Ubuntu_linux - Vulncode-DB

Date	Id	Summary	Products	Score
2018-12-20	CVE-2018-20126	hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled.	Ubuntu_linux, Leap, Qemu	N/A
2018-12-20	CVE-2018-20125	hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings.	Ubuntu_linux, Qemu	N/A
2018-12-20	CVE-2018-20124	hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.	Ubuntu_linux, Qemu	N/A
2018-11-02	CVE-2018-16847	An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU process.	Ubuntu_linux, Qemu	N/A
2018-04-23	CVE-2017-17833	OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.	Ubuntu_linux, Debian_linux, Bm_nextscale_fan_power_controller, Cmm, Fan_power_controller, Flex_system_fc3171_8gb_san_switch_firmware, Imm1, Imm2, Storage_n3310_firmware, Storage_n4610_firmware, Thinkserver_rd340_firmware, Thinkserver_rd350_firmware, Thinkserver_rd350g_firmware, Thinkserver_rd350x_firmware, Thinkserver_rd440_firmware, Thinkserver_rd450_firmware, Thinkserver_rd450x_firmware, Thinkserver_rd540_firmware, Thinkserver_rd550_firmware, Thinkserver_rd640_firmware, Thinkserver_rd650_firmware, Thinkserver_rq750_firmware, Thinkserver_rs160_firmware, Thinkserver_sd350_firmware, Thinkserver_td340_firmware, Thinkserver_td350_firmware, Thinkserver_ts460_firmware, Thinksystem_hr630x_firmware, Thinksystem_hr650x_firmware, Thinksystem_sr630_firmware, Xclarity_administrator, Openslp, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation	9.8
2016-06-01	CVE-2016-4454	The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read.	Ubuntu_linux, Debian_linux, Qemu	N/A
2016-06-01	CVE-2016-4453	The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command.	Ubuntu_linux, Debian_linux, Qemu	N/A
2016-05-20	CVE-2016-4441	The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command.	Ubuntu_linux, Debian_linux, Qemu	N/A
2016-05-20	CVE-2016-4439	The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the QEMU host via unspecified vectors.	Ubuntu_linux, Debian_linux, Qemu	N/A
2014-12-03	CVE-2014-8104	OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.	Ubuntu_linux, Debian_linux, Mageia, Opensuse, Openvpn, Openvpn_access_server	N/A

Product: Ubuntu_linux (Canonical)

Product:
Ubuntu_linux
(Canonical)