Lucene search
K

26 matches found

CVE
CVE
added 2016/09/20 6:0 p.m.779 views

CVE-2016-6662

CVE-2016-6662 affects MySQL-derived products (MySQL, MariaDB, Percona Server) across multiple branches, allowing local users to bypass protections by setting general_log_file to a my.cnf configuration. The underlying flaw enables arbitrary configuration by non-privileged users and can be leverage...

10CVSS8AI score0.6773EPSS
CVE
CVE
added 2016/04/13 3:0 p.m.197 views

CVE-2015-8080

CVE-2015-8080 is an in Redis where the getnum function in lua_struct.c can overflow an integer if a Lua script processes a large number. Affects Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6. The described impact is memory corruption and application crash, with potential sandbox circumvention....

7.5CVSS8AI score0.05362EPSS
CVE
CVE
added 2016/05/11 9:0 p.m.190 views

CVE-2016-3710

CVE-2016-3710 : A bounds-checking flaw in QEMU’s VGA module (VBE read/write via I/O ports) allows a privileged guest to modify banked video memory and execute arbitrary code on the host with QEMU process privileges. Root cause: out-of-bounds read/write in VGA bank access. Impact: potential host c...

8.8CVSS8.7AI score0.00916EPSS
CVE
CVE
added 2016/08/02 4:0 p.m.189 views

CVE-2016-5403

CVE-2016-5403 affects QEMU’s virtio path (virtqueue_pop in hw/virtio/virtio.c). A local guest OS administrator can cause a denial of service via unbounded memory allocation by submitting virtqueue requests without waiting for completion, potentially crashing the QEMU process. Public postings acro...

5.5CVSS5.9AI score0.0052EPSS
CVE
CVE
added 2016/04/08 4:0 p.m.176 views

CVE-2016-1568

CVE-2016-1568 is a use-after-free in QEMU’s AHCI emulation (hw/ide/ahci.c) when IDE AHCI Emulation is enabled. A guest user can cause a denial of service (QEMU process crash) and potentially execute arbitrary code via an invalid AHCI NCQ AIO command. The issue is triggered by use-after-free in NC...

8.8CVSS9.2AI score0.00533EPSS
CVE
CVE
added 2016/11/04 9:0 p.m.148 views

CVE-2016-8576

CVE-2016-8576 affects QEMU’s USB xHCI emulation. The vulnerability is in xhci_ring_fetch (hw/usb/hcd-xhci.c), where failure to limit the number of TRBs can be exploited by a local privileged guest to cause an infinite loop and a DoS of the QEMU process. The initial documents do not specify exploi...

6CVSS5.3AI score0.00386EPSS
CVE
CVE
added 2016/07/12 7:0 p.m.141 views

CVE-2016-4428

OpenStack Horizon (Dashboard) is affected by an XSS vulnerability (CVE-2016-4428) present in Horizon 8.0.1 and earlier and 9.0.0–9.0.1. The issue arises from injecting an AngularJS template into a dashboard form, allowing a remote authenticated user to inject arbitrary script/HTML. Impact reporte...

5.4CVSS5AI score0.02068EPSS
CVE
CVE
added 2016/11/04 9:0 p.m.141 views

CVE-2016-8909

CVE-2016-8909 is an issue in QEMU’s Intel High Definition Audio emulation. The vulnerability exists in the intel_hda_xfer function (hw/audio/intel-hda.c) where an entry with the same value for buffer length and pointer position can be supplied by a local attacker (local guest OS administrator), l...

6CVSS6.1AI score0.00441EPSS
CVE
CVE
added 2016/12/23 10:0 p.m.141 views

CVE-2016-9921

According to connected sources, CVE-2016-9921 affects QEMU with Cirrus CLGD 54xx VGA Emulator. The root cause is a divide-by-zero in cirrus_do_copy when Cirrus VGA graphics mode is VGA, which can be triggered during VGA data copying. Impact is guest-privileged code causing a host DoS by crashing ...

6.5CVSS6.3AI score0.00394EPSS
CVE
CVE
added 2016/12/23 10:0 p.m.139 views

CVE-2016-9911

CVE-2016-9911 (QEMU) : A memory leak vulnerability in QEMU built with USB EHCI emulation. The leak occurs while processing packet data in ehci_init_transfer, allowing a guest user/process to leak host memory and potentially cause a DoS on the host. The available connected documents confirm the pr...

6.5CVSS6.3AI score0.00367EPSS
CVE
CVE
added 2016/11/04 9:0 p.m.137 views

CVE-2016-8910

CVE-2016-8910 affects QEMU: the rtl8139_cplus_transmit function in hw/net/rtl8139.c can allow a local privileged user to cause a denial of service (infinite loop/CPU usage) by failing to limit the ring descriptor count. No public details on patch/version are provided in the connected documents.

6CVSS6AI score0.00407EPSS
CVE
CVE
added 2016/01/08 9:0 p.m.128 views

CVE-2015-7512

CVE-2015-7512 is a buffer overflow in the PC-Net II Ethernet controller emulation (hw/net/pcnet.c) of QEMU. The flaw occurs when handling packets for guests with a larger MTU, allowing a remote attacker to trigger a denial of service (guest OS crash) or potentially execute arbitrary code. Connect...

9CVSS9.3AI score0.0773EPSS
CVE
CVE
added 2016/04/07 7:0 p.m.127 views

CVE-2016-1714

CVE-2016-1714 – QEMU firmware config flaw. Local CAP_SYS_RAWIO users can trigger out-of-bounds reads/writes in hw/nvram/fw_cfg.c (fw_cfg_write/fw_cfg_read) when Firmware Configuration device emulation is enabled, potentially crashing the guest or allowing code execution on the host. Affected: QEM...

8.1CVSS8.5AI score0.06085EPSS
CVE
CVE
added 2016/04/08 4:0 p.m.127 views

CVE-2016-2857

CVE-2016-2857 is a QEMU vulnerability in the IP checksum routines: the net_checksum_calculate function in net/checksum.c permits local (guest) users to trigger an out-of-bounds heap read, crashing the QEMU process via a crafted packet payload length. Multiple Nessus/MIRACLE-Linux advisories refer...

8.4CVSS6.6AI score0.00564EPSS
CVE
CVE
added 2016/06/01 10:0 p.m.124 views

CVE-2016-5126

Summary of CVE-2016-5126 family in Debian DLA-1927-1 (qemu security update) Debian DLA-1927-1 documents multiple QEMU vulnerabilities, including CVE-2016-5126 (heap-based buffer overflow in iscsi_aio_ioctl in block/iscsi.c) which allows a local guest user to crash the QEMU process or potentially ...

7.8CVSS7.9AI score0.00701EPSS
CVE
CVE
added 2016/11/04 9:0 p.m.124 views

CVE-2016-8669

CVE-2016-8669 affects QEMU: the serial_update_parameters function in hw/char/serial.c can be triggered by a divider value greater than baud base to cause a divide-by-zero and QEMU process crash. It is a local privilege vulnerability (guest to host) with denial of service as the impact. The connec...

6CVSS5.9AI score0.00362EPSS
CVE
CVE
added 2016/12/23 10:0 p.m.121 views

CVE-2016-9907

The CVE-2016-9907 issue affects Quick Emulator (QEMU) built with usb-guest USB redirector support. It describes a memory-leak flaw that can occur while destroying the usbredir device (usbredir_handle_destroy), allowing a guest user to leak host memory and potentially cause DoS on the host. Red Ha...

6.5CVSS6.5AI score0.00413EPSS
CVE
CVE
added 2016/05/25 3:0 p.m.119 views

CVE-2016-4020

CVE-2016-4020 : In QEMU, the patch_instruction function in hw/i386/kvmvapic.c fails to initialize imm32, enabling a local guest OS administrator to leak host stack memory via the Task Priority Register (TPR). Several advisories (Debian DLA-574-1, CentOS/CESA-2017:1856, Gentoo GLSA-201609-01) docu...

6.5CVSS6.4AI score0.00372EPSS
CVE
CVE
added 2016/12/10 12:0 a.m.107 views

CVE-2016-6888

CVE-2016-6888 in QEMU (net_tx_pkt_init in hw/net/net_tx_pkt.c) has an integer overflow when handling the maximum fragmentation count, triggering an unchecked multiplication and a NULL pointer dereference. This allows a local privileged user/guest to cause a denial of service (QEMU process crash)....

4.4CVSS6.1AI score0.00381EPSS
CVE
CVE
added 2016/12/10 12:0 a.m.102 views

CVE-2016-7466

CVE-2016-7466 is a memory-leak denial-of-service issue in QEMU’s USB xHCI emulation when MSI-X is used. The usb_xhci_exit path can leak memory during repeated USB unplug actions, allowing a local privileged user (guest) to exhaust host memory or crash the QEMU process. Public details confirm the ...

6CVSS5.4AI score0.00421EPSS
CVE
CVE
added 2016/12/10 12:0 a.m.101 views

CVE-2016-7422

CVE-2016-7422 affects QEMU’s virtio/virtio.c: virtqueue_map_desc allows a local guest OS administrator to trigger a NULL pointer dereference by using a large I/O descriptor buffer length, leading to QEMU process crash. Remediation in connected docs shows fixes via rebases to QEMU 2.9.0 (RHSA-2017...

6CVSS5AI score0.00364EPSS
CVE
CVE
added 2016/07/12 7:0 p.m.87 views

CVE-2016-4985

CVE-2016-4985 affects the OpenStack Ironic project, specifically the ironic-api service. The vulnerability allows an attacker with network access to the ironic-api to bypass authentication and retrieve full details of a registered node by knowing the node’s MAC address and sending a crafted POST ...

7.5CVSS7.1AI score0.02836EPSS
Web
CVE
CVE
added 2016/01/20 4:0 p.m.85 views

CVE-2015-5295

CVE-2015-5295 affects OpenStack Heat’s template-validate command. A remote authenticated user can abuse the template validation path to cause memory exhaustion (DoS) or to determine the existence of local files via the resource type in a template, demonstrated by file:///dev/zero. Affected softwa...

5.5CVSS5.2AI score0.02928EPSS
CVE
CVE
added 2016/04/15 5:0 p.m.67 views

CVE-2015-5271

CVE-2015-5271 affects TripleO Heat templates: the swiftproxy pipeline does not properly order Keystone before Swift staticweb middleware when staticweb is enabled, potentially allowing remote attackers to obtain sensitive information from private containers via unspecified vectors. This is docume...

7.5CVSS7.1AI score0.02415EPSS
CVE
CVE
added 2016/06/30 4:0 p.m.61 views

CVE-2016-4474

CVE-2016-4474 affects Red Hat OpenStack Platform 8.0 (Liberty) director and Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) overcloud-full images. The image build process uses a default root password (ROOTPW/rootpw), enabling potential remote root access via unspecified vectors. Red Hat ad...

8.8CVSS8.8AI score0.00846EPSS
CVE
CVE
added 2016/04/11 9:0 p.m.54 views

CVE-2015-5329

The CVE-2015-5329 issue affects TripleO Heat templates (tripleo-heat-templates) used with Red Hat Enterprise Linux OpenStack Platform 7.0. The root cause is improper use of RabbitMQ credentials, leading deployed overcloud services to be accessible with default credentials (guest/guest). Descripti...

7.5CVSS7.2AI score0.01517EPSS