CVE-2013-4344
- EPSS 0.43%
- Veröffentlicht 04.10.2013 17:55:09
- Zuletzt bearbeitet 29.04.2026 01:13:23
Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command.
CVE-2013-2007
- EPSS 0.38%
- Veröffentlicht 21.05.2013 18:55:02
- Zuletzt bearbeitet 29.04.2026 01:13:23
The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.
CVE-2012-6075
- EPSS 4.9%
- Veröffentlicht 13.02.2013 01:55:03
- Zuletzt bearbeitet 29.04.2026 01:13:23
Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly ex...
CVE-2012-3515
- EPSS 0.53%
- Veröffentlicht 23.11.2012 20:55:03
- Zuletzt bearbeitet 16.06.2026 23:43:23
Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device mode...
CVE-2012-2652
- EPSS 0.34%
- Veröffentlicht 07.08.2012 20:55:03
- Zuletzt bearbeitet 16.06.2026 23:41:48
The bdrv_open function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink attack on an unspecified temporary file.
CVE-2011-1751
- EPSS 0.75%
- Veröffentlicht 21.06.2012 15:55:09
- Zuletzt bearbeitet 16.06.2026 23:29:57
The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power Management emulation in qemu-kvm does not check if a device is hotpluggable before unplugging the PCI-ISA bridge, which allows privileged guest users to cause a denial of service (guest c...
CVE-2011-2212
- EPSS 0.71%
- Veröffentlicht 21.06.2012 15:55:09
- Zuletzt bearbeitet 16.06.2026 23:30:56
Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier allows privileged guest users to cause a denial of service (guest crash) or gain privileges via a crafted indirect descriptor related to "virtqueue in and out requests."
CVE-2011-2527
- EPSS 0.44%
- Veröffentlicht 21.06.2012 15:55:09
- Zuletzt bearbeitet 16.06.2026 23:31:31
The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.
CVE-2011-1750
- EPSS 0.72%
- Veröffentlicht 21.06.2012 15:55:08
- Zuletzt bearbeitet 16.06.2026 23:29:57
Multiple heap-based buffer overflows in the virtio-blk driver (hw/virtio-blk.c) in qemu-kvm 0.14.0 allow local guest users to cause a denial of service (guest crash) and possibly gain privileges via a (1) write request to the virtio_blk_handle_write ...
CVE-2011-0011
- EPSS 1.31%
- Veröffentlicht 21.06.2012 15:55:05
- Zuletzt bearbeitet 16.06.2026 23:26:36
qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions.