Max CVSS 10.0 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2015-8745 2.1
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the
13-02-2023 - 00:55 29-12-2016 - 22:59
CVE-2015-8744 2.1
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest sends a Layer-2 packet smaller than 22 bytes. A privileged (CAP_SYS_RAWIO) guest user could use this flaw to c
13-02-2023 - 00:55 29-12-2016 - 22:59
CVE-2015-8504 3.5
Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.
13-02-2023 - 00:55 11-04-2017 - 19:59
CVE-2015-7549 2.1
The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method.
13-02-2023 - 00:54 30-10-2017 - 14:29
CVE-2015-7512 6.8
Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet.
13-02-2023 - 00:54 08-01-2016 - 21:59
CVE-2015-7504 4.6
Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode.
13-02-2023 - 00:53 16-10-2017 - 20:29
CVE-2015-5279 7.2
Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
13-02-2023 - 00:52 28-09-2015 - 16:59
CVE-2015-5225 7.2
Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via
13-02-2023 - 00:52 06-11-2015 - 21:59
CVE-2015-1779 7.8
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
13-02-2023 - 00:46 12-01-2016 - 19:59
CVE-2016-1568 6.9
Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ)
12-02-2023 - 23:16 12-04-2016 - 02:00
CVE-2015-8666 3.3
Heap-based buffer overflow in QEMU, when built with the Q35-chipset-based PC system emulator.
12-02-2023 - 23:15 11-04-2017 - 19:59
CVE-2015-8558 4.9
The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list.
12-02-2023 - 23:15 23-05-2016 - 19:59
CVE-2015-6855 5.0
hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_
15-12-2021 - 17:05 06-11-2015 - 21:59
CVE-2015-3456 7.7
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_
17-11-2021 - 22:15 13-05-2015 - 18:59
CVE-2015-8345 2.1
The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.
14-12-2020 - 19:45 13-04-2017 - 17:59
CVE-2015-8701 2.1
QEMU (aka Quick Emulator) built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit (tx) descriptors in 'tx_consume' routine, if a descriptor was to have more than allowed (ROCKER_TX_FRA
10-11-2020 - 18:53 29-12-2016 - 22:59
CVE-2015-8743 3.6
QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged (CAP_SYS_RAWIO) user/process could use this flaw to leak or corru
29-10-2020 - 17:25 29-12-2016 - 22:59
CVE-2015-8568 4.7
Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly.
10-09-2020 - 17:42 11-04-2017 - 19:59
CVE-2015-7295 5.0
hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service (guest network consumption) via a flood of jumbo frames on th
09-09-2020 - 15:14 09-11-2015 - 16:59
CVE-2015-8567 6.8
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
09-09-2020 - 15:12 13-04-2017 - 17:59
CVE-2015-8556 10.0
Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.
27-03-2017 - 19:15 24-03-2017 - 14:59
Back to Top Mark selected
Back to Top