Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
leads vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2018-15746
qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.
Qemu Qemu
5.5
CVSSv3
CVE-2018-19364
hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.
Qemu Qemu
Qemu Qemu 3.1.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Opensuse Leap 42.3
4.7
CVSSv3
CVE-2018-19489
v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.
Qemu Qemu
Qemu Qemu 3.1.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Opensuse Leap 42.3
5.5
CVSSv3
CVE-2018-18849
In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.
Qemu Qemu 3.0.0
Opensuse Leap 42.3
Opensuse Leap 15.0
Fedoraproject Fedora 29
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
5.5
CVSSv3
CVE-2018-18954
The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu prior to 3.1 allows out-of-bounds write or read access to PowerNV memory.
Qemu Qemu
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Opensuse Leap 42.3
9.8
CVSSv3
CVE-2018-17963
qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows malicious users to cause a denial of service or possibly have unspecified other impact.
Qemu Qemu
Qemu Qemu 3.1.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Openstack 10
Redhat Openstack 13
Redhat Openstack 14
Redhat Virtualization 4.0
Redhat Virtualization Manager 4.3
7.5
CVSSv3
CVE-2018-12617
qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploit...
Qemu Qemu
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 EDB exploit
7.5
CVSSv3
CVE-2017-16944
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote malicious users to cause a denial of service (infinite loop and stack exhaustion) via vectors involving BDAT commands and an improper check for a '.' character signifying the en...
Exim Exim 4.88
Exim Exim 4.89
Debian Debian Linux 9.0
1 EDB exploit
1 Github repository
1 Article
NA
CVE-2010-0842
Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was...
Sun Jre 1.6.0
Sun Jre
Sun Jdk 1.6.0
Sun Jdk
Sun Jdk 1.5.0
Sun Sdk 1.4.2
Sun Sdk 1.4.2 14
Sun Sdk 1.4.2 15
Sun Sdk 1.4.2 6
Sun Sdk 1.4.2 7
Sun Sdk 1.4.2 24
Sun Sdk
Sun Sdk 1.4.2 02
Sun Sdk 1.4.2 1
Sun Sdk 1.4.2 16
Sun Sdk 1.4.2 17
Sun Sdk 1.4.2 8
Sun Sdk 1.4.2 9
Sun Sdk 1.4.2 12
Sun Sdk 1.4.2 13
Sun Sdk 1.4.2 4
Sun Sdk 1.4.2 5
1 EDB exploit
2 Articles
7.5
CVSSv3
CVE-2018-17958
Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.
Qemu Qemu
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Virtualization 4.0
Redhat Virtualization Manager 4.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »