Search CVE reports
1 – 5 of 5 results
CVE-2019-15678
Medium prioritySome fixes available 1 of 117
TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution.. This attack appear to be exploitable via network connectivity.
11 affected packages
bochs, directvnc, libvncserver, ssvnc, tightvnc...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
bochs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
directvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libvncserver | Not affected | Not affected | Not affected | Not affected | Not affected |
ssvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
vino | Not affected | Not affected | Not affected | Not affected | Not affected |
vlc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
vncsnapshot | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
x2vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2019-15890
Low prioritySome fixes available 14 of 130
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
20 affected packages
android, basilisk2, bochs, fs-uae, libslirp...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
basilisk2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
bochs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
fs-uae | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libslirp | Not affected | Not affected | Not affected | Not in release | Not in release |
ns3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
qemu | Fixed | Fixed | Fixed | Fixed | Fixed |
qemu-kvm | Not in release | Not in release | Not in release | Not in release | Not in release |
qemu-kvm-spice | Not in release | Not in release | Not in release | Not in release | Not in release |
qemu-linaro | Not in release | Not in release | Not in release | Not in release | Not in release |
redboot-imx | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
slirp | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
slirp4netns | Not affected | Not affected | Not affected | Not in release | Not in release |
vde2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
virtualbox | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
virtualbox-hwe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
virtualbox-lts-vivid | Not in release | Not in release | Not in release | Not in release | Not in release |
virtualbox-lts-wily | Not in release | Not in release | Not in release | Not in release | Not in release |
virtualbox-lts-xenial | Not in release | Not in release | Not in release | Not in release | Not in release |
xen | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2019-14378
Low prioritySome fixes available 14 of 87
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
13 affected packages
android, basilisk2, bochs, fs-uae, libslirp...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
basilisk2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
bochs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
fs-uae | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libslirp | Not affected | Not affected | Not affected | Not in release | Not in release |
qemu | Fixed | Fixed | Fixed | Fixed | Fixed |
qemu-kvm | Not in release | Not in release | Not in release | Not in release | Not in release |
qemu-kvm-spice | Not in release | Not in release | Not in release | Not in release | Not in release |
qemu-linaro | Not in release | Not in release | Not in release | Not in release | Not in release |
slirp | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
slirp4netns | Not affected | Not affected | Not affected | Not in release | Not in release |
vde2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
xen | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2007-2894
Unknown priorityThe emulated floppy disk controller in Bochs 2.3 allows local users of the guest operating system to cause a denial of service (virtual machine crash) via unspecified vectors, resulting in a divide-by-zero error.
1 affected packages
bochs
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
bochs | — | — | — | — | — |
CVE-2007-2893
Medium prioritySome fixes available 5 of 13
Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users of the guest operating system to write to arbitrary memory locations and gain privileges...
4 affected packages
bochs, kvm, qemu, qemu-kvm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
bochs | — | — | — | — | — |
kvm | — | — | — | — | — |
qemu | — | — | — | — | — |
qemu-kvm | — | — | — | — | — |