VIR Vulnerability Intelligence Relay

Search

Found 14 results in 21ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2017-16845 critical 10.0 10.0 FIX slesdebian debianubuntu ubuntu qemu 9y ago hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.
CVE-2017-8380 critical 9.8 9.8 FIX slesdebian debian qemu 9y ago Buffer overflow in the "megasas_mmio_write" function in Qemu 2.9.0 allows remote attackers to have unspecified impact via unknown vectors.
CVE-2015-8556 critical 10.0 10.0 EXPFIX slesdebian debian qemu 9y ago Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.
CVE-2016-9908 low 3.3 3.3 FIX slesdebian debian qemu 10y ago Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIO_GPU_CMD_GET_CAPSET' command. A guest use…
CVE-2016-7161 critical 9.8 9.8 FIX slesdebian debian qemu 10y ago Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet.
CVE-2016-4002 critical 9.8 9.8 FIX slesdebian debianubuntu ubuntu qemu 10y ago Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory cor…
CVE-2015-7512 critical 9.0 9.0 FIX rheldebian debian qemuredhat 11y ago Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary …
CVE-2015-4037 low 1.9 FIX debian debian qemu 11y ago The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creati…
CVE-2014-3640 low 2.1 FIX debian debianubuntu ubuntu rhel qemu 12y ago The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and a…
CVE-2014-3615 low 2.1 FIX slesdebian debiansuse suse qemuredhat 12y ago The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.
CVE-2013-4375 low 2.7 FIX debian debian qemu 13y ago The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) v…
CVE-2013-4377 low 2.3 FIX debian debian qemu 13y ago Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by "hot-unplugging" a virtio device.
CVE-2012-6075 critical 9.3 FIX ubuntu ubuntu rhelsuse suse qemuredhat 14y ago Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a…
CVE-2011-2527 low 2.1 qemu 14y ago The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted fi…