Lucene search
+L

117 matches found

OSV
OSV
added 2026/07/09 12:54 p.m.3 views

OESA-2026-2952 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A vulnerability, which was classified as critical, has been found in QEMU Virtualization Software version unknown.Using CWE to declare the problem leads to CWE-190. The product performs a...

6.7CVSS6.1AI score0.00122EPSS
Exploits0References3
OSV
OSV
added 2026/07/09 12:54 p.m.3 views

OESA-2026-2951 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high...

6.7CVSS6AI score0.00122EPSS
Exploits0References2
OSV
OSV
added 2026/07/07 5:20 p.m.2 views

OPENSUSE-SU-2026:21253-1 Security update for qemu

This update for qemu fixes the following issues: Update to version 10.0.11. Security issues fixed: - CVE-2026-3886: integer overflow leading to privilege escalation due to lack of proper validation of user-supplied data in the virtio-gpu driver bsc1268061. - CVE-2026-48914: heap buffer overflow d...

6.7CVSS7AI score0.00122EPSS
Exploits0References8
NVD
NVD
added 2026/06/12 10:16 a.m.14 views

CVE-2026-48914

A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request, leading to an...

6.7CVSS0.00122EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/12 9:42 a.m.36 views

CVE-2026-48914 Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling

A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request, leading to an...

6.7CVSS0.00122EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/12 9:42 a.m.19 views

CVE-2026-48914 Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling

A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request, leading to an...

6.7CVSS5.3AI score0.00122EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-48914

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. ...

6.7CVSS6.1AI score0.00122EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/26 3:13 p.m.5 views

CVE-2025-33215

NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit of this vulnerability may lead to a denial of service of the DPA and impact the availability of...

6.8CVSS5.8AI score0.00251EPSS
Exploits0References1
NVD
NVD
added 2026/03/24 9:16 p.m.4 views

CVE-2025-33215

NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit of this vulnerability may lead to a denial of service of the DPA and impact the availability of...

6.8CVSS0.00251EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/24 8:21 p.m.3 views

CVE-2025-33215

NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit of this vulnerability may lead to a denial of service of the DPA and impact the availability of...

6.8CVSS5.8AI score0.00251EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/24 8:21 p.m.23 views

CVE-2025-33215

NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit of this vulnerability may lead to a denial of service of the DPA and impact the availability of...

6.8CVSS0.00251EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/24 8:21 p.m.3 views

CVE-2025-33215

NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit of this vulnerability may lead to a denial of service of the DPA and impact the availability of...

6.8CVSS5.8AI score0.00251EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.8 views

NVIDIA SNAP-4 Container 安全漏洞

NVIDIA SNAP-4 Container is a containerized operating environment component provided by NVIDIA Corporation in the United States, offering high-performance computing and acceleration capabilities. There is a security vulnerability in NVIDIA SNAP-4 Container, which stems from an out-of-bound pointer...

6.8CVSS5.8AI score0.00251EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2026/02/02 12:0 a.m.5 views

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2026-1195)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.4AI score0.00286EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-1749

Malware in sbrugna...

7.4CVSS6AI score0.00718EPSS
Exploits0References24
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-53849

Malicious code in bioql PyPI...

5.5CVSS7.3AI score0.00162EPSS
Exploits0References8
OSV
OSV
added 2025/07/10 8:15 a.m.6 views

UBUNTU-CVE-2025-38314

In the Linux kernel, the following vulnerability has been resolved: virtio-pci: Fix result size returned for the admin command completion The result size returned by virtiopciadmindevpartsget is 8 bytes larger than the actual result data size. This occurs because the resultsgsize field of the...

5.5CVSS6AI score0.0012EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2025/06/20 1:53 a.m.5 views

CVE-2022-50064

In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx-userdata is set to vq in virtblkinithctx. However, vq is freed on suspend and reallocated on resume. So, hctx-userdata is invalid after resume, and it will cause...

7CVSS7.1AI score0.00157EPSS
Exploits0References4
OSV
OSV
added 2025/06/18 11:15 a.m.4 views

UBUNTU-CVE-2022-50064

In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx-userdata is set to vq in virtblkinithctx. However, vq is freed on suspend and reallocated on resume. So, hctx-userdata is invalid after resume, and it will cause...

7.8CVSS6.5AI score0.00157EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/06/18 11:2 a.m.8 views

CVE-2022-50064

In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx-userdata is set to vq in virtblkinithctx. However, vq is freed on suspend and reallocated on resume. So, hctx-userdata is invalid after resume, and it will cause...

7.8CVSS6.3AI score0.00157EPSS
Exploits0
Rows per page
Query Builder