24 matches found
EUVD-2017-16494
Malware in sbrugna...
CVE-2002-1924
PowerChute plus 5.0.2 creates a "Pwrchute" directory during installation that is shared and world writeable, which could allow remote attackers to modify or create files in that directory...
CVE-2023-31477
A path traversal issue was discovered on GL.iNet devices before 3.216. Through the file sharing feature, it is possible to share an arbitrary directory, such as /tmp or /etc, because there is no server-side restriction to limit sharing to the USB path...
Debian: Security Advisory (DLA-965-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2013-1858
The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONENEWUSER and CLONEFS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child...
Ubuntu: Security Advisory (USN-4725-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4725-1: QEMU vulnerabilities
It was discovered that QEMU incorrectly handled memory in iSCSI emulation. An attacker inside the guest could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2020-11947 Alexander Bulekov discovered tha...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-4725-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4725-1 advisory. It was discovered that QEMU incorrectly handled memory in iSCSI emulation. An attacker inside the guest could possibly use this...
EulerOS Virtualization 3.0.2.6 : qemu (EulerOS-SA-2021-1057)
According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Quick Emulator Qemu built with the VirtFS, host directory sharing via Plan 9 File System9pfs support, is vulnerable to an improper...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2021-1057)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-7471
Quick Emulator Qemu built with the VirtFS, host directory sharing via Plan 9 File System 9pfs support, is vulnerable to an improper access control issue. It could occur while accessing files on a shared host directory. A privileged user inside guest could use this flaw to access host file system...
CVE-2017-7493
Quick Emulator Qemu built with the VirtFS, host directory sharing via Plan 9 File System9pfs support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could use this flaw to escalate their privileges...
CVE-2017-7471
Quick Emulator Qemu built with the VirtFS, host directory sharing via Plan 9 File System 9pfs support, is vulnerable to an improper access control issue. It could occur while accessing files on a shared host directory. A privileged user inside guest could use this flaw to access host file system...
CVE-2017-7471
Quick Emulator Qemu built with the VirtFS, host directory sharing via Plan 9 File System 9pfs support, is vulnerable to an improper access control issue. It could occur while accessing files on a shared host directory. A privileged user inside guest could use this flaw to access host file system...
Improper access control
Quick Emulator Qemu built with the VirtFS, host directory sharing via Plan 9 File System 9pfs support, is vulnerable to an improper access control issue. It could occur while accessing files on a shared host directory. A privileged user inside guest could use this flaw to access host file system...
[SECURITY] [DLA 965-1] qemu-kvm security update
Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u22 CVE ID : CVE-2016-9602 CVE-2017-7377 CVE-2017-7471 CVE-2017-7493 CVE-2017-8086 Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution for Linux hosts on x86 hardware with x86 guests based on the Quick EmulatorQemu...
Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-3289-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3289-1 advisory. Li Qiang discovered that QEMU incorrectly handled VirtFS directory sharing. A privileged attacker inside the guest could use this issue to...
USN-3268-1: QEMU vulnerabilities
Zhenhao Hong discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2016-10028 It was discovered that QEMU incorrectly handled the JAZZ RC4030 device. A privileged attacker...
Debian DLA-619-1 : qemu-kvm security update
qemu-kvm built with the VirtFS, host directory sharing via Plan 9 File System 9pfs support, is vulnerable to a directory/path traversal issue. It could occur while creating or accessing files on a shared host directory. A privileged user inside guest could use this flaw to access undue files on t...
[SECURITY] [DLA 618-1] qemu security update
Package : qemu Version : 1.1.2+dfsg-6+deb7u15 CVE ID : CVE-2016-7116 Debian Bug : 836502 Quick EmulatorQemu built with the VirtFS, host directory sharing via Plan 9 File System9pfs support, is vulnerable to a directory/path traversal issue. It could occur while creating or accessing files on a...