CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Integer signedness error in the virtionetload function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow...

7.5CVSS8.2AI score0.03127EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 5:36 a.m.•1 views

SUSE CVE-2013-4151

The virtioload function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write...

7.5CVSS7.9AI score0.01385EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 5:35 a.m.•0 views

SUSE CVE-2013-4530

Buffer overflow in hw/ssi/pl022.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted txfifohead and rxfifohead values in a savevm image...

7.5CVSS8.2AI score0.02424EPSS

Exploits0References12

SUSE CVE•added 2023/02/15 5:35 a.m.•1 views

SUSE CVE-2013-4529

Buffer overflow in hw/pci/pcieaer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large lognum value in a savevm image...

7.5CVSS8.1AI score0.02104EPSS

Exploits0References9

SUSE CVE•added 2023/02/15 5:35 a.m.•1 views

SUSE CVE-2013-4531

Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative value in cpregvmstatearraylen in a savevm image...

7.5CVSS8.1AI score0.02001EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 5:35 a.m.•1 views

SUSE CVE-2013-4535

The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...

8.8CVSS7.5AI score0.0038EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 5:35 a.m.•1 views

SUSE CVE-2013-4537

The ssisdtransfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image...

7.5CVSS7.9AI score0.01904EPSS

Exploits0References12

SUSE CVE•added 2023/02/15 5:35 a.m.•1 views

SUSE CVE-2013-4538

Multiple buffer overflows in the ssd0323load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via crafted 1 cmdlen, 2 row, or 3 col values; 4 rowstart and rowend values; or 5 colstar and...

7.5CVSS8.1AI score0.02548EPSS

Exploits0References13

SUSE CVE•added 2023/02/15 5:35 a.m.•1 views

SUSE CVE-2013-4539

Multiple buffer overflows in the tsc210xload function in hw/input/tsc210x.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted 1 precision, 2 nextprecision, 3 function, or 4 nextfunction value in a savevm image...

7.5CVSS8.1AI score0.04287EPSS

Exploits0References13

SUSE CVE•added 2023/02/15 5:35 a.m.•2 views

SUSE CVE-2013-4541

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

7.5CVSS7.9AI score0.01728EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 5:35 a.m.•1 views

SUSE CVE-2013-4542

The virtioscsiloadrequest function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access...

7.5CVSS7.9AI score0.02095EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by