Skip to main content
CVE-2016-9188 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerabilities in Moodle CMS on or before 3.1.2 allow remote attackers to inject arbitrary web script or HTML via the s_additionalhtmlhead, s_additionalhtmltopofbody, and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Moodle
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-8668 MEDIUM PATCH This Month

The rocker_io_writel function in hw/net/rocker/rocker.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds read and QEMU process crash) by. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Denial Of Service Buffer Overflow Qemu Leap
NVD
CVSS 3.1
6.0
EPSS
0.1%
CVE-2016-8576 MEDIUM PATCH This Month

The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Qemu Leap Openstack Virtualization +1
NVD
CVSS 3.1
6.0
EPSS
0.1%
CVE-2016-8578 MEDIUM PATCH This Month

The v9fs_iov_vunmarshal function in fsdev/9p-iov-marshal.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Qemu Leap Debian Linux
NVD
CVSS 3.1
6.0
EPSS
0.1%
CVE-2016-8577 MEDIUM PATCH This Month

Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors related to an I/O. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux Leap
NVD
CVSS 3.1
6.0
EPSS
0.1%
CVE-2016-8910 MEDIUM PATCH This Month

The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux Leap Openstack +1
NVD
CVSS 3.1
6.0
EPSS
0.1%
CVE-2016-8669 MEDIUM PATCH This Month

The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Qemu Leap Openstack Virtualization +1
NVD
CVSS 3.1
6.0
EPSS
0.1%
CVE-2016-8667 MEDIUM PATCH This Month

The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Qemu Leap Debian Linux
NVD
CVSS 3.1
6.0
EPSS
0.1%
CVE-2016-8909 MEDIUM PATCH This Month

The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Intel Qemu Debian Linux Leap +2
NVD
CVSS 3.1
6.0
EPSS
0.0%
CVE-2016-9189 MEDIUM PATCH This Month

Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Information Disclosure Pillow Debian Linux
NVD GitHub
CVSS 3.0
5.5
EPSS
0.4%
CVE-2016-9185 MEDIUM This Month

In OpenStack Heat, by launching a new Heat stack with a local URL an authenticated user may conduct network discovery revealing internal network configuration. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Heat
NVD
CVSS 3.0
4.3
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy