128 matches found
CVE-2018-8088
CVE-2018-8088 details (normal mode) : The issue affects SLF4J’s slf4j-ext EventData in QOS.CH SLF4J before 1.8.0-beta2, where crafted data can bypass access restrictions. The fix is in SLF4J 1.7.26+ and in the 2.0.x series. Connected advisories corroborate the vulnerability description across Lin...
CVE-2018-10873
CVE-2018-10873 affects SPICE before 0.14.1: a missing bounds check in demarshal.py:write_validate_array_item can be exploited by an authenticated remote peer to crash the SPICE client/server. Public advisories (Debian, IBM, Mageia/CentOS) describe denial of service and potential code execution im...
CVE-2019-14859
CVE-2019-14859 affects the Python library python-ecdsa. A flaw exists in all versions before 0.13.3 where signatures are not properly verified for DER encoding, allowing a malformed signature to be accepted and making signatures malleable. This could enable an attacker to use a malleable signatur...
CVE-2018-5968
CVE-2018-5968 concerns FasterXML jackson-databind deserialization. The entry notes unauthenticated remote code execution via two gadgets that bypass a blacklist, stemming from an incomplete fix for CVE-2017-7525 and CVE-2017-17485. Connected sources specify affected jackson-databind versions and ...
CVE-2018-1000180
CVE-2018-1000180 affects Bouncy Castle BC 1.54–1.59 (and BC-FJA 1.0.0/1.0.1) with a flaw in the Low-level RSA key pair generator interface that may produce RSA key pairs with fewer Miller–Rabin primality tests than expected. IBM vulnerability bulletins associate this CVE with IBM products (e.g., ...
CVE-2022-2132
CVE-2022-2132 is a DoS vulnerability in DPDK caused by a permissive input validation that allows a remote attacker to trigger a denial of service by sending a crafted Vhost header. The issue affects the DPDK component handling Vhost descriptors, where processing of the Vhost header can exhaust mb...
CVE-2019-3804
The CVE-2019-3804 issue affects cockpit prior to version 184, where glib’s base64 decode path is mishandled, allowing an unauthenticated attacker to send a crafted request with an invalid base64-encoded cookie and crash the web service (denial of service). Public documents consistently reference ...
CVE-2017-10664
CVE-2017-10664 affects qemu-nbd in QEMU. The issue arises because SIGPIPE is not ignored, allowing remote attackers to trigger a denial of service (daemon crash) by disconnecting during a server-to-client reply. The vulnerability is referenced across multiple advisories and Nessus plugins (e.g., ...
CVE-2017-7536
CVE-2017-7536 affects Hibernate Validator 5.2.x (before 5.2.5), 5.3.x, and 5.4.x. If the security manager’s reflective permissions are granted to Hibernate Validator, a privilege escalation can occur by allowing access to private members, enabling reading private member values via ConstraintViola...
CVE-2018-14659
The CVE-2018-14659 vulnerability affects GlusterFS up to versions 4.1.4 and 3.1.2. An authenticated, remote attacker could mount a Gluster volume and repeatedly call setxattr via GF_XATTR_IOSTATS_DUMP_KEY to trigger a state dump and create an arbitrary number of files in the server runtime direct...
CVE-2018-14654
CVE-2018-14654 affects GlusterFS (up to 4.1.x) via the GF_XATTROP_ENTRY_IN_KEY path in the translator used during mounting, allowing a remote attacker with access to mounted volumes to create arbitrary, empty files on the server. Exploitation details are not provided in the given documents. Remed...
CVE-2016-3710
CVE-2016-3710 : A bounds-checking flaw in QEMU’s VGA module (VBE read/write via I/O ports) allows a privileged guest to modify banked video memory and execute arbitrary code on the host with QEMU process privileges. Root cause: out-of-bounds read/write in VGA bank access. Impact: potential host c...
CVE-2016-5403
CVE-2016-5403 affects QEMU’s virtio path (virtqueue_pop in hw/virtio/virtio.c). A local guest OS administrator can cause a denial of service via unbounded memory allocation by submitting virtqueue requests without waiting for completion, potentially crashing the QEMU process. Public postings acro...
CVE-2015-3214
CVE-2015-3214 affects QEMU prior to 2.3.1 (pit_ioport_read in i8254.c) and Linux kernel prior to 2.6.33. The flaw does not distinguish between read and write lengths, potentially allowing a privileged guest user (with PIT emulation enabled) to trigger an invalid index and cause arbitrary host cod...
CVE-2018-10874
CVE-2018-10874 affects Ansible. The issue arises when inventory variables are loaded from the current working directory during ad-hoc commands, which attackers can control, enabling arbitrary code execution (local attacker could compromise the target via manipulated inventory vars). The NVD entry...
CVE-2019-19336
CVE-2019-19336 affects oVirt-engine (OAuth authorization endpoint); the vulnerability is a reflected XSS via the response_type parameter, enabling script execution in a user’s session. Affected versions before 4.3.8 are vulnerable. Remediation: update to 4.3.8 or later (per initial description). ...
CVE-2018-14660
CVE-2018-14660 : A flaw in GlusterFS server (versions up to 4.1.4 and 3.1.2) lets a remote, authenticated attacker repeatedly call setxattr on GF_META_LOCK_KEY to create multiple locks for a single inode, leading to memory exhaustion on the GlusterFS server node. Connected documents confirm Glust...
CVE-2015-5165
CVE-2015-5165 affects the RTL8139 emulation in QEMU (C+ mode offload) used by Xen 4.5.x and earlier. A remote attacker could read heap memory in the QEMU process via unspecified vectors, potentially exposing host data. Public sources in connected docs document this as an information-leak flaw in ...
CVE-2016-1568
CVE-2016-1568 is a use-after-free in QEMU’s AHCI emulation (hw/ide/ahci.c) when IDE AHCI Emulation is enabled. A guest user can cause a denial of service (QEMU process crash) and potentially execute arbitrary code via an invalid AHCI NCQ AIO command. The issue is triggered by use-after-free in NC...
CVE-2023-1668
CVE-2023-1668 — Open vSwitch (OVS) has a flaw where, when processing an IP packet with protocol 0, OVS installs a datapath flow whose action does not modify the IP header. This can cause a datapath rule matching all IP protocols (nw_proto wildcarded) to have an incorrect action, risking improper ...
CVE-2018-14661
Technical details for CVE-2018-14661 are not provided in the connected documents. Public information in the initial entry confirms a format-string vulnerability in GlusterFS, but no affected versions, exploit details, or fixes are included here. Monitor for updates.
CVE-2015-3209
CVE-2015-3209 : Heap-based buffer overflow in the QEMU PCNET network device allows remote code execution via crafted packet sequences (TXSTATUS_STARTPACKET then TXSTATUS_DEVICEOWNS). This is a QEMU vulnerability discussed in multiple advisories (notably Arista/Security Advisory 0013 and F5/Multi-...
CVE-2018-1114
CVE-2018-1114 corresponds to an Undertow issue where URLResource.getLastModified() closes file descriptors only when finalized, enabling a file descriptor leak and potential exhaustion. The vulnerability is evidenced in multiple sources (GHSA- GJJX-GQM4-WCGM, Red Hat advisories) describing an unc...
CVE-2018-17958
CVE-2018-17958 affects QEMU, specifically the rtl8139 network device implementation (rtl8139_do_receive in hw/net/rtl8139.c). The root cause is an incorrect integer data type, which leads to a buffer overflow. The description and connected advisories confirm the vulnerability but do not provide a...
CVE-2017-5973
Technical details about CVE-2017-5973 are not publicly provided in the connected documents. Available records reference QEMU's xhci_kick_epctx vulnerability but do not expose deeper data (affected versions, exploit info, or fixes). Monitor for updates.
CVE-2018-6764
CVE-2018-6764 affects libvirt: util/virlog.c may fail to determine the hostname during LXC container startup, enabling a local attacker (guest OS user) to bypass container protections and run arbitrary commands via a crafted NSS module. The issue is concrete in libvirt’s LXC handling and NSS modu...
CVE-2018-17963
CVE-2018-17963 affects QEMU’s net/iov path. The vulnerability is introduced by qemu_deliver_packet_iov in net/net.c, which accepts packet sizes greater than INT_MAX, enabling a remote attacker to trigger a denial of service (and potentially other unspecified impact) by sending oversized packets. ...
CVE-2016-8576
CVE-2016-8576 affects QEMU’s USB xHCI emulation. The vulnerability is in xhci_ring_fetch (hw/usb/hcd-xhci.c), where failure to limit the number of TRBs can be exploited by a local privileged guest to cause an infinite loop and a DoS of the QEMU process. The initial documents do not specify exploi...
CVE-2012-3515
CVE-2012-3515 affects QEMU (as used in Xen 4.0/4.1) where emulating certain devices with a virtual console backend lets local guest OS users gain privileges via a crafted escape VT100 sequence that overwrites a device model’s address space. Connected documents confirm this CVE is included in mult...
CVE-2015-1779
CVE-2015-1779 affects QEMU with the VNC websocket frame decoder. The issue allows a remote attacker to cause a denial of service by sending oversized websocket payloads or HTTP headers, exhausting CPU and memory. Impact is observed when an attacker accesses a guest’s VNC console over the network....
CVE-2016-8909
CVE-2016-8909 is an issue in QEMU’s Intel High Definition Audio emulation. The vulnerability exists in the intel_hda_xfer function (hw/audio/intel-hda.c) where an entry with the same value for buffer length and pointer position can be supplied by a local attacker (local guest OS administrator), l...
CVE-2016-9921
According to connected sources, CVE-2016-9921 affects QEMU with Cirrus CLGD 54xx VGA Emulator. The root cause is a divide-by-zero in cirrus_do_copy when Cirrus VGA graphics mode is VGA, which can be triggered during VGA data copying. Impact is guest-privileged code causing a host DoS by crashing ...
CVE-2023-5366
CVE-2023-5366 affects Open vSwitch. The flaw allows ICMPv6 Neighbor Advertisement packets between VMs to bypass OpenFlow rules, enabling a local attacker to craft packets with a spoofed target IP to redirect ICMPv6 traffic. Connected advisories confirm patched/Open vSwitch versions are available ...
CVE-2016-9911
CVE-2016-9911 (QEMU) : A memory leak vulnerability in QEMU built with USB EHCI emulation. The leak occurs while processing packet data in ehci_init_transfer, allowing a guest user/process to leak host memory and potentially cause a DoS on the host. The available connected documents confirm the pr...
CVE-2016-8910
CVE-2016-8910 affects QEMU: the rtl8139_cplus_transmit function in hw/net/rtl8139.c can allow a local privileged user to cause a denial of service (infinite loop/CPU usage) by failing to limit the ring descriptor count. No public details on patch/version are provided in the connected documents.
CVE-2017-15119
CVE-2017-15119 affects the NBD server in Quick Emulator (QEMU). The NBD server can be DoSed if a client sends oversized option requests, causing the server to spend CPU time reading up to 4 GB per request and potentially starving other requests. This vulnerability is described as occurring in QEM...
CVE-2018-10862
WildFly Core before 6.0.0.Alpha3 is vulnerable due to insufficient validation of file paths in .war archives, enabling crafted archives to overwrite arbitrary files (Zip Slip). The issue is confirmed by linked advisories (GHSA-W8R2-5J8X-X8J6) and Red Hat security notes referencing CVE-2018-10862....
CVE-2009-3080
CVE-2009-3080 affects the Linux kernel gdth driver (gdth_read_event in drivers/scsi/gdth.c). In kernels before 2.6.32-rc8, a negative event index in an IOCTL can allow local users to cause a denial of service or potentially gain privileges. MiracleLinux advisories cite this CVE as part of affecte...
CVE-2018-1059
The CVE concerns the DPDK vhost-user interface, where Guest Physical Addresses to Host Virtual Addresses translations do not verify that the requested guest physical range is fully mapped and contiguous. This can expose vhost-user backend memory to a malicious guest. The vulnerability affects all...
CVE-2014-3467
GNUTLS/library libtasn1 vulnerability CVE-2014-3467 is due to multiple issues in the DER decoder of GNU Libtasn1 up to version 3.5.x (pre-3.6), exploited by crafted ASN.1 data to cause a denial of service via out-of-bounds read. The issue is confirmed in multiple advisories (F5 SOL15423, ALAS-201...
CVE-2019-14850
CVE-2019-14850 affects nbdkit versions 1.12.7, 1.14.1, and 1.15.1, where a remote attacker can cause DoS by opening a connection that triggers extensive work initializing backend plugins, leading to resource consumption and service degradation. The underlying cause is premature opening of back-en...
CVE-2015-7512
CVE-2015-7512 is a buffer overflow in the PC-Net II Ethernet controller emulation (hw/net/pcnet.c) of QEMU. The flaw occurs when handling packets for guests with a larger MTU, allowing a remote attacker to trigger a denial of service (guest OS crash) or potentially execute arbitrary code. Connect...
CVE-2013-4344
CVE-2013-4344 is a buffer overflow in QEMU’s SCSI REPORT LUNS handling when a SCSI controller has more than 256 LUNs. A privileged guest user could corrupt the host QEMU process memory and potentially execute arbitrary code on the host. Affected components: QEMU/KVM user-space (qemu-kvm and relat...
CVE-2016-2857
CVE-2016-2857 is a QEMU vulnerability in the IP checksum routines: the net_checksum_calculate function in net/checksum.c permits local (guest) users to trigger an out-of-bounds heap read, crashing the QEMU process via a crafted packet payload length. Multiple Nessus/MIRACLE-Linux advisories refer...
CVE-2014-7840
The CVE-2014-7840 entry concerns QEMU: during RAM loading in migration, the host_from_stream_offset function in arch_init.c accepts crafted savevm data offset/length values, enabling a remote attacker to execute arbitrary code. The vulnerability affects the RAM-load path of migration, with the de...
CVE-2016-5126
Summary of CVE-2016-5126 family in Debian DLA-1927-1 (qemu security update) Debian DLA-1927-1 documents multiple QEMU vulnerabilities, including CVE-2016-5126 (heap-based buffer overflow in iscsi_aio_ioctl in block/iscsi.c) which allows a local guest user to crash the QEMU process or potentially ...
CVE-2016-8669
CVE-2016-8669 affects QEMU: the serial_update_parameters function in hw/char/serial.c can be triggered by a divider value greater than baud base to cause a divide-by-zero and QEMU process crash. It is a local privilege vulnerability (guest to host) with denial of service as the impact. The connec...
CVE-2014-3615
CVE-2014-3615 concerns the VGA emulator in QEMU. The issue allows a privileged guest (local to the host) to read host memory by setting the display to a high resolution, due to a memory-access flaw in VGA emulation. Public context in connected advisories confirms this was addressed by backporting...
CVE-2016-9907
The CVE-2016-9907 issue affects Quick Emulator (QEMU) built with usb-guest USB redirector support. It describes a memory-leak flaw that can occur while destroying the usbredir device (usbredir_handle_destroy), allowing a guest user to leak host memory and potentially cause DoS on the host. Red Ha...
CVE-2014-7815
CVE-2014-7815 affects the QEMU component: the function set_pixel_format in ui/vnc.c can be triggered remotely to crash the QEMU process (DoS) by sending a small value for bytes_per_pixel. The vulnerability is explicitly documented in multiple advisories and patches were issued in openSUSE/SUSE se...