Lucene search
K

30 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2014-7815

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The setpixelformat function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service crash via a small bytesperpixel value. CVE-2014-7815 Note...

5CVSS6.6AI score0.03742EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2016:1445-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.03742EPSS
Exploits1References2
Talos Blog
Talos Blog
added 2017/12/07 10:6 a.m.276 views

The Mutiny Fuzzing Framework and Decept Proxy

This blog post is authored by James Spadaro of Cisco ASIG and Lilith Wyatt of Cisco Talos. Imagine a scenario where you, as a vulnerability researcher, are tasked with auditing a network application to identify vulnerabilities. By itself, the task may not seem too daunting until you learn of a...

5CVSS8.1AI score0.03742EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/06/17 12:0 a.m.46 views

SUSE SLES10 Security Update : Xen (SUSE-SU-2016:1445-1)

Xen was updated to fix the following security issues : CVE-2016-2841: net: ne2000: infinite loop in ne2000receive bsc969351 CVE-2016-2391: usb: multiple eoftimers in ohci module leads to NULL pointer dereference bsc967101 CVE-2016-2270: x86: inconsistent cachability flags on guest mappings XSA-15...

7.5CVSS6.5AI score0.03742EPSS
Exploits1References26
Tenable Nessus
Tenable Nessus
added 2016/04/07 12:0 a.m.37 views

SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2016:0955-1)

xen was updated to fix 47 security issues. These security issues were fixed : - CVE-2013-4527: Buffer overflow in hw/timer/hpet.c might have allowed remote attackers to execute arbitrary code via vectors related to the number of timers bnc864673. - CVE-2013-4529: Buffer overflow in hw/pci/pcieaer...

9CVSS7.8AI score0.0773EPSS
Exploits4References144
Tenable Nessus
Tenable Nessus
added 2015/10/21 12:0 a.m.37 views

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2015:1782-1)

qemu was updated to fix several security issues and bugs. The following vulnerabilities were fixed : - CVE-2015-5154: Heap-based buffer overflow in the IDE subsystem in QEMU, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecifi...

7.5CVSS7.6AI score0.03742EPSS
Exploits0References26
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.35 views

Oracle: Security Advisory (ELSA-2015-0349)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.04115EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.37 views

Gentoo Security Advisory GLSA 201412-01

Gentoo Linux Local Security Checks GLSA 201412-01 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

6.8CVSS6.5AI score0.03742EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/03/13 12:0 a.m.51 views

Oracle Linux 7 : qemu-kvm (ELSA-2015-0349)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0349 advisory. - Resolves: bz1169456 CVE-2014-8106 qemu-kvm: qemu: cirrus: insufficient blit region checks rhel-7.1 - Resolves: bz1163078 CVE-2014-7840 qemu-kvm: qemu...

8.8CVSS7.3AI score0.05412EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2015/03/06 12:0 a.m.39 views

RedHat Update for qemu-kvm RHSA-2015:0349-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.04115EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/06 12:0 a.m.61 views

RHEL 7 : qemu-kvm-rhev (RHSA-2015:0624)

Updated qemu-kvm-rhev packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Virtualization Hypervisor 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring Syste...

7.5CVSS7.2AI score0.04115EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2015/03/05 9:37 a.m.35 views

Important: Red Hat Security Advisory: qemu-kvm-rhev security, bug fix, and enhancement update

Updated qemu-kvm-rhev packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Virtualization Hypervisor 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring Syste...

7.5CVSS7.4AI score0.04115EPSS
Exploits0References96
RedHat Linux
RedHat Linux
added 2015/03/05 7:27 a.m.51 views

Important: Red Hat Security Advisory: qemu-kvm security, bug fix, and enhancement update

Updated qemu-kvm packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which...

7.5CVSS7.3AI score0.04115EPSS
Exploits0References79
Tenable Nessus
Tenable Nessus
added 2014/12/09 12:0 a.m.41 views

GLSA-201412-01 : QEMU: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201412-01 QEMU: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could cause a Denial of Service...

6.8CVSS6.7AI score0.03742EPSS
Exploits0References7
Check Point Advisories
Check Point Advisories
added 2014/12/02 12:0 a.m.2 views

QEMU vnc set_pixel_format bits_per_pixel Null Pointer Dereference (CVE-2014-7815)

A null pointer dereference vulnerability has been found in QEMU vnc. The vulnerability is due to insufficient checking of an initialized buffer. A remote attacker could exploit this vulnerability by setting bitsperpixel to a value that is less than 8. Successful exploitation could lead to a denia...

5CVSS3.3AI score0.03742EPSS
Exploits0
CVE
CVE
added 2014/11/14 3:0 p.m.117 views

CVE-2014-7815

CVE-2014-7815 affects the QEMU component: the function set_pixel_format in ui/vnc.c can be triggered remotely to crash the QEMU process (DoS) by sending a small value for bytes_per_pixel. The vulnerability is explicitly documented in multiple advisories and patches were issued in openSUSE/SUSE se...

5CVSS5.8AI score0.03742EPSS
Exploits0References12Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/11/14 12:0 a.m.50 views

Ubuntu 14.04 LTS : QEMU vulnerabilities (USN-2409-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2409-1 advisory. Laszlo Ersek discovered that QEMU incorrectly handled memory in the vga device. A malicious guest could possibly use this issue to read arbitrary host...

7.2CVSS7.3AI score0.03742EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2014/11/11 12:0 a.m.28 views

Fedora Update for qemu FEDORA-2014-14033

Check the version of qemu SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868474";...

7.5CVSS7.7AI score0.05412EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2014/11/11 12:0 a.m.36 views

Fedora 20 : qemu-1.6.2-10.fc20 (2014-14033)

CVE-2014-7815 vnc: insufficient bitsperpixel from the client sanitization bz 1157647, bz 1157641 - CVE-2014-3689 vmwarevga: insufficient parameter validation in rectangle functions bz 1153038, bz 1153035 Note that Tenable Network Security has extracted the preceding description block directly...

7.2CVSS6.7AI score0.03742EPSS
Exploits0References5
securityvulns
securityvulns
added 2014/11/10 12:0 a.m.58 views

[SECURITY] [DSA 3066-1] qemu security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3066-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 06, 2014 http://www.debian.org/security/faq -...

7.2CVSS0.8AI score0.03742EPSS
Exploits0
Rows per page
Query Builder