Lucene search
K

25 matches found

Debian CVE
Debian CVE
added 2026/06/12 9:42 a.m.12 views

CVE-2026-48914

A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request, leading to an...

6.7CVSS5.3AI score0.00121EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-48914

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. ...

6.7CVSS5.3AI score0.00121EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.12 views

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2022-3705:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3705:01 advisory. QEMU: virtio-net: heap use-after-free in virtionetreceivercu CVE-2021-3748 ntfs-3g: Out-of-bounds heap buffer access in ntfsgetattributevalue due to...

7.8CVSS6.9AI score0.04794EPSS
Exploits4References30
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.3 views

TencentOS Server 4: qemu (TSSA-2024:0934)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0934 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

3.8CVSS6AI score0.00203EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-1225

Malware in sbrugna...

5.5CVSS7.1AI score0.00429EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2016-1226

Malware in sbrugna...

5.5CVSS7.1AI score0.00413EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-10646

Malware in sbrugna...

6.5CVSS6.6AI score0.00418EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-6505

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirectionstable data within RSS becomes...

6.8CVSS6.6AI score0.0065EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-0358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the QEMU virtio-fs shared file system daemon virtiofsd implementation. This flaw is strictly related to CVE-2018-13405. A local guest user c...

7.8CVSS6.3AI score0.0101EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-20263

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the virtio-fs shared file system daemon virtiofsd of QEMU. The new 'xattrmap' option may cause the 'security.capability' xattr in the guest ...

3.3CVSS6.5AI score0.00377EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/20 5:50 p.m.26 views

CVE-2024-8612 Qemu-kvm: information leak in virtio devices

A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueuepush as set in virtioscsicompletereq / virtioblkreqcomplete / viritocryptoreqcomplete could be larger than the true size of the data which has been sent to guest. Once virtqueuepush finally...

3.8CVSS0.00203EPSS
Exploits0References3
OSV
OSV
added 2024/05/14 3:44 p.m.1 views

UBUNTU-CVE-2024-4693

A flaw was found in the QEMU Virtio PCI Bindings hw/virtio/virtio-pci.c. An improper release and use of the irqfd for vector 0 during the boot process leads to a guest triggerable crash via vhostnetstop. This flaw allows a malicious guest to crash the QEMU process on the host...

5.5CVSS6.7AI score0.00324EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/10 12:0 a.m.5 views

PT-2024-32284 · Qemu +3 · Qemu +3

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: A flaw was found in the QEMU Virtio PCI Bindings, specifically in the hw/virtio/virtio-pci.c file. This issue is related to an improper release and use of the irqfd for vector 0 during the boo...

7.8CVSS5.9AI score0.03566EPSS
Exploits1References80
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.6 views

SUSE CVE-2013-4535

The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...

8.8CVSS7.5AI score0.00957EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:14 a.m.5 views

SUSE CVE-2015-7295

hw/virtio/virtio.c in the Virtual Network Device virtio-net support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service guest network consumption via a flood of jumbo frames on the 1 tuntap or 2 macvtap interface...

5CVSS6.8AI score0.04935EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.3 views

SUSE CVE-2022-26353

A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage and other unexpected results. Affected QEMU version: 6.2.0...

7.5CVSS6.9AI score0.02701EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/08/02 10:12 a.m.5 views

QEMU: virtio-net: map leaking on error during receive

A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage, use-after-free or other unexpected results. A malicious privileged guest could exploit...

7.5CVSS7AI score0.02701EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/06/16 12:0 a.m.39 views

Oracle Linux 7 : olcne (ELSA-2022-9491)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9491 advisory. 1.5.3-1 - Address qemu CVE-2022-26353, CVE-2021-3748 Tenable has extracted the preceding description block directly from the Oracle Linux security...

7.5CVSS6.8AI score0.02701EPSS
Exploits0References3
OSV
OSV
added 2022/03/16 3:15 p.m.3 views

DEBIAN-CVE-2022-26353

A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage and other unexpected results. Affected QEMU version: 6.2.0...

7.5CVSS6.5AI score0.02701EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2022/01/25 5:37 p.m.45 views

CVE-2022-0358

A flaw was found in the QEMU virtio-fs shared file system daemon virtiofsd implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certa...

7.8CVSS0.2AI score0.0101EPSS
Exploits2References3
Rows per page
Query Builder