Skip to main content
CVE-2020-13361 LOW PATCH Monitor

In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an. Rated low severity (CVSS 3.9). This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Qemu Debian Linux Leap +1
NVD
CVSS 3.1
3.9
EPSS
0.4%
CVE-2020-13362 LOW PATCH Monitor

In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Qemu Debian Linux Leap +1
NVD
CVSS 3.1
3.2
EPSS
0.4%
CVE-2020-4248 LOW Monitor

IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Security Identity Governance And Intelligence
NVD
CVSS 3.1
2.7
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy