| Max CVSS | 9.3 | Min CVSS | 4.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-5165 | 9.3 |
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
|
13-02-2023 - 00:50 | 12-08-2015 - 14:59 | |
| CVE-2015-5154 | 7.2 |
Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.
|
13-02-2023 - 00:50 | 12-08-2015 - 14:59 | |
| CVE-2015-1779 | 7.8 |
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
|
13-02-2023 - 00:46 | 12-01-2016 - 19:59 | |
| CVE-2014-8106 | 4.6 |
Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for
|
13-02-2023 - 00:42 | 08-12-2014 - 16:59 | |
| CVE-2015-3456 | 7.7 |
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_
|
17-11-2021 - 22:15 | 13-05-2015 - 18:59 |