Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2022/05/11 12:0 a.m.6 views

CVE-2022-24422

Dell iDRAC9 versions 5.00.00.00 and later but prior to 5.10.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access to the VNC Console...

10CVSS7.3AI score0.53824EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/04/10 6:54 p.m.4 views

QEMU: I/O: potential memory exhaustion via websock connection to VNC

A memory leakage issue was found in the I/O channels websockets implementation of the Quick Emulator QEMU. It could occur while sending screen updates to a client, which is slow to read and process them further. A privileged guest user could use this flaw to cause a denial of service on the host...

7.5CVSS7.1AI score0.04272EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2015/10/26 9:22 p.m.4 views

qemu: vnc: insufficient resource limiting in VNC websockets decoder

It was found that the QEMU's websocket frame decoder processed incoming frames without limiting resources used to process the header and the payload. An attacker able to access a guest's VNC console could use this flaw to trigger a denial of service on the host by exhausting all available memory...

8.6CVSS7.1AI score0.07393EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/10/22 5:21 p.m.3 views

openstack-nova: Nova VMware driver may connect VNC to another tenant's console

A race condition flaw was found in the way the nova VMware driver handled VNC port allocation. An authenticated user could use this flaw to gain unauthorized console access to instances belonging to other tenants by repeatedly spawning new instances. Note that only nova setups using the VMware...

6.5CVSS5.7AI score0.02027EPSS
Exploits0References4
Rows per page
Query Builder