CVE-2016-9914
- EPSS 0.43%
- Veröffentlicht 29.12.2016 22:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in FileOperations.
CVE-2016-9915
- EPSS 0.44%
- Veröffentlicht 29.12.2016 22:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the handle back...
CVE-2016-9916
- EPSS 0.44%
- Veröffentlicht 29.12.2016 22:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the proxy backen...
CVE-2016-7966
- EPSS 2.35%
- Veröffentlicht 23.12.2016 22:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which gre...
CVE-2016-8707
- EPSS 3.65%
- Veröffentlicht 23.12.2016 22:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code ex...
CVE-2016-9907
- EPSS 0.41%
- Veröffentlicht 23.12.2016 22:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memo...
CVE-2016-9911
- EPSS 0.37%
- Veröffentlicht 23.12.2016 22:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in ...
CVE-2016-9921
- EPSS 0.39%
- Veröffentlicht 23.12.2016 22:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw ...
CVE-2013-1430
- EPSS 1.33%
- Veröffentlicht 16.12.2016 09:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a know...
CVE-2016-9964
- EPSS 1.76%
- Veröffentlicht 16.12.2016 09:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
redirect() in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect("233\r\nSet-Cookie: name=salt") call.