Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/24 12:0 a.m.6 views

RockyLinux 8 : virt:rhel and virt-devel:rhel (RLSA-2026:5578)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:5578 advisory. qemu-kvm: VNC WebSocket handshake use-after-free CVE-2025-11234 Tenable has extracted the preceding description block directly from the RockyLinux security...

7.5CVSS7.2AI score0.00783EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/02/05 4:5 p.m.6 views

qemu-kvm: VNC WebSocket handshake use-after-free

A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network acces...

7.5CVSS5.7AI score0.00783EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

MiracleLinux 7 : qemu-kvm-1.5.3-141.el7.6 (AXSA:2018-2500:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2500:01 advisory. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used...

5.6CVSS7.3AI score0.74041EPSS
Exploits9References2
Veracode
Veracode
added 2020/04/10 12:59 a.m.36 views

Arbitrary Code Execution

qemu-kvm is vulnerable to arbitrary code execution. The vulnerability exists as it was found that the virtio-blk driver in qemu-kvm did not properly validate read and write requests from guests. A privileged guest user could use this flaw to crash the guest or, possibly, execute arbitrary code on...

7.4CVSS2.8AI score0.00718EPSS
Exploits0References22Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/07/24 12:0 a.m.37 views

Oracle Linux 7 : qemu-kvm (ELSA-2014-0704)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-0704 advisory. 1.5.3-60.el70.2 - kvm-pc-add-hotaddcpu-callback-to-all-machine-types.patch bz1094820 - Resolves: bz1094820 Hot plug CPU not working with RHEL6 machine types...

7.2CVSS6.9AI score0.00386EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.33 views

RHEL 6 : qemu-kvm (RHSA-2011:1531)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:1531 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for...

2.1CVSS5.7AI score0.00435EPSS
Exploits0References89
Rows per page
Query Builder