Page 35 of 185 results (0.016 seconds)

CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0

CVE-2015-5225 – Qemu: ui: vnc: heap memory corruption in vnc_refresh_server_surface

https://notcve.org/view.php?id=CVE-2015-5225

Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the server display surface. Desbordamiento de buffer en la función vnc_refresh_server_surface en el controlador de pantalla VNC en QEMU en versiones anteriores a 2.4.0.1 permite a usuarios invitados provocar una denegación de servicio (corrupción de memoria dinámica y caída de proceso) o posiblemente ejecutar código arbitrario en el host a través de vectores no especificados, relacionado con la actualización de la superficie mostrada en el servidor. A heap-based buffer overflow issue was found in the QEMU emulator's VNC display driver. It could occur while refreshing the VNC server's display surface using the vnc_refresh_server_surface() routine. A privileged guest user could use this flaw to corrupt the heap memory and crash the QEMU process instance, or to potentially use it to execute arbitrary code on the host. • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169039.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165484.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166798.html http://rhn.redhat.com/errata/RHSA-2015-1772.html http://rhn.redhat.com/errata/RHSA-2015-1837.html http://www.debian.org/security/2015/dsa-3348 http://www.openwall.com/lists/oss-security/2015/08/21/6 http://www.securityfocus.com/bid/76506 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 4.3EPSS: 0%CPEs: 78EXPL: 0

CVE-2015-6665

https://notcve.org/view.php?id=CVE-2015-6665

Cross-site scripting (XSS) vulnerability in the Ajax handler in Drupal 7.x before 7.39 and the Ctools module 6.x-1.x before 6.x-1.14 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving a whitelisted HTML element, possibly related to the "a" tag. Vulnerabilidad de XSS en el manejador Ajax en Drupal 7.x en versiones anteriores a la 7.39 y el módulo Ctools 6.x-1.x en versiones anteriores a 6.x-1.14 para Drupal, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores implicando un elemento HTML en la lista blanca, posiblemente relacionado con la etiqueta 'a'. • http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165061.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165674.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165690.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165695.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165704.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165723.html http://lists.fedoraproject& • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 20EXPL: 0

CVE-2015-6524

https://notcve.org/view.php?id=CVE-2015-6524

The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in Apache ActiveMQ 5.x before 5.10.1 allows wildcard operators in usernames, which allows remote attackers to obtain credentials via a brute force attack. NOTE: this identifier was SPLIT from CVE-2014-3612 per ADT2 due to different vulnerability types. La implementación de LDAPLoginModule en el Java Authentication y Authorization Service (JAAS) en Apache ActiveMQ 5.x en versiones anteriores a 5.10.1 permite operadores comodín en nombres de usuario, lo que permite a atacantes remotos obtener credenciales a través de un ataque de fuerza bruta. NOTA: este identificador fue SEPARADO de CVE-2014-3612 por ADT2 debido a diferentes tipos de vulnerabilidad. • http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168094.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168651.html • CWE-255: Credentials Management Errors •

CVSS: 7.2EPSS: 0%CPEs: 13EXPL: 0

CVE-2015-5154 – qemu: ide: atapi: heap overflow during I/O buffer memory access

https://notcve.org/view.php?id=CVE-2015-5154

Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands. Desbordamiento del buffer basado en memoria dinámica en el subsistema IDE en QEMU, usado en Xen 4.5.x y versiones anteriores, cuando el contenedor tiene una unidad CDROM habilitada, permite a usuarios invitados locales ejecutar código arbitrario en el host a través de comandos ATAPI no especificados. A heap buffer overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with the CDROM drive enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU process corresponding to the guest. • http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163472.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163658.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163681.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00042.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00017.html http://lists.opensuse.org/opensuse-security-annou • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.3EPSS: 1%CPEs: 6EXPL: 0

CVE-2015-5146

https://notcve.org/view.php?id=CVE-2015-5146

ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash) via a NULL byte in a crafted configuration directive packet. ntpd en ntp en versiones anteriores a la 4.2.8p3 con la configuración remota habilitada permite que usuarios remotos autenticados que conozcan la contraseña de configuración y acceso a un ordenador asignado para realizar configuraciones remotas provoquen una denegación de servicio (bloque de servicio) mediante un byte NULL en una directiva de paquete de configuración manipulada. • http://bugs.ntp.org/show_bug.cgi?id=2853 http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu http://www.debian.org/security/2015/dsa-3388 http://www.securityfocus.com/bid/75589 http://www.securitytracker.com/ • CWE-20: Improper Input Validation •