CVE-2010-0297
- EPSS 0.52%
- Veröffentlicht 12.02.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:15:53
Buffer overflow in the usb_host_handle_control function in the USB passthrough handling implementation in usb-linux.c in QEMU before 0.11.1 allows guest OS users to cause a denial of service (guest OS crash or hang) or possibly execute arbitrary code...
CVE-2009-3616
- EPSS 3.88%
- Veröffentlicht 23.10.2009 18:30:00
- Zuletzt bearbeitet 16.06.2026 23:12:01
Multiple use-after-free vulnerabilities in vnc.c in the VNC server in QEMU 0.10.6 and earlier might allow guest OS users to execute arbitrary code on the host OS by establishing a connection from a VNC client and then (1) disconnecting during data tr...
CVE-2008-4539
- EPSS 0.54%
- Veröffentlicht 29.12.2008 15:24:23
- Zuletzt bearbeitet 16.06.2026 22:58:01
Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap over...
- EPSS 6.62%
- Veröffentlicht 24.12.2008 18:29:15
- Zuletzt bearbeitet 16.06.2026 22:53:40
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
CVE-2008-5714
- EPSS 2.11%
- Veröffentlicht 24.12.2008 18:29:15
- Zuletzt bearbeitet 16.06.2026 23:00:51
Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended.
CVE-2008-4553
- EPSS 0.49%
- Veröffentlicht 15.10.2008 20:07:42
- Zuletzt bearbeitet 16.06.2026 22:58:03
qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories.
CVE-2008-1945
- EPSS 0.47%
- Veröffentlicht 08.08.2008 19:41:00
- Zuletzt bearbeitet 16.06.2026 22:52:48
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different for...
CVE-2008-2004
- EPSS 0.51%
- Veröffentlicht 12.05.2008 22:20:00
- Zuletzt bearbeitet 16.06.2026 22:52:55
The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the gue...
CVE-2008-0928
- EPSS 0.37%
- Veröffentlicht 03.03.2008 22:44:00
- Zuletzt bearbeitet 16.06.2026 22:50:37
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.
CVE-2007-6227
- EPSS 0.71%
- Veröffentlicht 04.12.2007 18:46:00
- Zuletzt bearbeitet 16.06.2026 22:47:38
QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to overwrite the TranslationBlock (code_gen_buffer) buffer, and probably have unspecified other impacts related to an "overflow," via certain Windows executable programs, as dem...