virt:kvm_utils2 (ELSA-2023-12195)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12195 advisory. - hw/pvrdma: Protect against buggy or malicious guest driver Yuval Shaia Orabug: 35064352 CVE-2022-1050 - hw/display/qxl: Avoid buffer overrun in...

8.8CVSS7AI score0.0114EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.2 views

SUSE CVE-2010-5304

A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client...

7.5CVSS6.8AI score0.03115EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:27 a.m.2 views

SUSE CVE-2014-6053

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service memory consumption or daemon crash via a crafted...

5CVSS6.8AI score0.07563EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:31 a.m.3 views

SUSE CVE-2022-3165

An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...

6.5CVSS7.1AI score0.0114EPSS
Exploits0References4
Rows per page
Query Builder