Max CVSS | 7.5 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2014-3640 | 2.1 |
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized s
|
13-02-2023 - 00:41 | 07-11-2014 - 19:55 | |
CVE-2014-0222 | 7.5 |
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.
|
13-02-2023 - 00:37 | 04-11-2014 - 21:55 | |
CVE-2014-0223 | 4.6 |
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read
|
13-02-2023 - 00:37 | 04-11-2014 - 21:55 | |
CVE-2014-0146 | 1.9 |
The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapsh
|
13-02-2023 - 00:32 | 10-08-2017 - 15:29 | |
CVE-2014-0143 | 4.4 |
Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bo
|
13-02-2023 - 00:32 | 10-08-2017 - 15:29 | |
CVE-2014-0145 | 4.6 |
Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/q
|
13-02-2023 - 00:32 | 10-08-2017 - 15:29 | |
CVE-2014-0142 | 2.1 |
QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function
|
13-02-2023 - 00:32 | 10-08-2017 - 15:29 | |
CVE-2014-3615 | 2.1 |
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.
|
11-08-2020 - 15:49 | 01-11-2014 - 23:55 |