| Max CVSS | 7.8 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-4539 | 7.2 |
Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap over
|
14-05-2021 - 18:37 | 29-12-2008 - 15:24 | |
| CVE-2008-1945 | 2.1 |
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different for
|
16-12-2020 - 00:34 | 08-08-2008 - 19:41 | |
| CVE-2008-2382 | 5.0 |
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
|
02-11-2020 - 14:39 | 24-12-2008 - 18:29 | |
| CVE-2008-2004 | 4.9 |
The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the gue
|
29-09-2017 - 01:30 | 12-05-2008 - 22:20 | |
| CVE-2008-5714 | 7.8 |
Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended.
|
08-08-2017 - 01:33 | 24-12-2008 - 18:29 |