Lucene search
+L

66 matches found

Prion
Prion
added 2016/04/07 7:59 p.m.33 views

Out-of-bounds

The 1 fwcfgwrite and 2 fwcfgread functions in hw/nvram/fwcfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAPSYSRAWIO privilege to cause a denial of service out-of-bounds read or write access and process crash or possibly...

6.9CVSS8.2AI score0.06085EPSS
Exploits0References19Affected Software3
Tenable Nessus
Tenable Nessus
added 2015/07/14 12:0 a.m.32 views

FreeBSD : xen-kernel -- Information leak via internal x86 system device emulation (5023f559-27e2-11e5-a4a5-002590263bf5)

The Xen Project reports : Emulation routines in the hypervisor dealing with certain system devices check whether the access size by the guest is a supported one. When the access size is unsupported these routines failed to set the data to be returned to the guest for read accesses, so that...

2.1CVSS7.1AI score0.00414EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/03/25 12:0 a.m.39 views

Fedora 20 : xen-4.3.3-12.fc20 (2015-3721)

HVM qemu unexpectedly enabling emulated VGA graphics backends XSA-119, CVE-2015-2152 Hypervisor memory corruption due to x86 emulator flaw XSA-123, CVE-2015-2151 Information leak via internal x86 system device emulation, Information leak through version information hypercall Note that Tenable...

7.2CVSS7.2AI score0.0057EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2015/03/23 12:0 a.m.30 views

Fedora 22 : xen-4.5.0-6.fc22 (2015-3935)

Additional patch for XSA-98 on arm64 HVM qemu unexpectedly enabling emulated VGA graphics backends XSA-119, CVE-2015-2152 Hypervisor memory corruption due to x86 emulator flaw XSA-123, CVE-2015-2151 Information leak via internal x86 system device emulation, Information leak through version...

7.2CVSS7.2AI score0.0057EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2015/03/10 12:0 a.m.39 views

Debian Security Advisory DSA 3181-1 (xen - security update)

Multiple security issues have been found in the Xen virtualisation solution: CVE-2015-2044 Information leak via x86 system device emulation. CVE-2015-2045 Information leak in the HYPERVISORxenversion hypercall. CVE-2015-2151 Missing input sanitising in the x86 emulator could result in information...

7.2CVSS0.2AI score0.0057EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2012/09/06 12:0 a.m.30 views

CVE-2012-3515

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."...

7.2CVSS7.1AI score0.00528EPSS
Exploits0References4
Rows per page
Query Builder