VYPR

linux

by Debian

Source repositories

CVEs (3,015)

  • CVE-2015-8613MedApr 11, 2017
    risk 0.42cvss 6.5epss 0.00

    Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command.

  • CVE-2015-8568MedApr 11, 2017
    risk 0.42cvss 6.5epss 0.00

    Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly.

  • CVE-2015-8504MedApr 11, 2017
    risk 0.42cvss 6.5epss 0.03

    Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.

  • CVE-2016-10149HigMar 24, 2017
    risk 0.42cvss 7.5epss 0.04

    XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAML XML request or response.

  • CVE-2017-5856MedMar 16, 2017
    risk 0.42cvss 6.5epss 0.00

    Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over…

  • CVE-2017-5667MedMar 16, 2017
    risk 0.42cvss 6.5epss 0.00

    The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data…

  • CVE-2017-5579MedMar 15, 2017
    risk 0.42cvss 6.5epss 0.00

    Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

  • CVE-2017-5526MedMar 15, 2017
    risk 0.42cvss 6.5epss 0.00

    Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

  • CVE-2017-5525MedMar 15, 2017
    risk 0.42cvss 6.5epss 0.00

    Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

  • CVE-2016-10197HigMar 15, 2017
    risk 0.42cvss 7.5epss 0.05

    The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname.

  • CVE-2016-10196HigMar 15, 2017
    risk 0.42cvss 7.5epss 0.05

    Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument.

  • CVE-2016-7798HigJan 30, 2017
    risk 0.42cvss 7.5epss 0.03

    The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism.

  • CVE-2017-3258MedJan 27, 2017
    risk 0.42cvss 6.5epss 0.03

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access…

  • CVE-2017-3257MedJan 27, 2017
    risk 0.42cvss 6.5epss 0.03

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols…

  • CVE-2016-10159HigJan 24, 2017
    risk 0.42cvss 7.5epss 0.08

    Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PHAR archive.

  • CVE-2016-9916MedDec 29, 2016
    risk 0.42cvss 6.5epss 0.00

    Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the proxy backend.

  • CVE-2016-9915MedDec 29, 2016
    risk 0.42cvss 6.5epss 0.00

    Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the handle backend.

  • CVE-2016-9914MedDec 29, 2016
    risk 0.42cvss 6.5epss 0.00

    Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in FileOperations.

  • CVE-2016-9921MedDec 23, 2016
    risk 0.42cvss 6.5epss 0.00

    Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process…

  • CVE-2016-9911MedDec 23, 2016
    risk 0.42cvss 6.5epss 0.00

    Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.

Page 59 of 151