Max CVSS 7.5 Min CVSS 1.9 Total Count32
IDCVSSSummaryLast (major) updatePublished
CVE-2014-0146 1.9
The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapsh
10-08-2017 - 11:29 10-08-2017 - 11:29
CVE-2014-0145 4.6
Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/q
10-08-2017 - 11:29 10-08-2017 - 11:29
CVE-2014-0143 4.4
Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bo
10-08-2017 - 11:29 10-08-2017 - 11:29
CVE-2014-0142 2.1
QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function
10-08-2017 - 11:29 10-08-2017 - 11:29
CVE-2014-3615 2.1
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.
02-01-2017 - 21:59 01-11-2014 - 19:55
CVE-2014-7815 5.0
The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.
07-12-2016 - 22:06 14-11-2014 - 10:59
CVE-2014-0222 7.5
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.
06-12-2016 - 22:00 04-11-2014 - 16:55
CVE-2014-0223 4.6
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read
28-11-2016 - 14:10 04-11-2014 - 16:55
CVE-2014-3640 2.1
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized s
31-08-2016 - 10:53 07-11-2014 - 14:55
CVE-2013-4540 7.5
Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a large (1) prev_level, (2) gpio_level, or (3) gpio_dir value in a savevm image.
20-11-2015 - 10:50 04-11-2014 - 16:55
CVE-2014-5263 6.8
vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_END_OF_LIST macro, which allows attackers to cause a denial of service (out-of-bounds access, infinite loop, and memory corruption) and possibly gain p
18-11-2014 - 22:02 26-08-2014 - 10:55
CVE-2014-3689 7.2
The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling.
14-11-2014 - 12:05 14-11-2014 - 10:59
CVE-2014-3461 6.8
hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."
05-11-2014 - 13:50 04-11-2014 - 16:55
CVE-2013-4150 7.5
The virtio_net_load function in hw/net/virtio-net.c in QEMU 1.5.0 through 1.7.x before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors in which the value of curr_queues is greater than max_que
05-11-2014 - 11:26 04-11-2014 - 16:55
CVE-2013-4149 7.5
Buffer overflow in virtio_net_load function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table.
05-11-2014 - 11:24 04-11-2014 - 16:55
CVE-2013-4537 7.5
The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image.
05-11-2014 - 10:42 04-11-2014 - 16:55
CVE-2013-4538 7.5
Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) co
05-11-2014 - 10:41 04-11-2014 - 16:55
CVE-2013-4539 7.5
Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a save
05-11-2014 - 10:40 04-11-2014 - 16:55
CVE-2013-4541 7.5
The usb_device_post_load function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setup_len or setup_index value.
05-11-2014 - 10:36 04-11-2014 - 16:55
CVE-2013-4542 7.5
The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access.
05-11-2014 - 10:34 04-11-2014 - 16:55
CVE-2013-6399 7.5
Array index error in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image.
05-11-2014 - 10:32 04-11-2014 - 16:55
CVE-2014-0182 7.5
Heap-based buffer overflow in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image.
05-11-2014 - 10:28 04-11-2014 - 16:55
CVE-2013-4531 7.5
Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative value in cpreg_vmstate_array_len in a savevm image.
05-11-2014 - 10:18 04-11-2014 - 16:55
CVE-2013-4533 7.5
Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image.
05-11-2014 - 10:16 04-11-2014 - 16:55
CVE-2013-4534 7.5
Buffer overflow in hw/intc/openpic.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to IRQDest elements.
05-11-2014 - 10:15 04-11-2014 - 16:55
CVE-2013-4148 7.5
Integer signedness error in the virtio_net_load function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow.
05-11-2014 - 10:12 04-11-2014 - 16:55
CVE-2013-4530 7.5
Buffer overflow in hw/ssi/pl022.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted tx_fifo_head and rx_fifo_head values in a savevm image.
05-11-2014 - 10:03 04-11-2014 - 16:55
CVE-2013-4529 7.5
Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large log_num value in a savevm image.
05-11-2014 - 10:00 04-11-2014 - 16:55
CVE-2013-4526 7.5
Buffer overflow in hw/ide/ahci.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via vectors related to migrating ports.
05-11-2014 - 09:57 04-11-2014 - 16:55
CVE-2013-4527 7.5
Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers.
05-11-2014 - 09:56 04-11-2014 - 16:55
CVE-2013-4151 7.5
The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write.
05-11-2014 - 09:28 04-11-2014 - 16:55
CVE-2014-0150 4.9
Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.
10-05-2014 - 00:01 18-04-2014 - 10:55
Back to Top Mark selected
Back to Top