Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

128 matches found

OSV
OSVadded 2016/08/02 12:0 a.m.1 views

UBUNTU-CVE-2016-5403

The virtqueuepop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service memory consumption and QEMU process crash by submitting requests without waiting for completion...

5.5CVSS6.7AI score0.00055EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2016/07/27 3:18 p.m.31 views

CVE-2016-5403

Quick Emulator QEMU built with the virtio framework is vulnerable to an unbounded memory allocation issue. It was found that a malicious guest user could submit more requests than the virtqueue size permits. Processing a request allocates a VirtQueueElement results in unbounded memory allocation ...

5.5CVSS1.7AI score0.00055EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2014/07/24 3:38 p.m.2 views

qemu: virtio: insufficient validation of num_sg when mapping

The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...

8.8CVSS7AI score0.0038EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2014/07/23 4:15 p.m.3 views

qemu: virtio: insufficient validation of num_sg when mapping

The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...

8.8CVSS7AI score0.0038EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2014/06/09 2:35 p.m.2 views

qemu: virtio: insufficient validation of num_sg when mapping

The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...

8.8CVSS7AI score0.0038EPSS
Exploits0References4
Prion
Prionadded 2012/06/21 3:55 p.m.11 views

Design/Logic Flaw

The virtioqueuenotify in qemu-kvm 0.14.0 and earlier does not properly validate the virtqueue number, which allows guest users to cause a denial of service guest crash and possibly execute arbitrary code via a negative number in the Queue Notify field of the Virtio Header, which bypasses a signed...

5.8CVSS7.8AI score0.00602EPSS
Exploits0References14Affected Software1
RedHat Linux
RedHat Linuxadded 2011/07/05 6:5 p.m.3 views

qemu-kvm: virtqueue: too-large indirect descriptor buffer overflow

Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier allows privileged guest users to cause a denial of service guest crash or gain privileges via a crafted indirect descriptor related to "virtqueue in and out requests."...

7.4CVSS5.8AI score0.00785EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2011/06/20 12:0 a.m.26 views

CVE-2011-2212

Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier allows privileged guest users to cause a denial of service guest crash or gain privileges via a crafted indirect descriptor related to "virtqueue in and out requests."...

7.4CVSS5.9AI score0.00785EPSS
Exploits0References2
Rows per page
Query Builder