{"vulnerability": "CVE-2020-14364", "sightings": [{"uuid": "fe839476-1ce8-4a44-aad9-c83538ca82ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14364", "type": "seen", "source": "https://t.me/arpsyndicate/1971", "content": "#ExploitObserverAlert\n\nCVE-2020-14364\n\nDESCRIPTION: Exploit Observer has 25 entries related to CVE-2020-14364. An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.\n\nFIRST-EPSS: 0.000470000\nNVD-IS: 3.7\nNVD-ES: 0.8", "creation_timestamp": "2023-12-18T11:20:57.000000Z"}]}