Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2014-7840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The hostfromstreamoffset function in archinit.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted 1...

7.5CVSS6.8AI score0.04115EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:26 a.m.6 views

SUSE CVE-2014-7840

The hostfromstreamoffset function in archinit.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted 1 offset or 2 length value in savevm data...

7.5CVSS7.9AI score0.04115EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2014-0525)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.04115EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2015:0357-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.04115EPSS
Exploits0References18
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.35 views

Oracle: Security Advisory (ELSA-2015-0349)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.04115EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/06/09 12:0 a.m.28 views

Fedora Update for qemu FEDORA-2015-8249

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.9AI score0.15275EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.33 views

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2015:0349-1)

QEMU was updated to fix various bugs and security issues. Following security issues were fixed: CVE-2014-8106: Heap-based buffer overflow in the Cirrus VGA emulator hw/display/cirrusvga.c in QEMU allowed local guest users to execute arbitrary code via vectors related to blit regions. -...

7.5CVSS7.8AI score0.04115EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2015/04/14 12:0 a.m.32 views

Fedora Update for qemu FEDORA-2015-5482

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.5AI score0.07393EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/13 12:0 a.m.50 views

Oracle Linux 7 : qemu-kvm (ELSA-2015-0349)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0349 advisory. - Resolves: bz1169456 CVE-2014-8106 qemu-kvm: qemu: cirrus: insufficient blit region checks rhel-7.1 - Resolves: bz1163078 CVE-2014-7840 qemu-kvm: qemu...

8.8CVSS7.3AI score0.05412EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2015/03/06 12:0 a.m.39 views

RedHat Update for qemu-kvm RHSA-2015:0349-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.04115EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/06 12:0 a.m.61 views

RHEL 7 : qemu-kvm-rhev (RHSA-2015:0624)

Updated qemu-kvm-rhev packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Virtualization Hypervisor 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring Syste...

7.5CVSS7.2AI score0.04115EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2015/03/05 9:37 a.m.35 views

Important: Red Hat Security Advisory: qemu-kvm-rhev security, bug fix, and enhancement update

Updated qemu-kvm-rhev packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Virtualization Hypervisor 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring Syste...

7.5CVSS7.4AI score0.04115EPSS
Exploits0References96
RedHat Linux
RedHat Linux
added 2015/03/05 7:27 a.m.51 views

Important: Red Hat Security Advisory: qemu-kvm security, bug fix, and enhancement update

Updated qemu-kvm packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which...

7.5CVSS7.3AI score0.04115EPSS
Exploits0References79
Tenable Nessus
Tenable Nessus
added 2014/12/26 12:0 a.m.32 views

GLSA-201412-37 : QEMU: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201412-37 QEMU: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker may be able to execute arbitrary...

7.5CVSS7.3AI score0.04115EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/12/15 12:0 a.m.61 views

Ubuntu 14.04 LTS : QEMU vulnerabilities (USN-2439-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2439-1 advisory. Michael S. Tsirkin discovered that QEMU incorrectly handled certain parameters during ram load while performing a migration. An attacker able to manipula...

7.5CVSS8.1AI score0.04115EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/12/15 12:0 a.m.31 views

Fedora 21 : qemu-2.1.2-7.fc21 (2014-16075)

Fix qemu-img convert corruption for unflushed files bz 1167249 - Fix SLES11 migration issue bz 1109427 - CVE-2014-7840: insufficient parameter validation during ram load bz 1163080 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

7.5CVSS6.3AI score0.04115EPSS
Exploits0References3
OSV
OSV
added 2014/12/13 8:16 p.m.8 views

MGASA-2014-0525 Updated qemu packages fix security vulnerabilities

Updated qemu packages fix security vulnerabilities: During migration, the values read from migration stream during ram load are not validated. Especially offset in hostfromstreamoffset and also the length of the writes in the callers of the said function. A user able to alter the savevm data eith...

7.5CVSS6.4AI score0.04115EPSS
Exploits0References5
CVE
CVE
added 2014/12/12 3:0 p.m.123 views

CVE-2014-7840

The CVE-2014-7840 entry concerns QEMU: during RAM loading in migration, the host_from_stream_offset function in arch_init.c accepts crafted savevm data offset/length values, enabling a remote attacker to execute arbitrary code. The vulnerability affects the RAM-load path of migration, with the de...

7.5CVSS7.1AI score0.04115EPSS
Exploits0References6Affected Software1
Ubuntu
Ubuntu
added 2014/12/11 7:10 p.m.68 views

USN-2439-1: QEMU vulnerabilities

Michael S. Tsirkin discovered that QEMU incorrectly handled certain parameters during ram load while performing a migration. An attacker able to manipulate savevm data could use this issue to possibly execute arbitrary code on the host. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS,...

7.5CVSS7.5AI score0.04115EPSS
Exploits0
Rows per page
Query Builder