Lucene search
K

24 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2014-3461

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to US...

6.8CVSS7.3AI score0.02696EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2014:1278-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.02696EPSS
Exploits2References2
Veracode
Veracode
added 2019/05/02 4:58 a.m.33 views

Memory Corruption

KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the wa...

8.8CVSS8.5AI score0.05412EPSS
Exploits0References22Affected Software2
Veracode
Veracode
added 2019/05/02 4:58 a.m.38 views

Arbitrary Code Execution

KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the wa...

8.8CVSS8.5AI score0.05412EPSS
Exploits0References17Affected Software2
Veracode
Veracode
added 2019/05/02 4:58 a.m.37 views

Arbitrary Code Execution

KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the wa...

8.8CVSS8.5AI score0.05412EPSS
Exploits0References10Affected Software2
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.45 views

Gentoo Security Advisory GLSA 201408-17

Gentoo Linux Local Security Checks GLSA 201408-17 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

8.6CVSS6.5AI score0.02696EPSS
Exploits6References1
OpenVAS
OpenVAS
added 2014/11/11 12:0 a.m.28 views

Fedora Update for qemu FEDORA-2014-14033

Check the version of qemu SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868474";...

7.5CVSS7.7AI score0.05412EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2014/11/08 12:0 a.m.34 views

RHEL 6 : rhev-hypervisor6 3.4.0 (RHSA-2014:0674)

Updated rhev-hypervisor6 packages that fix multiple security issues, several bugs, and add various enhancements are now available. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

8.8CVSS7.8AI score0.05412EPSS
Exploits3References37
Tenable Nessus
Tenable Nessus
added 2014/11/08 12:0 a.m.46 views

RHEL 6 : qemu-kvm-rhev (RHSA-2014:0744)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0744 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provid...

8.8CVSS7.8AI score0.05412EPSS
Exploits0References22
OSV
OSV
added 2014/11/04 9:55 p.m.7 views

CVE-2014-3461

hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."...

8.8AI score
Exploits0References4
CVE
CVE
added 2014/11/04 9:0 p.m.90 views

CVE-2014-3461

CVE-2014-3461 affects QEMU 1.6.2 (hw/usb/bus.c). The issue arises from crafted savevm data triggering a heap-based buffer overflow related to USB post load checks, enabling remote code execution with network access (CVSS v2 base 6.8). No specific exploit details, affected platforms, or patched ve...

6.8CVSS7.2AI score0.02696EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2014/10/09 12:0 a.m.28 views

Fedora Update for qemu FEDORA-2014-11641

Check the version of qemu SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868371";...

7.5CVSS7.7AI score0.05412EPSS
Exploits4References2
RedHat Linux
RedHat Linux
added 2014/09/22 4:0 a.m.71 views

Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update

Updated qemu-kvm-rhev packages that fix multiple security issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...

8.8CVSS7.3AI score0.05412EPSS
Exploits2References15
OSV
OSV
added 2014/09/19 2:41 p.m.14 views

SUSE-SU-2015:1152-1 Security update for kvm

kvm has been updated to fix issues in the embedded qemu: CVE-2014-0223: An integer overflow flaw was found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could have used this flaw to corrupt QEMU process memory on the host...

8.6CVSS7.8AI score0.15275EPSS
Exploits7References61
OpenVAS
OpenVAS
added 2014/09/09 12:0 a.m.36 views

Ubuntu: Security Advisory (USN-2342-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.4AI score0.05412EPSS
Exploits4References2
Ubuntu
Ubuntu
added 2014/09/08 5:35 p.m.83 views

USN-2342-1: QEMU vulnerabilities

Michael S. Tsirkin, Anthony Liguori, and Michael Roth discovered multiple issues with QEMU state loading after migration. An attacker able to modify the state data could use these issues to cause a denial of service, or possibly execute arbitrary code. CVE-2013-4148, CVE-2013-4149, CVE-2013-4150,...

8.8CVSS7.3AI score0.05412EPSS
Exploits4
OpenVAS
OpenVAS
added 2014/07/28 12:0 a.m.48 views

RedHat Update for qemu-kvm RHSA-2014:0927-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.6AI score0.05412EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2014/07/28 12:0 a.m.26 views

Fedora Update for qemu FEDORA-2014-8183

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.05412EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2014/07/24 12:0 a.m.40 views

Oracle Linux 7 : qemu-kvm (ELSA-2014-0927)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0927 advisory. - Resolves: bz1095782 CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid configlen rhel-7.0.z -...

8.8CVSS7.1AI score0.05412EPSS
Exploits2References16
OpenVAS
OpenVAS
added 2014/06/17 12:0 a.m.34 views

Fedora Update for qemu FEDORA-2014-6970

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.05412EPSS
Exploits4References2
Rows per page
Query Builder