Total
392 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-6227 | 1 Qemu | 1 Qemu | 2018-10-15 | 7.2 HIGH | N/A |
QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to overwrite the TranslationBlock (code_gen_buffer) buffer, and probably have unspecified other impacts related to an "overflow," via certain Windows executable programs, as demonstrated by qemu-dos.com. | |||||
CVE-2017-15038 | 1 Qemu | 1 Qemu | 2018-09-07 | 1.9 LOW | 5.6 MEDIUM |
Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to reading extended attributes. | |||||
CVE-2014-3471 | 1 Qemu | 1 Qemu | 2018-01-31 | 2.1 LOW | 5.5 MEDIUM |
Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU instance crash) via hotplug and hotunplug operations of Virtio block devices. | |||||
CVE-2008-2004 | 1 Qemu | 1 Qemu | 2017-09-28 | 4.9 MEDIUM | N/A |
The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted. | |||||
CVE-2017-8380 | 1 Qemu | 1 Qemu | 2017-09-05 | 7.5 HIGH | 9.8 CRITICAL |
Buffer overflow in the "megasas_mmio_write" function in Qemu 2.9.0 allows remote attackers to have unspecified impact via unknown vectors. | |||||
CVE-2008-5714 | 1 Qemu | 1 Qemu | 2017-08-07 | 7.8 HIGH | N/A |
Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended. | |||||
CVE-2008-4553 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2017-08-07 | 7.2 HIGH | N/A |
qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories. | |||||
CVE-2015-8556 | 1 Qemu | 1 Qemu | 2017-03-27 | 10.0 HIGH | 10.0 CRITICAL |
Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1. | |||||
CVE-2013-4375 | 2 Qemu, Xen | 2 Qemu, Xen | 2017-01-06 | 2.7 LOW | N/A |
The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors. | |||||
CVE-2015-4037 | 1 Qemu | 1 Qemu | 2016-12-23 | 1.9 LOW | N/A |
The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program. | |||||
CVE-2014-5263 | 1 Qemu | 1 Qemu | 2014-11-18 | 6.8 MEDIUM | N/A |
vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_END_OF_LIST macro, which allows attackers to cause a denial of service (out-of-bounds access, infinite loop, and memory corruption) and possibly gain privileges via unspecified vectors. | |||||
CVE-2013-4377 | 1 Qemu | 1 Qemu | 2014-03-05 | 2.3 LOW | N/A |
Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by "hot-unplugging" a virtio device. |