Lucene search
K

204 matches found

Veracode
Veracode
added 2019/01/15 8:53 a.m.30 views

Remote Code Execution (RCE)

QEMU is vulnerable to remote code execution. An integer overflow in the virtionetload function in hw/net/virtio-net.c allows a remote attacker to execute arbitrary code via a malicious savevm image...

7.5CVSS8.9AI score0.04944EPSS
Exploits0References17Affected Software2
OpenVAS
OpenVAS
added 2015/03/06 12:0 a.m.39 views

RedHat Update for qemu-kvm RHSA-2015:0349-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.04115EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2015/03/05 9:37 a.m.35 views

Important: Red Hat Security Advisory: qemu-kvm-rhev security, bug fix, and enhancement update

Updated qemu-kvm-rhev packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Virtualization Hypervisor 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring Syste...

7.5CVSS7.4AI score0.04115EPSS
Exploits0References96
RedHat Linux
RedHat Linux
added 2015/03/05 7:27 a.m.5 views

qemu: insufficient parameter validation during ram load

It was found that certain values that were read when loading RAM during migration were not validated. A user able to alter the savevm data either on the disk or over the wire during migration could use either of these flaws to corrupt QEMU process memory on the destination host, which could...

7.5CVSS7.8AI score0.04115EPSS
Exploits0References4
OSV
OSV
added 2014/12/12 3:59 p.m.12 views

CVE-2014-7840

The hostfromstreamoffset function in archinit.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted 1 offset or 2 length value in savevm data...

7.3AI score
Exploits0References7
Prion
Prion
added 2014/12/12 3:59 p.m.21 views

Design/Logic Flaw

The hostfromstreamoffset function in archinit.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted 1 offset or 2 length value in savevm data...

7.5CVSS7.9AI score0.04115EPSS
Exploits0References6Affected Software7
Debian CVE
Debian CVE
added 2014/12/12 3:0 p.m.29 views

CVE-2014-7840

The hostfromstreamoffset function in archinit.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted 1 offset or 2 length value in savevm data...

7.5CVSS8.7AI score0.04115EPSS
Exploits0
OSV
OSV
added 2014/12/11 7:10 p.m.7 views

USN-2439-1 qemu, qemu-kvm vulnerabilities

Michael S. Tsirkin discovered that QEMU incorrectly handled certain parameters during ram load while performing a migration. An attacker able to manipulate savevm data could use this issue to possibly execute arbitrary code on the host. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS,...

7.5CVSS7.4AI score0.04115EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2014/11/14 12:0 a.m.6 views

PT-2014-8307 · Qemu +5 · Qemu +5

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: The issue allows remote attackers to execute arbitrary code via a crafted offset or length value in savevm data, specifically in the host from stream offset function in arch init.c when loadin...

7.8CVSS7.7AI score0.04115EPSS
Exploits0References57
OSV
OSV
added 2014/11/04 9:55 p.m.1 views

DEBIAN-CVE-2013-4542

The virtioscsiloadrequest function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access...

7.5CVSS7.9AI score0.0495EPSS
Exploits0References1
NVD
NVD
added 2014/11/04 9:55 p.m.16 views

CVE-2013-4542

The virtioscsiloadrequest function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access...

7.5CVSS8.6AI score0.0495EPSS
Exploits0References5
NVD
NVD
added 2014/11/04 9:55 p.m.21 views

CVE-2013-6399

Array index error in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image...

7.5CVSS8.7AI score0.03871EPSS
Exploits0References5
NVD
NVD
added 2014/11/04 9:55 p.m.12 views

CVE-2014-0182

Heap-based buffer overflow in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image...

7.5CVSS8.8AI score0.05412EPSS
Exploits0References5
OSV
OSV
added 2014/11/04 9:55 p.m.5 views

CVE-2014-0182

Heap-based buffer overflow in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image...

8.8AI score
Exploits0References7
NVD
NVD
added 2014/11/04 9:55 p.m.19 views

CVE-2014-3461

hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."...

6.8CVSS8.8AI score0.02696EPSS
Exploits0References4
OSV
OSV
added 2014/11/04 9:55 p.m.3 views

DEBIAN-CVE-2013-6399

Array index error in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image...

7.5CVSS6.9AI score0.03871EPSS
Exploits0References1
OSV
OSV
added 2014/11/04 9:55 p.m.5 views

CVE-2013-4542

The virtioscsiloadrequest function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access...

8.6AI score
Exploits0References7
OSV
OSV
added 2014/11/04 9:55 p.m.2 views

DEBIAN-CVE-2014-0182

Heap-based buffer overflow in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image...

7.5CVSS7.2AI score0.05412EPSS
Exploits0References1
OSV
OSV
added 2014/11/04 9:55 p.m.2 views

DEBIAN-CVE-2014-3461

hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."...

6.8CVSS7.3AI score0.02696EPSS
Exploits0References1
OSV
OSV
added 2014/11/04 9:55 p.m.7 views

CVE-2013-4151

The virtioload function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write...

8.7AI score
Exploits0References6
Rows per page
Query Builder