Lucene search
K

49 matches found

Rockylinux
Rockylinux
added 2026/03/11 6:1 p.m.6 views

virt:rhel and virt-devel:rhel security and bug fix update

An update is available for seabios, swtpm, perl-Sys-Virt, module.supermin, module.libiscsi, module.libvirt-dbus, libvirt-dbus, module.swtpm, module.virt-v2v, module.sgabios, module.perl-Sys-Virt, libvirt-python, module.libvirt-python, netcf, module.netcf, module.seabios, module.libguestfs, hivex,...

7.8CVSS7.4AI score0.01606EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2023-6011:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6011:01 advisory. ntfs-3g: heap-based buffer overflow in ntfsck CVE-2021-46790 QEMU: VNC: integer underflow in vncclientcuttextext leads to CPU exhaustion CVE-2022-31...

7.8CVSS5.9AI score0.05552EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2025/12/17 4:15 a.m.6 views

qemu-kvm: VNC WebSocket handshake use-after-free

A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network acces...

7.5CVSS5.7AI score0.00783EPSS
Exploits0References4
OSV
OSV
added 2025/12/03 9:2 a.m.7 views

RLSA-2023:2757 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

7.8CVSS7.6AI score0.05552EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-8385

Malware in sbrugna...

6.5CVSS7.4AI score0.03115EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-58904

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.01261EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-42588

Malicious code in bioql PyPI...

6.5CVSS6.8AI score0.0114EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2023-3354

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a...

7.5CVSS6.7AI score0.01606EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2017-15124

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - VNC server implementation in Quick Emulator QEMU 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the...

7.8CVSS6.7AI score0.02843EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/05/22 10:16 a.m.2 views

QEMU: VNC: NULL pointer dereference in qemu_clipboard_request()

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

6.5CVSS7.1AI score0.01261EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/01/18 2:52 a.m.4 views

SUSE CVE-2023-6683

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

6.5CVSS6.4AI score0.01261EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/12/16 12:0 a.m.7 views

PT-2023-8255 · Qemu +10 · Qemu +10

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu clipboard request function can be reached before vnc server cut text caps was called and had...

8.8CVSS5.8AI score0.01891EPSS
Exploits5References150
RedHat Linux
RedHat Linux
added 2023/11/01 9:11 a.m.4 views

QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QE...

7.5CVSS7.1AI score0.01606EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/10/17 3:33 p.m.48 views

Important: Red Hat Security Advisory: virt:rhel security update

An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated thi...

7.8CVSS7.3AI score0.01606EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/10/10 2:18 p.m.4 views

QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QE...

7.5CVSS7.1AI score0.01606EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/09/19 1:8 p.m.4 views

QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QE...

7.5CVSS7.1AI score0.01606EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/09/19 1:8 p.m.45 views

Important: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security update

An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives ...

7.8CVSS7.3AI score0.01606EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2023/07/11 5:15 p.m.26 views

CVE-2023-3354

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QE...

7.5CVSS7.1AI score0.01606EPSS
Exploits0
OSV
OSV
added 2023/07/11 5:15 p.m.4 views

AZL-35171 CVE-2023-3354 affecting package qemu for versions less than 8.2.0-1

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QE...

7.5CVSS6.6AI score0.01606EPSS
Exploits0References1
OSV
OSV
added 2023/07/11 5:15 p.m.3 views

DEBIAN-CVE-2023-3354

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QE...

7.5CVSS6.4AI score0.01606EPSS
Exploits0References1
Rows per page
Query Builder