| Max CVSS | 10.0 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-3456 | 7.7 |
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_
|
22-04-2019 - 17:48 | 13-05-2015 - 18:59 | |
| CVE-2015-8567 | 6.8 |
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
|
30-10-2018 - 16:27 | 13-04-2017 - 17:59 | |
| CVE-2015-8666 | 1.9 |
Heap-based buffer overflow in QEMU, when built with the Q35-chipset-based PC system emulator.
|
07-09-2018 - 10:29 | 11-04-2017 - 19:59 | |
| CVE-2015-7512 | 6.8 |
Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet.
|
05-01-2018 - 02:30 | 08-01-2016 - 21:59 | |
| CVE-2015-7504 | 4.6 |
Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode.
|
05-01-2018 - 02:30 | 16-10-2017 - 20:29 | |
| CVE-2015-5279 | 7.2 |
Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
|
28-12-2017 - 02:29 | 28-09-2015 - 16:59 | |
| CVE-2015-7549 | 2.1 |
The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method.
|
21-11-2017 - 15:31 | 30-10-2017 - 14:29 | |
| CVE-2016-1568 | 9.3 |
Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ)
|
04-11-2017 - 01:29 | 12-04-2016 - 02:00 | |
| CVE-2015-8745 | 2.1 |
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the
|
04-11-2017 - 01:29 | 29-12-2016 - 22:59 | |
| CVE-2015-8744 | 2.1 |
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest sends a Layer-2 packet smaller than 22 bytes. A privileged (CAP_SYS_RAWIO) guest user could use this flaw to c
|
04-11-2017 - 01:29 | 29-12-2016 - 22:59 | |
| CVE-2015-8743 | 3.6 |
QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged (CAP_SYS_RAWIO) user/process could use this flaw to leak or corru
|
04-11-2017 - 01:29 | 29-12-2016 - 22:59 | |
| CVE-2015-8568 | 4.7 |
Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly.
|
04-11-2017 - 01:29 | 11-04-2017 - 19:59 | |
| CVE-2015-8558 | 4.9 |
The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list.
|
04-11-2017 - 01:29 | 23-05-2016 - 19:59 | |
| CVE-2015-8504 | 3.5 |
Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.
|
04-11-2017 - 01:29 | 11-04-2017 - 19:59 | |
| CVE-2015-8345 | 2.1 |
The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.
|
04-11-2017 - 01:29 | 13-04-2017 - 17:59 | |
| CVE-2015-7295 | 5.0 |
hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service (guest network consumption) via a flood of jumbo frames on th
|
04-11-2017 - 01:29 | 09-11-2015 - 16:59 | |
| CVE-2015-5225 | 7.2 |
Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via
|
04-11-2017 - 01:29 | 06-11-2015 - 21:59 | |
| CVE-2015-8701 | 2.1 |
QEMU (aka Quick Emulator) built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit (tx) descriptors in 'tx_consume' routine, if a descriptor was to have more than allowed (ROCKER_TX_FRA
|
01-07-2017 - 01:29 | 29-12-2016 - 22:59 | |
| CVE-2015-6855 | 10.0 |
hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_
|
01-07-2017 - 01:29 | 06-11-2015 - 21:59 | |
| CVE-2015-1779 | 7.8 |
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
|
01-07-2017 - 01:29 | 12-01-2016 - 19:59 | |
| CVE-2015-8556 | 10.0 |
Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.
|
27-03-2017 - 19:15 | 24-03-2017 - 14:59 |