Lucene search
+L

153 matches found

UbuntuCve
UbuntuCve
added 2018/10/16 12:0 a.m.22 views

CVE-2018-10839

Qemu emulator = 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS...

6.5CVSS7AI score0.03168EPSS
Exploits1References3
OSV
OSV
added 2018/10/16 12:0 a.m.4 views

UBUNTU-CVE-2018-10839

Qemu emulator = 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS...

6.5CVSS7.1AI score0.03168EPSS
Exploits1References4
NVD
NVD
added 2016/12/29 10:59 p.m.12 views

CVE-2015-8743

QEMU aka Quick Emulator built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged CAPSYSRAWIO user/process could use this flaw to leak or corrupt QEMU memory bytes...

7.1CVSS7.6AI score0.00445EPSS
Exploits0References10
Prion
Prion
added 2016/12/29 10:59 p.m.20 views

Design/Logic Flaw

QEMU aka Quick Emulator built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged CAPSYSRAWIO user/process could use this flaw to leak or corrupt QEMU memory bytes...

3.6CVSS6.4AI score0.00445EPSS
Exploits0References10Affected Software2
OSV
OSV
added 2016/12/29 10:59 p.m.10 views

CVE-2015-8743

QEMU aka Quick Emulator built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged CAPSYSRAWIO user/process could use this flaw to leak or corrupt QEMU memory bytes...

7.1CVSS7.5AI score
Exploits0References13
Debian CVE
Debian CVE
added 2016/12/29 10:0 p.m.28 views

CVE-2015-8743

QEMU aka Quick Emulator built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged CAPSYSRAWIO user/process could use this flaw to leak or corrupt QEMU memory bytes...

7.1CVSS7.3AI score0.00445EPSS
Exploits0
Cvelist
Cvelist
added 2016/12/29 10:0 p.m.31 views

CVE-2015-8743

QEMU aka Quick Emulator built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged CAPSYSRAWIO user/process could use this flaw to leak or corrupt QEMU memory bytes...

7.6AI score0.00445EPSS
Exploits0References10
CVE
CVE
added 2016/12/29 10:0 p.m.106 views

CVE-2015-8743

CVE-2015-8743 affects QEMU with NE2000 device emulation. The flaw is an out-of-bounds read/write in ioport r/w operations, exploitable by a privileged (CAP_SYS_RAWIO) user to leak or corrupt QEMU memory. Public fixes exist (e.g., vendor security updates, notably in SUSE/OpenSUSE advisories) that ...

7.1CVSS7.5AI score0.00445EPSS
Exploits0References10Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/08/29 12:0 a.m.34 views

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:1703-1)

qemu was updated to fix 29 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...

9.8CVSS6.9AI score0.06336EPSS
Exploits2References99
OPENSUSE Linux
OPENSUSE Linux
added 2016/07/06 10:4 p.m.77 views

Security update for qemu (important)

qemu was updated to fix 29 security issues. These security issues were fixed: - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avoi...

9.3CVSS1.7AI score0.06336EPSS
Exploits2References34
Tenable Nessus
Tenable Nessus
added 2016/06/17 12:0 a.m.239 views

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:1560-1)

qemu was updated to fix 37 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...

9.8CVSS6.5AI score0.06336EPSS
Exploits4References114
NVD
NVD
added 2016/06/16 6:59 p.m.17 views

CVE-2016-2841

The ne2000receive function in the NE2000 NIC emulation support hw/net/ne2000.c in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via crafted values for the PSTART and PSTOP registers, involving ring buffer control...

6CVSS6.5AI score0.00391EPSS
Exploits0References9
OSV
OSV
added 2016/06/16 6:59 p.m.3 views

DEBIAN-CVE-2016-2841

The ne2000receive function in the NE2000 NIC emulation support hw/net/ne2000.c in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via crafted values for the PSTART and PSTOP registers, involving ring buffer control...

6CVSS8.2AI score0.00391EPSS
Exploits0References1
Prion
Prion
added 2016/06/16 6:59 p.m.24 views

Design/Logic Flaw

The ne2000receive function in the NE2000 NIC emulation support hw/net/ne2000.c in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via crafted values for the PSTART and PSTOP registers, involving ring buffer control...

2.1CVSS6.6AI score0.00391EPSS
Exploits0References9Affected Software2
Debian CVE
Debian CVE
added 2016/06/16 6:0 p.m.40 views

CVE-2016-2841

The ne2000receive function in the NE2000 NIC emulation support hw/net/ne2000.c in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via crafted values for the PSTART and PSTOP registers, involving ring buffer control...

6CVSS6.8AI score0.00391EPSS
Exploits0
Cvelist
Cvelist
added 2016/06/16 6:0 p.m.29 views

CVE-2016-2841

The ne2000receive function in the NE2000 NIC emulation support hw/net/ne2000.c in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via crafted values for the PSTART and PSTOP registers, involving ring buffer control...

7AI score0.00391EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2016/05/17 12:0 a.m.71 views

Ubuntu: Security Advisory (USN-2974-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.06336EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/05/13 12:0 a.m.58 views

Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-2974-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2974-1 advisory. Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue t...

9.8CVSS7.3AI score0.06336EPSS
Exploits0References13
OSV
OSV
added 2016/05/12 2:33 p.m.4 views

USN-2974-1 qemu, qemu-kvm vulnerabilities

Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2016-2391 Qinghao Tang discovered that QEMU incorrectly handled USB Net emulation support. A...

9.8CVSS7AI score0.06336EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2016/04/13 12:0 a.m.42 views

Fedora 22 : qemu-2.3.1-13.fc22 (2016-bfaf6a133b)

CVE-2016-2538: Integer overflow in usb module bz 1305815 CVE-2016-2841: ne2000: infinite loop bz 1304047 CVE-2016-2857: net: out of bounds read bz 1309564 CVE-2016-2392: usb: NULL pointer dereference bz 1307115 spice: fix spicechraddwatch crash bz 1315049 Note that Tenable Network Security has...

8.4CVSS6.4AI score0.00564EPSS
Exploits0References9
Rows per page
Query Builder