exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2025-11234

около 2 месяцев назад

A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication.

CVSS3: 7.5

EPSS: Низкий

CVE-2025-11234

около 2 месяцев назад

A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication.

CVSS3: 7.5

EPSS: Низкий

CVE-2025-11234

около 1 месяца назад

Qemu-kvm: vnc websocket handshake use-after-free

EPSS: Низкий

CVE-2025-11234

около 2 месяцев назад

A flaw was found in QEMU. If the QIOChannelWebsock object is freed whi ...

CVSS3: 7.5

EPSS: Низкий

GHSA-hm8v-8c3v-cxfq

около 2 месяцев назад

A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication.

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-11234 A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication.	CVSS3: 7.5	0% Низкий	около 2 месяцев назад
CVE-2025-11234 A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication.	CVSS3: 7.5	0% Низкий	около 2 месяцев назад
CVE-2025-11234 Qemu-kvm: vnc websocket handshake use-after-free		0% Низкий	около 1 месяца назад
CVE-2025-11234 A flaw was found in QEMU. If the QIOChannelWebsock object is freed whi ...	CVSS3: 7.5	0% Низкий	около 2 месяцев назад
GHSA-hm8v-8c3v-cxfq A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication.	CVSS3: 7.5	0% Низкий	около 2 месяцев назад

Уязвимостей на страницу