Qemu

Qemu

422 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.6

CVE-2014-8106

  • EPSS 0.18%
  • Published 08.12.2014 16:59:01
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for...

4.6

CVE-2014-5388

  • EPSS 0.11%
  • Published 15.11.2014 21:59:05
  • Last modified 12.04.2025 10:46:40

Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corr...

5

CVE-2014-7815

  • EPSS 5.23%
  • Published 14.11.2014 15:59:01
  • Last modified 12.04.2025 10:46:40

The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.

7.2

CVE-2014-3689

  • EPSS 0.09%
  • Published 14.11.2014 15:59:00
  • Last modified 12.04.2025 10:46:40

The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling.

2.1

CVE-2014-3640

  • EPSS 0.05%
  • Published 07.11.2014 19:55:02
  • Last modified 12.04.2025 10:46:40

The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized s...

7.5

CVE-2013-4542

  • EPSS 2.1%
  • Published 04.11.2014 21:55:25
  • Last modified 12.04.2025 10:46:40

The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access.

7.5

CVE-2013-6399

  • EPSS 1.54%
  • Published 04.11.2014 21:55:25
  • Last modified 12.04.2025 10:46:40

Array index error in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image.

7.5

CVE-2014-0182

  • EPSS 3.5%
  • Published 04.11.2014 21:55:25
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image.

7.5

CVE-2014-0222

Exploit
  • EPSS 0.89%
  • Published 04.11.2014 21:55:25
  • Last modified 12.04.2025 10:46:40

Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.

4.6

CVE-2014-0223

Exploit
  • EPSS 0.09%
  • Published 04.11.2014 21:55:25
  • Last modified 12.04.2025 10:46:40

Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read...