Page 17 of 126 results (0.018 seconds)

CVSS: 6.0EPSS: 0%CPEs: 11EXPL: 0

The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position. La función intel_hda_xfer en hw/audio/intel-hda.c en QEMU (también conocido como Quick Emulator) permite a administradores locales del SO invitado provocar una denegación de servicio (bucle infinito y consumo de CPU) a través de una entrada con el mismo valor para la longitud del búfer y posición del puntero. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html http://www.openwall.com/lists/oss-security/2016/10/24/1 http://www.openwall.com/lists/oss-security/2016/10/24/4 http://www.securityfocus.com/bid/93842 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg04682.html https://security. • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 6.0EPSS: 0%CPEs: 11EXPL: 0

The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count. La función rtl8139_cplus_transmit en hw/net/rtl8139.c en QEMU (también conocido como Quick Emulator) permite a administradores locales del SO invitado provocar una denegación de servicio (bucle infinito y consumo de CPU) aprovechando el fallo para limitar el recuento del descriptor del anillo. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html http://www.openwall.com/lists/oss-security/2016/10/24/2 http://www.openwall.com/lists/oss-security/2016/10/24/5 http://www.securityfocus.com/bid/93844 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html https://security. • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 6.0EPSS: 0%CPEs: 11EXPL: 0

The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base. La función serial_update_parameters en hw/char/serial.c en QEMU (también conocido como Quick Emulator) permite a administradores locales del SO invitado provocar una denegación de servicio (error de división por cero y caída del proceso QEMU) a través de vectores que involucran un valor de divisor mayor que la base baud. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3592fe0c919cf27a81d8e9f9b4f269553418bb01 http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html http://www.openwall.com/lists/oss-security/2016/10/14/9 http://www.openwall.com/lists/oss-security/2016/10/15/5 http://www.securityfocus.com/bid/93563 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https:/&#x • CWE-369: Divide By Zero •

CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0

Cross-site scripting (XSS) vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form. La vulnerabilidad XSS en la vista general de los "Shares" en Openstack Manila en versiones anteriores a 2.5.1 permite a usuarios no autenticados inyectar secuencias de comandos web o HTML arbitrarios a través del campo Metadata en el formulario "Create Share". A cross-site scripting flaw was discovered in openstack-manila-ui's Metadata field contained in its "Create Share" form. A user could inject malicious HTML/JavaScript code that would then be reflected in the "Shares" overview. Remote, authenticated, but unprivileged users could exploit this vulnerability to steal session cookies and escalate their privileges. • http://rhn.redhat.com/errata/RHSA-2016-2115.html http://rhn.redhat.com/errata/RHSA-2016-2116.html http://rhn.redhat.com/errata/RHSA-2016-2117.html http://www.openwall.com/lists/oss-security/2016/09/15/7 http://www.securityfocus.com/bid/93001 https://bugs.launchpad.net/manila-ui/+bug/1597738 https://bugzilla.redhat.com/show_bug.cgi?id=1375147 https://access.redhat.com/security/cve/CVE-2016-6519 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.0EPSS: 0%CPEs: 10EXPL: 0

The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value. La función virtqueue_map_desc en hw/virtio/virtio.c en QEMU (también conocido como Quick Emulator) permite a administradores locales del SO invitado provocar una denegación de servicio (referencia a puntero NULL y caída del proceso QEMU) a través de un gran valor de longitud de búfer descriptor de I/O. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=973e7170dddefb491a48df5cba33b2ae151013a0 http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html http://www.openwall.com/lists/oss-security/2016/09/16/10 http://www.openwall.com/lists/oss-security/2016/09/16/4 http://www.securityfocus.com/bid/92996 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg03546.html https:&# • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-476: NULL Pointer Dereference •