CVE-2026-33148 URL Parameter Injection in FDC Food Search API Causes Server Crash and Exposes Internal API Key

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the FDC USDA FoodData Central search endpoint constructs an upstream API URL by directly interpolating the user-supplied query parameter into the URL string without...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004717)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004717 advisory. An issue was discovered in the Linux kernel 3.16 through 5.5.6. setfdc in drivers/block/floppy.c leads to a waittilready out-of-bounds read because the FDC index is...

EUVD-2020-30204

Malware in sbrugna...

Low: Red Hat Security Advisory: virt:av and virt-devel:av security and bug fix update

An update for the virt:av and virt-devel:av modules is now available for Red Hat Enterprise Linux Advanced Virtualization 8.5. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

UBUNTU-CVE-2020-25741

fdctrlwritedata in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive...

Linux kernel out-of-bounds read vulnerability (CNVD-2020-14290)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in setfdc in drivers/block/floppy.c in Linux kernel 5.5.6 and earlier. An attacker can exploit this vulnerability to cause...

CVE-2020-9383

An issue was discovered in the Linux kernel 3.16 through 5.5.6. setfdc in drivers/block/floppy.c leads to a waittilready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2...

PT-2020-1812 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 3.16 through 5.5.6 Description: An issue in the Linux kernel leads to an out-of-bounds read because the FDC index is not checked for errors before assigning it. This issue is related to the set fdc function in...

Security Bulletin: IBM MQ and IBM MQ Appliance are vulnerable to a denial of service attack caused by an error within the Data Conversion routine (CVE-2019-4655)

Summary An error was found within the IBM MQ message data conversion processing code that could cause multiple failure data capture FDC records to be generated and prevent the channel handling process amqrmppa from handling requests. Vulnerability Details CVEID: CVE-2019-4655 DESCRIPTION: IBM MQ ...

com.ge.research.semtk:arangoDbService (=2.2.2), com.ge.research.semtk:athenaService (=2.2.2) +129 more potentially affected by CVE-2018-1314 via org.apache.hive:hive-jdbc (>=0.11.0 <=2.3.2)

org.apache.hive:hive-jdbc MAVEN version =0.11.0, =2.2.1, =2.2.1, =2.2.1, =2.2.2 - com.ge.research.semtk:sparqlGraphResultsService =2.2.2 and more Source cves: CVE-2018-1314 Source advisory: OSV:GHSA-JMF4-PQ78-F8VJ...

Security Bulletin: Venom vulnerability affects IBM PureApplication System (CVE-2015-3456)

Summary IBM PureApplication System is vulnerable to Venom: "Virtualized Environment Neglected Operation Manipulation". Vulnerability Details CVEID: CVE-2015-3456 DESCRIPTION: QEMU is vulnerable to a buffer overflow, caused by improper bounds checking by the Floppy Disk Controller FDC emulation. B...

fdcinternational.com XSS vulnerability

Vulnerable URL: http://www.fdcinternational.com/productsearch.asp Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1488092 VIP website status:| No Check fdcinternational.com SSL connection:| Grade: F Coordinated...

QEMU - Floppy Disk Controller (FDC) PoC

Exploit for multiple platform in category dos / poc // Source: https://marc.info/?l=oss-security&m=143155206320935&w=2 include define FIFO 0x3f5 int main int i; iopl3; outb0x0a,0x3f5; / READ ID / for i=0;i10000000;i++ outb0x42,0x3f5; / push / 0day.today 2018-03-13...

Oracle VM VirtualBox < 3.2.28 / 4.0.30 / 4.1.38 / 4.2.30 / 4.3.28 QEMU FDC Overflow RCE (VENOM)

The remote host contains a version of Oracle VM VirtualBox that is prior to 3.2.28 / 4.0.30 / 4.1.38 / 4.2.30 / 4.3.28. It is, therefore affected by a flaw in the Floppy Disk Controller FDC in the bundled QEMU software due to an overflow condition in 'hw/block/fdc.c' when handling certain command...

QEMU - Floppy Disk Controller (FDC) (PoC)

// Source: https://marc.info/?l=oss-security&m=143155206320935&w=2 include define FIFO 0x3f5 int main int i; iopl3; outb0x0a,0x3f5; / READ ID / for i=0;i10000000;i++ outb0x42,0x3f5; / push /...

qemu: arbitrary code execution

The guest operating system communicates with the FDC by sending commands such as seek, read, write, format, etc. to the FDCs input/output port. QEMUs virtual FDC uses a fixed-size buffer for storing these commands and their associated data parameters. The FDC keeps track of how much data to expec...

Scientific Linux Security Update : kvm on SL5.x x86_64 (20150513) (Venom)

An out-of-bounds memory access flaw was found in the way QEMU's virtual Floppy Disk Controller FDC handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially, execute arbitrary code on the host with the privileg...

kmod, kvm security update

CentOS Errata and Security Advisory CESA-2015:1003 Updated kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which...

CVE-2015-3456

The CVE-2015-3456 VENOM issue affects QEMU’s Floppy Disk Controller emulation (FDC), also used by VirtualBox and other virtualization stacks in Xen 4.5.x and earlier and KVM. The vulnerability is a buffer/out-of-bounds condition in the FDC where certain commands (notably FD_CMD_READ_ID and FD_CMD...

Important: Red Hat Security Advisory: qemu-kvm security update

Updated qemu-kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...