Lucene search
K

151 matches found

Debian CVE
Debian CVE
added 2014/11/04 9:0 p.m.37 views

CVE-2013-4537

The ssisdtransfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image...

7.5CVSS8.6AI score0.02927EPSS
Exploits0
Debian CVE
Debian CVE
added 2014/11/04 9:0 p.m.39 views

CVE-2013-4531

Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative value in cpregvmstatearraylen in a savevm image...

7.5CVSS8.7AI score0.04124EPSS
Exploits0
Debian CVE
Debian CVE
added 2014/11/04 9:0 p.m.39 views

CVE-2013-4538

Multiple buffer overflows in the ssd0323load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via crafted 1 cmdlen, 2 row, or 3 col values; 4 rowstart and rowend values; or 5 colstar and...

7.5CVSS9AI score0.04056EPSS
Exploits0
Debian CVE
Debian CVE
added 2014/11/04 9:0 p.m.42 views

CVE-2013-4541

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

7.5CVSS8.6AI score0.03975EPSS
Exploits0
Cvelist
Cvelist
added 2014/11/04 9:0 p.m.21 views

CVE-2013-4542

The virtioscsiloadrequest function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access...

8.6AI score0.0495EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2014/11/04 9:0 p.m.36 views

CVE-2013-4540

Buffer overflow in scoopgpiohandlerupdate in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a large 1 prevlevel, 2 gpiolevel, or 3 gpiodir value in a savevm image...

7.5CVSS8.8AI score0.04554EPSS
Exploits0
Debian CVE
Debian CVE
added 2014/11/04 9:0 p.m.36 views

CVE-2013-6399

Array index error in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image...

7.5CVSS8.5AI score0.03871EPSS
Exploits0
CVE
CVE
added 2014/11/04 9:0 p.m.83 views

CVE-2013-4540

CVE-2013-4540 affects QEMU’s savevm handling: a buffer overflow in scoop_gpio_handler_update (in QEMU before 1.7.2) can allow remote code execution via crafted values in a savevm image (prev_level, gpio_level, or gpio_dir). Affected product/component: QEMU, vulnerable function: scoop_gpio_handler...

7.5CVSS8.7AI score0.04554EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2014/11/04 9:0 p.m.24 views

CVE-2013-4542

The virtioscsiloadrequest function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access...

7.5CVSS8.6AI score0.0495EPSS
Exploits0
Debian CVE
Debian CVE
added 2014/11/04 9:0 p.m.45 views

CVE-2013-4539

Multiple buffer overflows in the tsc210xload function in hw/input/tsc210x.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted 1 precision, 2 nextprecision, 3 function, or 4 nextfunction value in a savevm image...

7.5CVSS8.9AI score0.04255EPSS
Exploits0
CVE
CVE
added 2014/11/04 9:0 p.m.84 views

CVE-2013-4542

CVE-2013-4542 affects QEMU up to version 1.7.2, where virtio_scsi_load_request in hw/scsi/scsi-bus.c could be triggered by a crafted savevm image, causing an out-of-bounds access and potentially arbitrary code execution. Impact is linked to remote attackers via savevm/data state handling; vendor ...

7.5CVSS8.5AI score0.0495EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2014/09/22 4:0 a.m.14 views

qemu: virtio: out-of-bounds buffer write on state load with invalid config_len

Heap-based buffer overflow in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image...

7.5CVSS7.3AI score0.05412EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/09/22 4:0 a.m.3 views

qemu: virtio-scsi: buffer overrun on invalid state load

The virtioscsiloadrequest function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access...

7.5CVSS7.1AI score0.0495EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/09/22 4:0 a.m.9 views

qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

7.5CVSS7.1AI score0.03975EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/09/22 4:0 a.m.3 views

qemu: virtio: insufficient validation of num_sg when mapping

The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...

8.8CVSS7AI score0.00957EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/09/22 4:0 a.m.7 views

qemu: hw/pci/pcie_aer.c: buffer overrun on invalid state load

Buffer overflow in hw/pci/pcieaer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large lognum value in a savevm image...

7.5CVSS7.2AI score0.0328EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/09/22 4:0 a.m.7 views

qemu: virtio: buffer overrun on incoming migration

Array index error in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image...

7.5CVSS7.2AI score0.03871EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/09/22 4:0 a.m.5 views

qemu: virtio: out-of-bounds buffer write on invalid state load

The virtioload function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write...

7.5CVSS7.2AI score0.0513EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/09/22 4:0 a.m.3 views

qemu: virtio-net: buffer overflow on invalid state load

Integer signedness error in the virtionetload function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow...

7.5CVSS7.5AI score0.04944EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/07/24 3:38 p.m.12 views

qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

7.5CVSS7.1AI score0.03975EPSS
Exploits0References4
Rows per page
Query Builder