Skip to main content
CVE-2016-4020 MEDIUM PATCH This Month

The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Information Disclosure Qemu Ubuntu Linux Debian Linux Openstack +7
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2014-3672 MEDIUM This Month

The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Libvirt Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-4575 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the email APP in Huawei PLK smartphones with software AL10C00 before AL10C00B211 and AL10C92 before AL10C92B211; ATH smartphones with software AL00C00. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Huawei Ath Firmware Ath Rio Firmware +3
NVD
CVSS 3.0
6.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy