SUSE CVE-2017-15588

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry...

SUSE CVE-2021-3713

An out-of-bounds write flaw was found in the UAS USB Attached SCSI device emulation of QEMU in versions prior to 6.2.0-rc0. The device uses the guest supplied stream number unchecked, which can lead to out-of-bounds access to the UASDevice-data3 and UASDevice-status3 fields. A malicious guest use...

SUSE CVE-2021-3748

A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to numbuffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting i...

SUSE CVE-2021-3929

A DMA reentrancy issue was found in the NVM Express Controller NVME emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function nvmectrlreset, data structs will be freed leading to a use-after-free issue. A malicious guest could...

SUSE CVE-2021-21261

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the flatpak-portal service that can allow sandboxed applications to execute arbitrary code on the host system a sandbox escape. This sandbox-escape bug is present in versio...

Tenable.sc 输入验证错误漏洞

Tenable Network Security Tenable.Sc is a vulnerability analysis solution from Tenable Network Security, USA. Sc is a vulnerability analysis solution from Tenable Network Security, Inc. that supports real-time vulnerability assessment and management, among other things. A security vulnerability...

ai.apiverse:apipulse (=1.0.1), com.contentgrid.spring:contentgrid-spring-boot-starter (>=0.4.2 <=0.6.1) +53 more potentially affected by CVE-2022-31679 via org.springframework.data:spring-data-rest-core (>=3.7.0 <=3.7.2)

org.springframework.data:spring-data-rest-core MAVEN version =3.7.0, =0.4.2, =0.4.2, =0.4.2, =5.12.1, =2.4.0, =2.4.0, =2.4.0, =3.0.3, =3.0.3, =3.0.3, =3.0.3, =3.0.3, =3.0.3, =3.1.0 - com.okta.spring.examples:okta-spring-boot-hosted-code-flow-example =2.1.6 and more Source cves: CVE-2022-31679...

QEMU 资源管理错误漏洞

QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. QEMU suffers from a security vulnerability that originates from the fact that an attacker on a client system can force the reuse of a freed...

OESA-2022-1733 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A DMA reentrancy issue was found in the NVM Express Controller NVME emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset...

QEMU: virtio-net: map leaking on error during receive

A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage, use-after-free or other unexpected results. A malicious privileged guest could exploit...

A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions (such as reset) while the device is still transferring packets. This can ultimately lead to a use-after-free issue. A malicious guest could use this flaw to crash the QEMU process on the host resulting in a denial of service condition or potentially execute arbitrary code within the context of the QEMU process on the host. This flaw affects QEMU versions before 7.0.0.

...

AZL-9701 CVE-2021-3750 affecting package qemu for versions less than 6.2.0-16

A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions such as reset whi...

UBUNTU-CVE-2021-4207

A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values cursor-header.width and cursor-header.height can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use...

CVE-2022-20718

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

CVE-2022-20727

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

CVE-2022-20724

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

CVE-2022-20722

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

CVE-2022-20677

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

DEBIAN-CVE-2021-3748

A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to numbuffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting i...

VMware ESXi 竞争条件问题漏洞

Vmware VMware ESXi is a server virtualization platform from Vmware that can be installed directly on physical servers. A Competing Conditions Issue vulnerability exists in VMware ESXi, which stems from a double fetch vulnerability in the product's UHCI USB controller. A remote user with...