Page 45 of 404 results (0.019 seconds)

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0

Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIO_GPU_CMD_GET_CAPSET' command. A guest user/process could use this flaw to leak contents of the host memory bytes. Quick Emulator (Qemu) construido con el soporte de emulador Virtio GPU Device es vulnerable a un problema de fuga de información. Podría ocurrir mientras se procesa el comando 'VIRTIO_GPU_CMD_GET_CAPSET'. • http://www.openwall.com/lists/oss-security/2016/12/08/4 http://www.securityfocus.com/bid/94761 https://security.gentoo.org/glsa/201701-49 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0

Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS. Quick emulator (Qemu) construido con el soporte Cirrus CLGD 54xx VGA Emulator es vulnerable a un problema de división por cero. Podría ocurrir mientras se copian datos VGA cuando el modo de gráficos cirrus estaba configurado para ser VGA. • http://www.openwall.com/lists/oss-security/2016/12/09/1 http://www.securityfocus.com/bid/94803 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://security.gentoo.org/glsa/201701-49 https://access.redhat.com/security/cve/CVE-2016-9921 https://bugzilla.redhat.com/show_bug.cgi?id=1334398 • CWE-369: Divide By Zero •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while destroying gpu resource object in 'virtio_gpu_resource_destroy'. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for a host. Quick Emulator (Qemu) construido con el soporte de emulador Virtio GPU Device es vulnerable a un problema de fuga de memoria. Podría ocurrir mientras se destruye el objeto de recurso gpu en 'virtio_gpu_resource_destroy'. • http://www.openwall.com/lists/oss-security/2016/12/08/6 http://www.securityfocus.com/bid/94760 https://security.gentoo.org/glsa/201701-49 • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Quick Emulator (Qemu) built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS. Quick Emulator (Qemu) construido con el soporte backend 'chardev' es vulnerable a un problema de uso después de liberación. Podría ocurrir mientras el dispositivo se conecta en caliente y se desenchufa en el huésped. • http://www.openwall.com/lists/oss-security/2016/12/09/2 http://www.securityfocus.com/bid/94827 https://security.gentoo.org/glsa/201701-49 • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0

Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host. Quick Emulator (Qemu) construido con el soporte del USB redirector usb-guest es vulnerable a una falla de fuga de memoria. Podría ocurrir mientras se destruye el redirector USB en 'usbredir_handle_destroy'. • http://www.openwall.com/lists/oss-security/2016/12/08/3 http://www.securityfocus.com/bid/94759 https://access.redhat.com/errata/RHSA-2017:2392 https://access.redhat.com/errata/RHSA-2017:2408 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://security.gentoo.org/glsa/201701-49 https://access.redhat.com/security/cve/CVE-2016-9907 https://bugzilla.redhat.com/show_bug.cgi?id=1402265 • CWE-244: Improper Clearing of Heap Memory Before Release ('Heap Inspection') CWE-772: Missing Release of Resource after Effective Lifetime •