VIR Vulnerability Intelligence Relay

Search

Found 213 results in 60ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2011-3346 medium 4.0 rhel qemu 12y ago Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest c…
CVE-2011-4111 medium 6.8 FIX rheldebian debian qemu 12y ago Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows remote attackers to cause a denial of service (crash) an…
CVE-2013-4344 high 7.2 FIX slesubuntu ubuntu rhel qemuredhat 13y ago Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a R…
CVE-2013-2007 medium 6.9 FIX debian debian qemu 13y ago The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.
CVE-2012-6075 critical 9.3 FIX ubuntu ubuntu rhelsuse suse qemuredhat 14y ago Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a…
CVE-2012-3515 high 7.2 FIX suse suse rheldebian debian qemuredhat 14y ago Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 seq…
CVE-2012-2652 medium 4.4 FIX debian debian qemu 14y ago The bdrv_open function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink att…
CVE-2011-2212 high 7.4 qemu 14y ago Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier allows privileged guest users to cause a denial of service (guest crash) or gain privileges via a crafted indirect descriptor re…
CVE-2011-1751 high 7.4 qemu 14y ago The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power Management emulation in qemu-kvm does not check if a device is hotpluggable before unplugging the PCI-ISA bridge, which allows privilege…
CVE-2011-1750 high 7.4 qemu 14y ago Multiple heap-based buffer overflows in the virtio-blk driver (hw/virtio-blk.c) in qemu-kvm 0.14.0 allow local guest users to cause a denial of service (guest crash) and possibly gain privileges via …
CVE-2011-0011 medium 4.3 qemu 14y ago qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions.
CVE-2010-0741 high 7.8 linux-kernel kvm_qumranetqemu 16y ago The virtio_net_bad_features function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remot…
CVE-2010-0297 high 7.2 qemu 17y ago Buffer overflow in the usb_host_handle_control function in the USB passthrough handling implementation in usb-linux.c in QEMU before 0.11.1 allows guest OS users to cause a denial of service (guest O…