Lucene search
K

88 matches found

CNVD
CNVD
added 2016/06/07 12:0 a.m.0 views

Red Hat SPICE is vulnerable

Red Hat SPICE is an adaptive telepresence open-source protocol used by Red Hat's Enterprise Virtualized Desktop Edition to connect users to their virtual desktops, providing the exact same end-user experience as a physical desktop. A security vulnerability exists in Red Hat SPICE. The vulnerabili...

7.1CVSS6.5AI score0.00363EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/05/10 5:4 a.m.5 views

qemu: incorrect banked access bounds checking in vga module

An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions VBE support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU...

8.8CVSS7.7AI score0.00916EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/10/12 7:7 p.m.5 views

spice: insufficient validation of surface_id parameter can cause crash

A heap-based buffer overflow flaw was found in the way spice handled certain QXL commands related to the "surfaceid" parameter. A user in a guest could use this flaw to crash the host QEMU-KVM process or, possibly, execute arbitrary code with the privileges of the host QEMU-KVM process...

7.8CVSS7.7AI score0.00575EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/03/05 9:37 a.m.3 views

qemu: cirrus: insufficient blit region checks

It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outside of VRAM-allocated buffer boundaries in the host's QEMU process address space with attacker-provided data...

4.6CVSS7.4AI score0.00603EPSS
Exploits0References4
OSV
OSV
added 2014/12/04 12:0 a.m.44 views

DSA-3088-1 qemu-kvm - security update

Bulletin has no description...

4.6CVSS6.8AI score0.00603EPSS
Exploits0
OSV
OSV
added 2014/11/21 12:44 p.m.11 views

MGASA-2014-0467 Updated qemu packages fix security vulnerabilities

The Advanced Threat Research team at Intel Security reported that guest provided parameter were insufficiently validated in rectangle functions in the vmware-vga driver. A privileged guest user could use this flaw to write into qemu address space on the host, potentially escalating their privileg...

7.2CVSS8.7AI score0.03742EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2014/11/07 12:0 a.m.43 views

Debian DSA-3066-1 : qemu - security update

Several vulnerabilities were discovered in qemu, a fast processor emulator. - CVE-2014-3689 The Advanced Threat Research team at Intel Security reported that guest provided parameter were insufficiently validated in rectangle functions in the vmware-vga driver. A privileged guest user could use...

7.2CVSS6.7AI score0.03742EPSS
Exploits0References7
Prion
Prion
added 2007/09/21 7:17 p.m.32 views

Denial of service

Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users...

5.5CVSS6.5AI score0.00826EPSS
Exploits1References16Affected Software5
Rows per page
Query Builder