CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

SUSE-SU-2026:21883-1 Security update for qemu

This update for qemu fixes the following issues - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. - CVE-2026-2243: incorrect bounds check leads to heap...

6.5CVSS6.9AI score0.00019EPSS

Exploits1References13

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fixed warnings related to cancelsync on uninitialized workstructs. Betty reported encountering the following warning: 8.709131 T221 WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182 … 8.713282 T221 Call trace:...

5.5CVSS6.2AI score0.00051EPSS

Exploits0References2

Tenable Nessus•added 2026/04/22 12:0 a.m.•8 views

openSUSE 16 Security Update : qemu (openSUSE-SU-2026:20567-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20567-1 advisory. Update to version 10.0.9. Security issues fixed: - CVE-2026-3196: unbounded memory allocation and host denial-of-service via PCMINFO requests se...

5.1CVSS5.7AI score0.00019EPSS

Exploits1References9

Ubuntu•added 2026/04/09 2:22 p.m.•4 views

USN-8161-1: QEMU vulnerabilities

It was discovered that the LSI53C895A SCSI Host Bus Adapter implementation of QEMU incorrectly handled memory. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2024-6519 It was discovered...

8.2CVSS7.5AI score0.00019EPSS

Exploits1

Tenable Nessus•added 2026/03/16 12:0 a.m.•4 views

TencentOS Server 4: qemu (TSSA-2026:0167)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0167 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.8CVSS7.4AI score0.00038EPSS

Exploits0References2

OSV•added 2026/03/03 12:0 a.m.•1 views

UBUNTU-CVE-2026-3195

two potential OOB memory accesses in virtio-snd...

5.8AI score

Exploits0References4

RedhatCVE•added 2026/03/02 4:19 p.m.•3 views

CVE-2026-3195

A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...

7.8CVSS5.8AI score0.00038EPSS

Exploits0References3

Tenable Nessus•added 2026/01/22 12:0 a.m.•4 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-37805)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37805 advisory. - In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fix cancelsync warnings on...

5.5CVSS6.7AI score0.00051EPSS

Exploits0References2

Tenable Nessus•added 2025/08/15 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2025-37805

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sound/virtio: Fix cancelsync warnings on uninitialized workstructs Betty reported hitting the following warning: 8.709131 T221 WARNING: CPU: 2 PID: 221 at...

5.5CVSS6.8AI score0.00051EPSS

Exploits0References3

NVD•added 2025/05/08 7:15 a.m.•15 views

CVE-2025-37805

In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fix cancelsync warnings on uninitialized workstructs Betty reported hitting the following warning: 8.709131 T221 WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182 ... 8.713282 T221 Call trace: 8.713365 T221...

5.5CVSS0.00051EPSS

Exploits0References7

OSV•added 2025/05/08 7:15 a.m.•1 views

UBUNTU-CVE-2025-37805

5.5CVSS6.2AI score0.00051EPSS

Exploits0References32

Vulnrichment•added 2025/05/08 6:26 a.m.•5 views

CVE-2025-37805 sound/virtio: Fix cancel_sync warnings on uninitialized work_structs

6AI score0.00051EPSS

Exploits0References6

UbuntuCve•added 2024/08/15 12:0 a.m.•6 views

CVE-2024-7730

A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtiosndpcmincb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-bounds write if the size of the virtio queue element...

7.8CVSS7.2AI score0.00038EPSS

Exploits0References3

Positive Technologies•added 2024/07/05 12:0 a.m.•2 views

PT-2024-8584 · Qemu +4 · Qemu +4

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtio snd pcm in cb, the function did not check whether the iov c...

7.8CVSS6.7AI score0.01501EPSS

Exploits1References56