CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2016-5926

Malware in sbrugna...

6CVSS7.2AI score0.00111EPSS

Exploits0References10

RedhatCVE•added 2025/07/17 6:55 p.m.•3 views

CVE-2025-41238

VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI Paravirtualized SCSI controller that leads to an out of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine'...

9.3CVSS7.1AI score0.00117EPSS

Exploits0References1

NVD•added 2025/07/15 7:15 p.m.•2 views

CVE-2025-41238

9.3CVSS0.00117EPSS

Exploits0References1

CVE•added 2025/07/15 6:34 p.m.•54 views

CVE-2025-41238

CVE-2025-41238 is a heap-overflow vulnerability in the PVSCSI controller affecting VMware ESXi, Workstation, and Fusion. Exploitation can cause an out-of-bounds write and code execution, with ESXi exploits contained within the VMX sandbox (and only with unsupported configs), while Workstation/Fus...

9.3CVSS7.3AI score0.00117EPSS

Exploits0References1

Cvelist•added 2025/07/15 6:34 p.m.•5 views

CVE-2025-41238 PVSCSI heap-overflow vulnerability

9.3CVSS0.00117EPSS

Exploits0References1

SUSE CVE•added 2023/02/15 4:58 a.m.•3 views

SUSE CVE-2016-7156

The pvscsiconvertsglist function in hw/scsi/vmwpvscsi.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging an incorrect cast...

4.4CVSS7.2AI score0.00075EPSS

Exploits0References6

SUSE CVE•added 2023/02/15 4:58 a.m.•1 views

SUSE CVE-2016-7421

The pvscsiringpopreqdescr function in hw/scsi/vmwpvscsi.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit process IO loop to the ring size...

4.4CVSS8.5AI score0.00111EPSS

Exploits0References6

SUSE CVE•added 2023/02/15 4:46 a.m.•0 views

SUSE CVE-2017-8112

hw/scsi/vmwpvscsi.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service infinite loop and CPU consumption via the message ring page count...

6.5CVSS6.4AI score0.00056EPSS

Exploits0References11

Tenable Nessus•added 2020/09/30 12:0 a.m.•40 views

openSUSE Security Update : ovmf (openSUSE-2020-1525)

This update for ovmf fixes the following issues : - CVE-2019-14562: Fixed an overflow in DxeImageVerificationHandler bsc1175476. - Support more SCSI drivers PvScsi, MptScsi and LsiScsi. bsc1119454 - Enable LsiScsi explicitly since it's disabled by default This update was imported from the...

5.5CVSS6.8AI score0.00044EPSS

Exploits0References3

CNVD•added 2017/05/03 12:0 a.m.•1 views

QEMU Denial of Service Vulnerability (CNVD-2017-06735)

QEMU is a set of analog processors written by Fabrice Bellard that distributes source code under the GPL license and is widely used on the GNU/Linux platform. A denial of service vulnerability in hw/scsi /vmwpvscsi.c in QEMU allows a privileged user of a local guest operating system to cause a...

6.5CVSS6.9AI score0.00056EPSS

Exploits0References1

OSV•added 2017/05/02 2:59 p.m.•1 views

DEBIAN-CVE-2017-8112

hw/scsi/vmwpvscsi.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service infinite loop and CPU consumption via the message ring page count...

6.5CVSS8.4AI score0.00056EPSS

Exploits0References1

Prion•added 2017/05/02 2:59 p.m.•15 views

Design/Logic Flaw

hw/scsi/vmwpvscsi.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service infinite loop and CPU consumption via the message ring page count...

4.9CVSS7AI score0.00056EPSS

Exploits0References6Affected Software2

OSV•added 2016/12/10 12:59 a.m.•1 views

DEBIAN-CVE-2016-7156

4.4CVSS6.9AI score0.00075EPSS

Exploits0References1

OSV•added 2016/12/10 12:59 a.m.•1 views

DEBIAN-CVE-2016-7155

hw/scsi/vmwpvscsi.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service out-of-bounds access or infinite loop, and QEMU process crash via a crafted page count for descriptor rings...

4.4CVSS6.3AI score0.00075EPSS

Exploits0References1

Tenable Nessus•added 2016/11/15 12:0 a.m.•35 views

Fedora 25 : 2:qemu (2016-3d3218ec41)

CVE-2016-7155: pvscsi: OOB read and infinite loop bz 1373463 - CVE-2016-7156: pvscsi: infinite loop when building SG list bz 1373480 - CVE-2016-7156: pvscsi: infinite loop when processing IO requests bz 1373480 - CVE-2016-7170: vmwarevga: OOB stack memory access bz 1374709 - CVE-2016-7157:...

6CVSS6.5AI score0.0015EPSS

Exploits0References11

OpenVAS•added 2016/11/14 12:0 a.m.•33 views

Ubuntu: Security Advisory (USN-3125-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.6AI score0.16707EPSS

Exploits0References2

Tenable Nessus•added 2016/11/10 12:0 a.m.•57 views

Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-3125-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3125-1 advisory. Zhenhao Hong discovered that QEMU incorrectly handled the Virtio module. A privileged attacker inside the guest could use this issue to cause...

10CVSS7.4AI score0.16707EPSS

Exploits0References33

OSV•added 2016/09/16 12:0 a.m.•0 views

UBUNTU-CVE-2016-7421

4.4CVSS6.7AI score0.00111EPSS

Exploits0References5

OSV•added 2016/09/08 12:0 a.m.•0 views

UBUNTU-CVE-2016-7155

4.4CVSS6.7AI score0.00075EPSS

Exploits0References5

OSV•added 2016/09/08 12:0 a.m.•0 views

UBUNTU-CVE-2016-7156