CVE-2016-2178
- EPSS 1.17%
- Veröffentlicht 20.06.2016 01:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.
CVE-2016-5300
- EPSS 6.54%
- Veröffentlicht 16.06.2016 18:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists beca...
- EPSS 0.39%
- Veröffentlicht 16.06.2016 18:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via crafted values for the PSTART and PSTO...
CVE-2016-2392
- EPSS 0.4%
- Veröffentlicht 16.06.2016 18:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
The is_rndis function in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 does not properly validate USB configuration descriptor objects, which allows local guest OS administrators to cause a denial of service (NULL pointer de...
- EPSS 0.4%
- Veröffentlicht 16.06.2016 18:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers.
CVE-2012-6702
- EPSS 2.37%
- Veröffentlicht 16.06.2016 18:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.
CVE-2016-5338
- EPSS 0.5%
- Veröffentlicht 14.06.2016 14:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information tran...
CVE-2016-5337
- EPSS 0.43%
- Veröffentlicht 14.06.2016 14:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information.
CVE-2016-5238
- EPSS 0.42%
- Veröffentlicht 14.06.2016 14:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.
CVE-2016-4579
- EPSS 3.21%
- Veröffentlicht 13.06.2016 19:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via unspecified vectors, related to the "returned length of the object from _ksba_ber_parse_tl."