Max CVSS 8.3 Min CVSS 1.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2014-0222 7.5
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.
02-11-2020 - 14:39 04-11-2014 - 21:55
CVE-2014-0223 4.6
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read
02-11-2020 - 14:39 04-11-2014 - 21:55
CVE-2014-3615 2.1
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.
11-08-2020 - 15:49 01-11-2014 - 23:55
CVE-2014-7206 3.6
The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file.
08-01-2020 - 15:22 15-10-2014 - 14:55
CVE-2014-0143 4.4
Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bo
22-04-2019 - 17:48 10-08-2017 - 15:29
CVE-2014-7154 6.1
Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service via unspecified vectors.
30-10-2018 - 16:27 02-10-2014 - 14:55
CVE-2014-7155 5.8
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges
30-10-2018 - 16:27 02-10-2014 - 14:55
CVE-2014-7188 8.3
The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other gues
30-10-2018 - 16:26 02-10-2014 - 14:55
CVE-2014-7156 3.3
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of servi
30-10-2018 - 16:26 02-10-2014 - 14:55
CVE-2014-3640 2.1
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized s
04-11-2017 - 01:29 07-11-2014 - 19:55
CVE-2014-0146 1.9
The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapsh
04-11-2017 - 01:29 10-08-2017 - 15:29
CVE-2014-0145 4.6
Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/q
04-11-2017 - 01:29 10-08-2017 - 15:29
CVE-2014-0142 2.1
QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function
04-11-2017 - 01:29 10-08-2017 - 15:29
CVE-2003-0188 7.2
lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories.
11-10-2017 - 01:29 09-06-2003 - 04:00
CVE-2013-2072 7.4
Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service (memory corruption and xend toolstack crash) a
31-12-2016 - 02:59 28-08-2013 - 21:55
CVE-2014-3683 5.0
Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash) via a large priority (PRI) value. NOTE: this vulnerability exists because of an incomplete fix fo
18-10-2016 - 03:44 02-11-2014 - 00:55
CVE-2014-3634 7.5
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an
18-10-2016 - 03:44 02-11-2014 - 00:55
CVE-2014-7204 5.0
jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service (infinite loop and CPU and disk consumption) via a crafted JavaScript file.
30-08-2016 - 14:10 07-10-2014 - 14:55
CVE-2014-7295 3.5
The (1) Special:Preferences and (2) Special:UserLogin pages in MediaWiki before 1.19.20, 1.22.x before 1.22.12 and 1.23.x before 1.23.5 allows remote authenticated users to conduct cross-site scripting (XSS) attacks or have unspecified other impact v
06-08-2015 - 16:28 07-10-2014 - 14:55
CVE-2014-6424 5.0
The dissect_v9_v10_pdu_data function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a den
05-11-2014 - 08:28 20-09-2014 - 10:55
CVE-2014-6432 5.0
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial
05-11-2014 - 08:28 20-09-2014 - 10:55
CVE-2014-6422 5.0
The SDP dissector in Wireshark 1.10.x before 1.10.10 creates duplicate hashtables for a media channel, which allows remote attackers to cause a denial of service (application crash) via a crafted packet to the RTP dissector.
05-11-2014 - 08:28 20-09-2014 - 10:55
CVE-2014-6430 5.0
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not validate bitmask data, which allows remote attackers to cause a denial of service (application c
05-11-2014 - 08:28 20-09-2014 - 10:55
CVE-2014-6431 5.0
Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted
05-11-2014 - 08:28 20-09-2014 - 10:55
CVE-2014-6429 5.0
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not properly handle empty input data, which allows remote attackers to cause a denial of service (ap
05-11-2014 - 08:28 20-09-2014 - 10:55
CVE-2014-6427 5.0
Off-by-one error in the is_rtsp_request_or_reply function in epan/dissectors/packet-rtsp.c in the RTSP dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via
05-11-2014 - 08:28 20-09-2014 - 10:55
CVE-2014-6428 5.0
The dissect_spdu function in epan/dissectors/packet-ses.c in the SES dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not initialize a certain ID value, which allows remote attackers to cause a denial of service (application
05-11-2014 - 08:28 20-09-2014 - 10:55
CVE-2014-6423 5.0
The tvb_raw_text_add function in epan/dissectors/packet-megaco.c in the MEGACO dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (infinite loop) via an empty line.
05-11-2014 - 08:28 20-09-2014 - 10:55
Back to Top Mark selected
Back to Top