5 matches found
vm2 has a Sandbox Escape via Promise Constructor Unhandled Rejection (Process Crash DoS)
Summary A sandbox escape vulnerability in vm2 v3.10.5 allows any sandboxed code to crash the host Node.js process via a single Promise constructor that triggers an unhandled rejection propagating to the host. The fix for CVE-2026-22709 v3.10.2 only sanitized the onRejected callback in .then and...
UBUNTU-CVE-2024-6505
A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirectionstable data within RSS becomes controllable. Setting excessively large values may cause an index out-of-bounds issue, potentially resulting in heap overflow access. This...
QEMU 数字错误漏洞
QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. A code issue vulnerability exists in QEMU, which stems from a found a division by zero issue in the dwc2handlepacket handler package in the...
QEMU msix_table_mmio_write() buffer overflow vulnerability
QEMU is a suite of analog processor software. A buffer overflow vulnerability exists in QEMU msixtablemmiowrite. An attacker could exploit the vulnerability to crash the QEMU process on the host, resulting in a denial of service...
Denial of service
Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users...