CVE-2018-3639

CVE-2018-3639 is a speculative execution side‑channel vulnerability (SSB) that can leak memory via speculative stores. The Connected ALMA doc notes a mitigation: SSB is disabled by the new alt-java launcher, reducing impact at the cost of performance, and it references OpenJDK 8u282 as part of th...

CVE-2020-14364

Vulnerability: CVE-2020-14364 affects the USB emulator in QEMU before 5.2.0. Root cause: an out-of-bounds read/write when processing USB packets, specifically if USBDevice 'setup_len' exceeds data_buf[4096] in do_token_in/do_token_out. Impact: a guest user could crash the QEMU process (DoS) or po...

CVE-2018-7536

CVE-2018-7536 affects Django: vulnerable in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The issue is a denial-of-service caused by catastrophic backtracking in two regular expressions used by django.utils.html.urlize() (one regex in 1.8.x). The urlize() function underpins...

CVE-2020-27827

CVE-2020-27827 concerns Open vSwitch where specially crafted LLDP packets can trigger memory allocation issues during handling of optional TLVs, leading to a denial of service and impacting availability. The connected documents provide various advisories (e.g., AlmaLinux, Gentoo GLSA) that refere...

CVE-2020-1711

CVE-2020-1711 affects the QEMU iSCSI Block driver: an out-of-bounds heap buffer access in iscsi_co_block_status() when processing iSCSI server responses for LBA status. A remote attacker could crash QEMU or potentially execute code with host-QEMU privileges, via a crafted response from the iSCSI ...

CVE-2017-7481

CVE-2017-7481 affects Ansible before versions 2.3.1.0 and 2.4.0.0, where lookup-plugin results could be marked unsafe, allowing code execution via jinja2 if an attacker controls lookup() results. The description and connected advisories confirm the vulnerability originates from unsafe lookup resu...

CVE-2019-10192

CVE-2019-10192 is a heap-buffer overflow in Redis HyperLogLog used by SETRANGE. Affected: Redis HyperLogLog in 3.x before 3.2.13, 4.x before 4.0.14, and 5.x before 5.0.4. By corrupting a hyperloglog, an attacker can cause Redis to write up to 3 bytes beyond the end of a heap-allocated buffer. Imp...

CVE-2019-10193

CVE-2019-10193 is a stack-buffer overflow in Redis HyperLogLog exposed by the SETRANGE usage. Affected branches are Redis 3.x before 3.2.13, 4.x before 4.0.14, and 5.x before 5.0.4. Exploitation could cause writes past the end of a stack-allocated buffer, per multiple connected advisories. Public...

CVE-2018-10875

CVE-2018-10875 affects Ansible where ansible.cfg is read from the current working directory, allowing an attacker to influence the plugin/module path and potentially execute arbitrary code. The issue arises because the CWD can be manipulated to point to controlled code. Red Hat/Ubuntu/openSUSE ad...

CVE-2019-14900

CVE-2019-14900 affects Hibernate ORM prior to 5.3.18, 5.4.18, and 5.5.0.Beta1. The flaw is a SQL injection in the JPA Criteria API implementation that can permit unsanitized literals in the SELECT or GROUP BY clauses, enabling an attacker to access unauthorized information. The connected document...

CVE-2018-10855

CVE-2018-10855 affects Ansible: versions 2.5 prior to 2.5.5 and 2.4 prior to 2.4.5 do not honor the no_log flag for failed tasks, which can cause sensitive data passed to a task to be exposed in logs and on the user’s terminal when the task fails. Red Hat advisories (RHSA-2018:1948, RHSA-2019:005...

CVE-2021-3930

CVE-2021-3930 concerns an off-by-one error in the SCSI device emulation of QEMU during MODE SELECT handling in mode_sense_page() when page is MODE_PAGE_ALLS (0x3f). The vulnerability can allow a malicious guest to crash QEMU, causing a denial of service. Affected software is QEMU (various release...

CVE-2018-11806

CVE-2018-11806 affects QEMU where the SLiRP networking back-end (mbuf.c) can perform a heap-based buffer overflow when reassembling fragmented datagrams. The described impact in the connected documents includes a potential host compromise via arbitrary code execution or denial of service due to a...

CVE-2018-11219

CVE-2018-11219 is a Redis Lua subsystem integer overflow vulnerability (bounds checking failure) affecting Redis up to versions prior to 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2. The issue originates in lua_struct.c:b_unpack() and can lead to memory corruption or a crash. Public details ...

CVE-2019-14859

CVE-2019-14859 affects the Python library python-ecdsa. A flaw exists in all versions before 0.13.3 where signatures are not properly verified for DER encoding, allowing a malformed signature to be accepted and making signatures malleable. This could enable an attacker to use a malleable signatur...

CVE-2018-11218

CVE-2018-11218 describes a memory corruption vulnerability in the Redis Lua subsystem’s cmsgpack handling, caused by stack-based buffer overflows. Affected Redis versions are before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2. Several connected sources reiter the issue as a Redis component ...

CVE-2018-1000127

The CVE-2018-1000127 issue affects memcached prior to 1.4.37, caused by an Integer Overflow in items.c:item_free() that can lead to data corruption and deadlocks due to reusing hash-table entries from a free list. It is exploitable over the network to the memcached service. The vulnerability is f...

CVE-2020-10685

CVE-2020-10685 affects Ansible Engine versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, 2.9.x before 2.9.7, and Ansible Tower up to 3.6.3, when using vault-decrypting modules (assemble, script, unarchive, win_copy, aws_s3, copy). A temporary directory is created in /tmp and left unencrypted; on ...

CVE-2017-2620

CVE-2017-2620 affects QEMU with Cirrus CLGD 54xx VGA emulator prior to 2.8, where cirrus_bitblt_cputovideo can trigger out-of-bounds access while copying VGA data. This could allow a privileged guest user to crash the QEMU process or potentially execute arbitrary host code with QEMU privileges. P...

CVE-2017-10664

CVE-2017-10664 affects qemu-nbd in QEMU. The issue arises because SIGPIPE is not ignored, allowing remote attackers to trigger a denial of service (daemon crash) by disconnecting during a server-to-client reply. The vulnerability is referenced across multiple advisories and Nessus plugins (e.g., ...

CVE-2020-10684

Ansible Engine vulnerable scope: versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, and 2.9.x before 2.9.7 allow an attacker to alter ansible_facts when inject is enabled, potentially leading to privilege escalation or code injection. Connected advisories confirm the same underlying issue and pro...

CVE-2020-1758

CVE-2020-1758 affects Keycloak versions before 10.0.0. The issue is that TLS hostname verification is not performed when Keycloak sends emails via an SMTP server, which can allow a man‑in‑the‑middle (MITM) attack. The connected sources consistently describe this flaw and its mitigation; there are...

CVE-2018-10874

CVE-2018-10874 affects Ansible. The issue arises when inventory variables are loaded from the current working directory during ad-hoc commands, which attackers can control, enabling arbitrary code execution (local attacker could compromise the target via manipulated inventory vars). The NVD entry...

CVE-2018-1000115

CVE-2018-1000115 – Memcached UDP amplification vulnerability. Memcached 1.5.5 contains an Insufficient Control of Network Message Volume (CWE-406) in UDP support, enabling a remote attacker to perform a denial-of-service via UDP traffic to port 11211 (amplification ~1:50,000). The issue is mitiga...

CVE-2017-7466

CVE-2017-7466 is a vulnerability in Ansible prior to version 2.3, where input validation of data returned by client systems could be exploited by a compromised client to execute arbitrary code on the Ansible server with the server’s privileges. Public sources in the provided documents reference R...

CVE-2017-2615

The CVE-2017-2615 issue affects QEMU’s Cirrus CLGD 54xx VGA emulator support. The vulnerability is an out-of-bounds access during VGA data copying via bitblt in backward mode, which could allow a privileged guest user to crash the QEMU process and potentially execute arbitrary host code with QEMU...

CVE-2016-9603

CVE-2016-9603 affects QEMU’s Cirrus CLGD 54xx VGA emulator, specifically the VNC display driver support prior to 2.9. A heap-based buffer overflow can occur when a VNC client updates the display after a guest VGA operation. A privileged guest user could crash the QEMU process or potentially execu...

CVE-2019-14433

The CVE-2019-14433 issue affects OpenStack Nova (versions before 17.0.12, 18.x before 18.2.2, 19.x before 19.0.2). It allows authenticated API requests that fault to leak environment details in responses, potentially exposing sensitive configuration data (partial confidentiality impact). Red Hat ...

CVE-2019-14818

The CVE-2019-14818 issue affects DPDK packages in multiple lines: 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4, and 19.x.x before 19.08.1. A malicious master or a container with access to a vhost_user socket can send crafted VRING_SET_NUM messages, causing a memory leak th...

CVE-2016-8576

CVE-2016-8576 affects QEMU’s USB xHCI emulation. The vulnerability is in xhci_ring_fetch (hw/usb/hcd-xhci.c), where failure to limit the number of TRBs can be exploited by a local privileged guest to cause an infinite loop and a DoS of the QEMU process. The initial documents do not specify exploi...

CVE-2017-5973

Technical details about CVE-2017-5973 are not publicly provided in the connected documents. Available records reference QEMU's xhci_kick_epctx vulnerability but do not expose deeper data (affected versions, exploit info, or fixes). Monitor for updates.

CVE-2018-17963

CVE-2018-17963 affects QEMU’s net/iov path. The vulnerability is introduced by qemu_deliver_packet_iov in net/net.c, which accepts packet sizes greater than INT_MAX, enabling a remote attacker to trigger a denial of service (and potentially other unspecified impact) by sending oversized packets. ...

CVE-2016-8909

CVE-2016-8909 is an issue in QEMU’s Intel High Definition Audio emulation. The vulnerability exists in the intel_hda_xfer function (hw/audio/intel-hda.c) where an entry with the same value for buffer length and pointer position can be supplied by a local attacker (local guest OS administrator), l...

CVE-2016-8910

CVE-2016-8910 affects QEMU: the rtl8139_cplus_transmit function in hw/net/rtl8139.c can allow a local privileged user to cause a denial of service (infinite loop/CPU usage) by failing to limit the ring descriptor count. No public details on patch/version are provided in the connected documents.

CVE-2018-1059

The CVE concerns the DPDK vhost-user interface, where Guest Physical Addresses to Host Virtual Addresses translations do not verify that the requested guest physical range is fully mapped and contiguous. This can expose vhost-user backend memory to a malicious guest. The vulnerability affects all...

CVE-2016-9911

CVE-2016-9911 (QEMU) : A memory leak vulnerability in QEMU built with USB EHCI emulation. The leak occurs while processing packet data in ehci_init_transfer, allowing a guest user/process to leak host memory and potentially cause a DoS on the host. The available connected documents confirm the pr...

CVE-2017-8309

CVE-2017-8309 refers to a memory leak in QEMU’s audio subsystem (audio.c) that can be exploited remotely to cause a denial of service by repeatedly starting and stopping audio capture. The initial description explicitly states the issue and impact. Connected sources list the CVE in vendor advisor...

CVE-2016-9921

According to connected sources, CVE-2016-9921 affects QEMU with Cirrus CLGD 54xx VGA Emulator. The root cause is a divide-by-zero in cirrus_do_copy when Cirrus VGA graphics mode is VGA, which can be triggered during VGA data copying. Impact is guest-privileged code causing a host DoS by crashing ...

CVE-2018-17206

Open vSwitch 2.7.x–2.7.6 contains a buffer over-read in the decode_bundle function (lib/ofp-actions.c) during BUNDLE action decoding, classified as CVE-2018-17206. The issue is documented in multiple advisories (e.g., RHSA/RHSA-like entries) and Debian/DLA disclosures; exploitation details and ex...

CVE-2016-9907

The CVE-2016-9907 issue affects Quick Emulator (QEMU) built with usb-guest USB redirector support. It describes a memory-leak flaw that can occur while destroying the usbredir device (usbredir_handle_destroy), allowing a guest user to leak host memory and potentially cause DoS on the host. Red Ha...

CVE-2016-8669

CVE-2016-8669 affects QEMU: the serial_update_parameters function in hw/char/serial.c can be triggered by a divider value greater than baud base to cause a divide-by-zero and QEMU process crash. It is a local privilege vulnerability (guest to host) with denial of service as the impact. The connec...

CVE-2017-7980

CVE-2017-7980 detailed : A heap-based buffer overflow in QEMU’s Cirrus CLGD 54xx VGA Emulator (Cirrus CLGD 54xx) used with Quick Emulator/ QEMU up to version 2.8 enables a local privileged guest to execute arbitrary code or cause a denial of service by exploiting a vulnerability when a VNC client...

CVE-2016-4020

CVE-2016-4020 : In QEMU, the patch_instruction function in hw/i386/kvmvapic.c fails to initialize imm32, enabling a local guest OS administrator to leak host stack memory via the Task Priority Register (TPR). Several advisories (Debian DLA-574-1, CentOS/CESA-2017:1856, Gentoo GLSA-201609-01) docu...

CVE-2017-8379

CVE-2017-8379 is a memory-leak issue in QEMU keyboard input event handling that can allow a local privileged guest user to exhaust host memory and cause a denial of service. The vulnerability is listed among fixes in Red Hat RHSA-2017:2408, which notes remediation by rebasing to QEMU 2.9.0 and re...

CVE-2017-18191

CVE-2017-18191 - OpenStack Nova: In OpenStack Nova 15.x (up to 15.1.0) and 16.x (up to 16.1.1), detaching and reattaching an encrypted volume can allow an attacker to access the underlying raw volume and corrupt the LUKS header, causing a denial of service on the compute host (data loss is noted ...

CVE-2016-6888

CVE-2016-6888 in QEMU (net_tx_pkt_init in hw/net/net_tx_pkt.c) has an integer overflow when handling the maximum fragmentation count, triggering an unchecked multiplication and a NULL pointer dereference. This allows a local privileged user/guest to cause a denial of service (QEMU process crash)....

CVE-2018-17204

Open vSwitch (OVS) 2.7.x–2.7.6 is affected by CVE-2018-17204 due to a logic error in parse_group_prop_ntr_selection_method within lib/ofp-util.c. During decoding of a group mod, the code validates the group type/command only after the full group mod is parsed, but the OpenFlow 1.5 decoder may use...

CVE-2016-7422

CVE-2016-7422 affects QEMU’s virtio/virtio.c: virtqueue_map_desc allows a local guest OS administrator to trigger a NULL pointer dereference by using a large I/O descriptor buffer length, leading to QEMU process crash. Remediation in connected docs shows fixes via rebases to QEMU 2.9.0 (RHSA-2017...

CVE-2016-7466

CVE-2016-7466 is a memory-leak denial-of-service issue in QEMU’s USB xHCI emulation when MSI-X is used. The usb_xhci_exit path can leak memory during repeated USB unplug actions, allowing a local privileged user (guest) to exhaust host memory or crash the QEMU process. Public details confirm the ...

CVE-2018-17205

Open vSwitch CVE-2018-17205 affects 2.7.x–2.7.6 in the bundle commit path (ofproto_rule_insert__) where, if a flow fails to be added, OvS reverts previous flows from the same bundle. While reinserting old flows, an assertion failure on rule state != RULE_INITIALIZED occurs because the old flow st...