Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2017
CVE-2017-5552
Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-03-15
CVE-2017-5578
Memory leak in the virtio_gpu_resource_attach_backing function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-03-15
CVE-2017-5579
Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVSS Score
6.5
EPSS Score
0.001
Published
2017-03-15
CVE-2017-5580
The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and process crash) via a crafted texture instruction.
CVSS Score
7.1
EPSS Score
0.001
Published
2017-03-15
CVE-2017-6189
Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer.
CVSS Score
7.3
EPSS Score
0.001
Published
2017-03-15
CVE-2017-6437
The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.
CVSS Score
5.0
EPSS Score
0.001
Published
2017-03-15
CVE-2017-6438
Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file.
CVSS Score
7.3
EPSS Score
0.002
Published
2017-03-15
CVE-2017-6439
Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.
CVSS Score
5.0
EPSS Score
0.001
Published
2017-03-15
CVE-2017-6440
The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
CVSS Score
5.0
EPSS Score
0.001
Published
2017-03-15
CVE-2017-6505
The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-9330.
CVSS Score
6.5
EPSS Score
0.001
Published
2017-03-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved