Lucene search
+L

372 matches found

Tenable Nessus
Tenable Nessus
added 2014/04/23 12:0 a.m.41 views

Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64 (20140422)

Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially...

8.6CVSS7.7AI score0.01002EPSS
Exploits3References9
UbuntuCve
UbuntuCve
added 2014/03/26 12:0 a.m.37 views

CVE-2014-0147

Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling updaterefcount routine...

6.2CVSS6.8AI score0.00329EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/03/21 12:0 a.m.22 views

SuSE 11.3 Security Update : clamav (SAT Patch Number 9036)

The antivirus scanner ClamAV has been updated to version 0.98.1, which includes the following fixes : - Code quality fixes in libclamav, clamd, sigtool, clamav-milter, clamconf, and clamdtop. - Code quality fixes in libclamav, libclamunrar and freshclam. - bb 8385: a PDF ASCII85Decode zero-length...

5.4AI score
Exploits0References2
OSV
OSV
added 2014/02/06 5:44 a.m.3 views

DEBIAN-CVE-2013-4463

OpenStack Compute Nova Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption via a compressed QCOW2 image. NOTE: this issue is due to an incomplete fix for CVE-2013-2096...

2.1CVSS6AI score0.00368EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/01/30 7:58 p.m.45 views

Moderate: Red Hat Security Advisory: openstack-nova security and bug fix update

Updated openstack-nova packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

4.3CVSS5.7AI score0.01884EPSS
Exploits0References7
OSV
OSV
added 2013/05/13 11:55 p.m.7 views

CVE-2013-1922

qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted, a different...

6.1AI score
Exploits0References8
Prion
Prion
added 2013/05/13 11:55 p.m.22 views

Format string

qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted, a different...

3.3CVSS6.3AI score0.00508EPSS
Exploits1References8Affected Software1
Debian CVE
Debian CVE
added 2013/05/13 11:0 p.m.62 views

CVE-2013-1922

qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted, a different...

3.3CVSS6.2AI score0.00344EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.46 views

Scientific Linux Security Update : xen on SL5.x i386/x86_64

Note: Troy Dawson has tested this update on a machine hosting both paravirtualized and fully virtualized machines, both 32 bit and 64 bit. He did the update while all the machines were running, none of them had any problems. He also tried stopping, starting, and rebooting several of the machines...

7.2CVSS8.2AI score0.00607EPSS
Exploits2References7
Cvelist
Cvelist
added 2012/07/22 4:0 p.m.36 views

CVE-2012-3360

Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...

6.1AI score0.02997EPSS
Exploits1References9
ThreatPost
ThreatPost
added 2012/04/27 2:55 a.m.11 views

FBI Targets An Austrian Remailer in Pitt Bomb Threat Case

FBI investigators have broadened their probe into emailed bomb threats at the University of Pittsburgh to an anonymous remailer in Austria. Earlier this week, at the request of U.S. authorities, police visited Christian Mock, an Austrian provider who offers anonymous remailing services. Authoriti...

0.6AI score
Exploits0References1
NVD
NVD
added 2012/03/08 10:55 p.m.18 views

CVE-2012-0642

Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service device crash via a crafted catalog file in an HFS disk image...

9.3CVSS7.3AI score0.04467EPSS
Exploits0References5
Prion
Prion
added 2012/03/08 10:55 p.m.15 views

Integer overflow

Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service device crash via a crafted catalog file in an HFS disk image...

9.3CVSS7.8AI score0.04467EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2012/03/08 10:0 p.m.50 views

CVE-2012-0642

The CVE-2012-0642 entry concerns an integer underflow in Apple iOS prior to 5.1 related to handling of HFS catalog files inside an image. The vulnerability could allow a remote attacker to execute arbitrary code or cause a device crash via a crafted catalog file in an HFS disk image. Affected pro...

9.3CVSS8.4AI score0.04467EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2012/03/08 10:0 p.m.19 views

CVE-2012-0642

Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service device crash via a crafted catalog file in an HFS disk image...

8.5AI score0.04467EPSS
Exploits0References5
NVD
NVD
added 2011/10/14 10:55 a.m.23 views

CVE-2011-3217

MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted disk image...

6.8CVSS7.7AI score0.02864EPSS
Exploits0References3
Cvelist
Cvelist
added 2011/10/14 10:0 a.m.28 views

CVE-2011-3217

MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted disk image...

8.8AI score0.02864EPSS
Exploits0References3
CVE
CVE
added 2011/10/14 10:0 a.m.62 views

CVE-2011-3217

CVE-2011-3217 affects MediaKit in Apple Mac OS X through 10.6.8. A crafted disk image can trigger remote arbitrary code execution or memory corruption leading to application crash. Apple’s bundled bulletin for Security Update 2011-006 (and OS X 10.7.2) remediates MediaKit among other components. ...

6.8CVSS8.7AI score0.02864EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2010/11/04 6:0 p.m.10 views

CVE-2010-3851

libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 and earlier, and possibly other products, when a raw-format disk image is used, allows local guest OS administrators to read files from the host via a crafted 1 qcow2, 2 VMDK, or 3 VDI header, related to lack of support for a dis...

4.7CVSS6AI score0.00382EPSS
Exploits0References13
Prion
Prion
added 2010/11/04 6:0 p.m.10 views

Format string

libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 and earlier, and possibly other products, when a raw-format disk image is used, allows local guest OS administrators to read files from the host via a crafted 1 qcow2, 2 VMDK, or 3 VDI header, related to lack of support for a dis...

4.7CVSS6.6AI score0.00382EPSS
Exploits0References13Affected Software1
Rows per page
Query Builder