CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

SUSE CVE•added 2023/02/15 4:16 a.m.•1 views

SUSE CVE-2019-6778

In QEMU 3.0.0, tcpemu in slirp/tcpsubr.c has a heap-based buffer overflow...

7.8CVSS7.3AI score0.00081EPSS

Exploits0References37

Tenable Nessus•added 2022/02/09 12:0 a.m.•215 views

AlmaLinux 8 : virt:rhel (ALSA-2020:2774)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:2774 advisory. QEMU: Slirp: potential OOB access due to unsafe snprintf usages CVE-2020-8608 QEMU: vnc: memory leakage upon disconnect CVE-2019-20382 Tenable has extract...

6.8CVSS6.5AI score0.01501EPSS

Exploits0References3

BDU FSTEC•added 2020/10/01 12:0 a.m.•1 views

The vulnerability of the tcp_subr.c component in the TCP-IP emulator library Libslirp, due to a lack of mechanism for checking the size of copied data, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the tcpsubr.c component in the TCP-IP emulator library Libslirp is related to a lack of mechanisms for checking the size of copied data. Exploiting this vulnerability allows an attacker operating remotely to gain access to confidential data, compromise its integrity, and caus...

6.8CVSS6.6AI score0.01501EPSS

Exploits0References15Affected Software6

Veracode•added 2020/05/15 2:20 a.m.•25 views

Arbitrary Code Execution

qemu is vulnerable to arbitrary code execution. A buffer overflow in tcpsubr.c due to a misuse in the snprintf return values allow an attacker to execute arbitrary code...

5.6CVSS7.1AI score0.01501EPSS

Exploits0References13Affected Software21

RedhatCVE•added 2020/03/31 8:0 p.m.•29 views

CVE-2019-9824

tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure...

5.5CVSS2.3AI score0.001EPSS

Exploits0References3

Prion•added 2020/02/06 5:15 p.m.•25 views

Buffer overflow

In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in later code...

6.8CVSS5.8AI score0.01501EPSS

Exploits0References12Affected Software3

Debian CVE•added 2020/02/06 4:45 p.m.•37 views

CVE-2020-8608

In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in later code...

6.8CVSS7.2AI score0.01501EPSS

Exploits0

Debian CVE•added 2020/01/16 10:51 p.m.•40 views

CVE-2020-7039

tcpemu in tcpsubr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMUIRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code...

6.8CVSS7.7AI score0.00831EPSS

Exploits0

Veracode•added 2019/07/08 12:7 a.m.•29 views

Information Disclosure

qemu-kvm is vulnerable to information disclosure. This is due to the tcpemu function of the file slirp/tcpsubr.c. An attacker could use uninitialized data and the manipulation of unknown input may lead to a disclosure of information...

5.5CVSS5.9AI score0.001EPSS

Exploits0References9Affected Software4

Prion•added 2019/06/03 9:29 p.m.•31 views

Information disclosure

tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure...

2.1CVSS5.2AI score0.001EPSS

Exploits0References7Affected Software1

Debian CVE•added 2019/06/03 8:50 p.m.•35 views

CVE-2019-9824

tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure...

5.5CVSS6.8AI score0.001EPSS

Exploits0