Lucene search
K

28 matches found

Redos
Redos
added 2025/11/06 12:0 a.m.4 views

ROS-20251106-09

A vulnerability in the QEMU hardware emulator is related to the incorrect release and use of the irqfd for vector 0 during boot time in QEMU Virtio PCI Bindings hw/virtio/virtio/pci.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.7AI score0.00324EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-22565

Malicious code in bioql PyPI...

4.2CVSS6.3AI score0.0024EPSS
Exploits0References1
OSV
OSV
added 2025/07/10 8:15 a.m.5 views

CVE-2025-38346 ftrace: Fix UAF when lookup kallsym after ftrace disabled

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix UAF when lookup kallsym after ftrace disabled The following issue happens with a buggy module: BUG: unable to handle page fault for address: ffffffffc05d0218 PGD 1bd66f067 P4D 1bd66f067 PUD 1bd671067 PMD 101808067 PTE...

7.8CVSS7.2AI score0.00168EPSS
Exploits0References13
BDU FSTEC
BDU FSTEC
added 2025/06/02 12:0 a.m.5 views

The vulnerability of the virtio-scsi, virtio-blk, and virtio-crypt components of the QEMU hardware emulation driver’s virtqueue_push() function allows a attacker to disclose sensitive information.

The vulnerability of the virtio-scsi, virtio-blk, and virtio-crypt components of the QEMU hardware emulation driver’s virtqueuepush function is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to disclose protected information through the...

3.8CVSS6.4AI score0.00203EPSS
Exploits0References7Affected Software3
CVE
CVE
added 2025/03/27 1:38 p.m.126 views

CVE-2025-21868

CVE-2025-21868 affects the Linux kernel networking path that manages small head cache and large MAX_SKB_FRAGS values. The issue arises when a specific revert and page-frag allocator behavior causes a splat in netif_napi_add_weight_locked during initialization, with the root cause tied to the smal...

5.5CVSS6.7AI score0.00176EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2024-53168

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcpwritetimerhandler+0x156/0x3e0 Read of size 1 at addr...

7.8CVSS6.6AI score0.00234EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2022-36648

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The hardware emulation in the ofdpacmdaddl2flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu an...

10CVSS6.9AI score0.01401EPSS
Exploits0References2
CVE
CVE
added 2024/09/04 6:35 p.m.97 views

CVE-2024-44959

The CVE-2024-44959 entry concerns the Linux kernel tracefs component. It describes a root cause in the in-kernel memory reclaim path where structure layout randomization of struct inode can cause overlapping or misused RCU fields during freeing, potentially triggering list corruption (list_del) a...

5.5CVSS5AI score0.00212EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/06/07 12:0 a.m.5 views

The vulnerability of the virtio-net interface in the QEMU hardware emulation software allows a attacker to trigger a service failure.

The vulnerability of the virtio-net emulator’s hardware emulation interface of QEMU is related to the asynchronous nature of the shutdown process, which allows for scenarios of “racing.” Exploiting this vulnerability can enable a perpetrator to cause a service failure...

5.6CVSS6.7AI score0.00251EPSS
Exploits0References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/09/19 12:0 a.m.4 views

The vulnerability of the input/output requests for the mptsas_free_request() SCSI function in the QEMU hardware emulation software allows a attacker to cause a service failure.

The vulnerability of the input/output requests for the mptsasfreerequest function in the QEMU hardware emulation software is related to the use of memory after it is freed. Exploiting this vulnerability allows a attacker to cause a service failure...

3.2CVSS6.4AI score0.0045EPSS
Exploits1References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/09/16 12:0 a.m.5 views

The vulnerability of the QEMU hardware emulation software, related to pointer swapping errors, allows a hacker to trigger a service failure.

The vulnerability of the QEMU hardware emulation software is related to pointer assignment errors. Exploiting this vulnerability allows an attacker to trigger a service failure...

6CVSS6.8AI score0.00335EPSS
Exploits0References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/09/14 12:0 a.m.5 views

The vulnerability of the QEMU hardware emulation software, related to access to an uninitialized pointer, allows a hacker to trigger a service failure.

The vulnerability of the QEMU hardware emulation software is related to access to an uninitialized pointer. Exploiting this vulnerability can allow a malicious actor to cause a system failure...

6CVSS6.4AI score0.00363EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/06/23 12:0 a.m.5 views

The vulnerability of the lsi_do_msgout function in the QEMU hardware emulation software allows a hacker to trigger a service failure.

The vulnerability of the lsidomsgout function hw/scsi/lsi53c895a.c in the QEMU hardware emulation software is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a system failure...

5.3CVSS6.4AI score0.00405EPSS
Exploits1References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/10/27 12:0 a.m.4 views

The vulnerability in the block/iscsi.c component of the QEMU hardware emulation software involves reading data beyond the allowed buffer limits, allowing an attacker to access confidential data.

The vulnerability in the block/iscsi.c component of the QEMU hardware emulation software involves reading data from beyond the allowable buffer size. Exploiting this vulnerability can allow an attacker to access confidential data...

3.8CVSS6.7AI score0.00463EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/10/27 12:0 a.m.4 views

The vulnerability of the QEMU hardware emulation software, related to pointer swapping errors, allows a hacker to trigger a service failure.

The vulnerability of the QEMU hardware emulation software is related to pointer assignment errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

7.5CVSS7AI score0.02823EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/10/27 12:0 a.m.4 views

The vulnerability of the QEMU hardware emulation software lies in the lack of a necessary encryption step, which allows attackers to gain access to confidential data.

The vulnerability of the QEMU hardware emulation software is related to a implementation error in the handling of pointer authentication. Exploiting this vulnerability can allow an attacker to gain access to confidential data...

5.5CVSS6.7AI score0.00331EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/10/27 12:0 a.m.3 views

The vulnerability of the e1000e wireless bridge in the hardware emulation software QEMU, related to the use of memory after it is freed, allows a hacker to trigger a service failure.

The vulnerability of the e1000e wireless bridge in the QEMU hardware emulation software is related to the use of memory after it is freed. Exploiting this vulnerability can allow a hacker to cause a system failure...

3.3CVSS6.5AI score0.00437EPSS
Exploits1References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/01/13 12:0 a.m.3 views

The vulnerability of several functions in hw/usb/core.c of the QEMU hardware emulation software involves allowing operations to exceed the permissible buffer data size. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of several functions in the hw/usb/core.c file of the QEMU hardware emulation software is related to the execution of operations that exceed the permissible buffer data size. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrit...

4.9CVSS7.1AI score0.05447EPSS
Exploits1References19Affected Software7
BDU FSTEC
BDU FSTEC
added 2020/12/30 12:0 a.m.5 views

The vulnerability of the QEMU hardware emulation software, related to the swapping of the zero pointer, allows a hacker to trigger a service failure.

The vulnerability of the QEMU hardware emulation software is related to the swapping of the zero pointer. Exploiting this vulnerability can allow an attacker to trigger a service failure...

3.2CVSS5.9AI score0.00476EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2020/07/09 12:0 a.m.3 views

The vulnerability in the `hw/rdma/vmw/pvrdma_cmd.c` component of the PVRDMA virtual network adapter driver allows a hacker to trigger a service failure.

The vulnerability in the hw/rdma/vmw/pvrdmacmd.c component of the PVRDMA virtual network adapter’s hardware emulation software, QEMU, is related to pointer assignment errors. Exploiting this vulnerability could allow a remote attacker to cause a service failure by creating CQ/QP objects...

7.8CVSS6.6AI score0.03683EPSS
Exploits0References7Affected Software3
Rows per page
Query Builder