| Max CVSS | 9.3 | Min CVSS | 4.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-5165 | 9.3 |
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
|
13-02-2023 - 00:50 | 12-08-2015 - 14:59 | |
| CVE-2015-5154 | 7.2 |
Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.
|
13-02-2023 - 00:50 | 12-08-2015 - 14:59 | |
| CVE-2015-3209 | 7.5 |
Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.
|
13-02-2023 - 00:48 | 15-06-2015 - 15:59 | |
| CVE-2015-4164 | 4.9 |
The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via a hypercall_iret call with EFLAGS.VM set.
|
30-10-2018 - 16:26 | 15-06-2015 - 15:59 |