Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2013-4541

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related t...

7.5CVSS7.2AI score0.03975EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2014-0426)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.8AI score0.05412EPSS
Exploits6References12
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2014:0623-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.2AI score0.03975EPSS
Exploits3References2
Veracode
Veracode
added 2019/05/02 4:58 a.m.33 views

Memory Corruption

KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the wa...

8.8CVSS8.5AI score0.05412EPSS
Exploits0References22Affected Software2
Veracode
Veracode
added 2019/05/02 4:58 a.m.38 views

Arbitrary Code Execution

KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the wa...

8.8CVSS8.5AI score0.05412EPSS
Exploits0References17Affected Software2
Veracode
Veracode
added 2019/05/02 4:58 a.m.37 views

Arbitrary Code Execution

KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the wa...

8.8CVSS8.5AI score0.05412EPSS
Exploits0References10Affected Software2
OpenVAS
OpenVAS
added 2015/10/13 12:0 a.m.34 views

SUSE: Security Advisory for kvm (SUSE-SU-2014:0623-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS6.6AI score0.03975EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2014/11/08 12:0 a.m.46 views

RHEL 6 : qemu-kvm-rhev (RHSA-2014:0744)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0744 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provid...

8.8CVSS7.8AI score0.05412EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2014/11/08 12:0 a.m.34 views

RHEL 6 : rhev-hypervisor6 3.4.0 (RHSA-2014:0674)

Updated rhev-hypervisor6 packages that fix multiple security issues, several bugs, and add various enhancements are now available. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

8.8CVSS7.8AI score0.05412EPSS
Exploits3References37
CVE
CVE
added 2014/11/04 9:0 p.m.96 views

CVE-2013-4541

CVE-2013-4541 affects QEMU: usb_device_post_load in hw/usb/bus.c (pre-1.7.2) may allow remote code execution via a crafted savevm image, due to a negative setup_len or setup_index. Affected: QEMU before 1.7.2. Impact: arbitrary code execution. Remediation: upgrade to 1.7.2 or newer. The documents...

7.5CVSS8.5AI score0.03975EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2014/09/22 4:0 a.m.71 views

Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update

Updated qemu-kvm-rhev packages that fix multiple security issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...

8.8CVSS7.3AI score0.05412EPSS
Exploits2References15
OpenVAS
OpenVAS
added 2014/09/09 12:0 a.m.36 views

Ubuntu: Security Advisory (USN-2342-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.4AI score0.05412EPSS
Exploits4References2
Ubuntu
Ubuntu
added 2014/09/08 5:35 p.m.83 views

USN-2342-1: QEMU vulnerabilities

Michael S. Tsirkin, Anthony Liguori, and Michael Roth discovered multiple issues with QEMU state loading after migration. An attacker able to modify the state data could use these issues to cause a denial of service, or possibly execute arbitrary code. CVE-2013-4148, CVE-2013-4149, CVE-2013-4150,...

8.8CVSS7.3AI score0.05412EPSS
Exploits4
OpenVAS
OpenVAS
added 2014/07/28 12:0 a.m.48 views

RedHat Update for qemu-kvm RHSA-2014:0927-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.6AI score0.05412EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2014/07/24 12:0 a.m.40 views

Oracle Linux 7 : qemu-kvm (ELSA-2014-0927)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0927 advisory. - Resolves: bz1095782 CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid configlen rhel-7.0.z -...

8.8CVSS7.1AI score0.05412EPSS
Exploits2References16
Oracle linux
Oracle linux
added 2014/07/23 12:0 a.m.65 views

qemu-kvm security and bug fix update

1.5.3-60.el70.5 - kvm-Allow-mismatched-virtio-config-len.patch bz1095782 - Resolves: bz1095782 CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid configlen rhel-7.0.z 1.5.3-60.el70.4 - kvm-zero-initialize-KVMSETGSIROUTING-input.patch bz1110693 -...

7.5CVSS0.4AI score0.05412EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2014/06/10 8:14 p.m.43 views

Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update

Updated qemu-kvm-rhev packages that fix several security issues are now available for Red Hat Enterprise Virtualization. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

8.8CVSS7.4AI score0.05412EPSS
Exploits0References10
securityvulns
securityvulns
added 2014/05/15 12:0 a.m.57 views

[oss-security] Re: CVE request: Qemu: usb: fix up post load checks

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 http://article.gmane.org/gmane.comp.emulators.qemu/272322 Here, it appears that the only security fix to http://git.qemu.org/?p=qemu.git;a=blob;f=hw/usb/bus.c;h=e48b19fc29bd9f831cc05990be73ddf49936d6a9;hb=HEAD is the insertion of the "dev-setupindex...

7.5CVSS0.1AI score0.03975EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/05/09 12:0 a.m.35 views

SuSE 11.3 Security Update : kvm (SAT Patch Number 9142)

The QEMU embedded within KVM received various security fixes. Various issues in the block layer have been fixed : - A virtio security issue in config io space handling. CVE-2013-2016 - A SCSI report LUNs buffer overflow. CVE-2013-4344 - A buffer overflow in the QEMU USB stack. CVE-2013-4541...

8.6CVSS7.6AI score0.03975EPSS
Exploits3References23
UbuntuCve
UbuntuCve
added 2014/02/20 12:0 a.m.26 views

CVE-2013-4541

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

7.5CVSS7.2AI score0.03975EPSS
Exploits0References4
Rows per page
Query Builder