Lucene search
K

204 matches found

OSV
OSV
added 2014/11/04 9:55 p.m.7 views

CVE-2013-4537

The ssisdtransfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image...

9AI score
Exploits0References4
OSV
OSV
added 2014/11/04 9:55 p.m.2 views

DEBIAN-CVE-2013-4539

Multiple buffer overflows in the tsc210xload function in hw/input/tsc210x.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted 1 precision, 2 nextprecision, 3 function, or 4 nextfunction value in a savevm image...

7.5CVSS9AI score0.04255EPSS
Exploits0References1
OSV
OSV
added 2014/11/04 9:55 p.m.7 views

CVE-2013-4151

The virtioload function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write...

8.7AI score
Exploits0References6
OSV
OSV
added 2014/11/04 9:55 p.m.2 views

DEBIAN-CVE-2013-4537

The ssisdtransfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image...

7.5CVSS7.2AI score0.02927EPSS
Exploits0References1
Prion
Prion
added 2014/11/04 9:55 p.m.17 views

Code injection

The ssisdtransfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image...

7.5CVSS7.8AI score0.02927EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2014/11/04 9:55 p.m.13 views

Buffer overflow

Buffer overflow in hw/ssi/pl022.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted txfifohead and rxfifohead values in a savevm image...

7.5CVSS8.6AI score0.0523EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2014/11/04 9:55 p.m.15 views

Buffer overflow

Multiple buffer overflows in the ssd0323load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via crafted 1 cmdlen, 2 row, or 3 col values; 4 rowstart and rowend values; or 5 colstar and...

7.5CVSS8.4AI score0.04056EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2014/11/04 9:55 p.m.19 views

Integer overflow

Integer signedness error in the virtionetload function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow...

7.5CVSS7.9AI score0.04944EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2014/11/04 9:55 p.m.11 views

Out-of-bounds

The virtioscsiloadrequest function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access...

7.5CVSS7.7AI score0.0495EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2014/11/04 9:55 p.m.24 views

Out-of-bounds

The virtioload function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write...

7.5CVSS7.7AI score0.0513EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2014/11/04 9:55 p.m.19 views

Buffer overflow

Buffer overflow in hw/pci/pcieaer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large lognum value in a savevm image...

7.5CVSS8.2AI score0.0328EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2014/11/04 9:55 p.m.21 views

Buffer overflow

Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative value in cpregvmstatearraylen in a savevm image...

7.5CVSS8.3AI score0.04124EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2014/11/04 9:55 p.m.18 views

Buffer overflow

Buffer overflow in the pxa2xxsspload function in hw/arm/pxa2xx.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s-rxlevel value in a savevm image...

7.5CVSS8.5AI score0.04124EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2014/11/04 9:55 p.m.13 views

Heap overflow

Heap-based buffer overflow in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image...

7.5CVSS8.2AI score0.05412EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2014/11/04 9:55 p.m.14 views

Buffer overflow

Multiple buffer overflows in the tsc210xload function in hw/input/tsc210x.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted 1 precision, 2 nextprecision, 3 function, or 4 nextfunction value in a savevm image...

7.5CVSS7.9AI score0.04255EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/11/04 9:0 p.m.27 views

CVE-2013-4533

Buffer overflow in the pxa2xxsspload function in hw/arm/pxa2xx.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s-rxlevel value in a savevm image...

8.7AI score0.04124EPSS
Exploits0References4
Cvelist
Cvelist
added 2014/11/04 9:0 p.m.26 views

CVE-2013-4541

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

8.6AI score0.03975EPSS
Exploits0References5
CVE
CVE
added 2014/11/04 9:0 p.m.80 views

CVE-2013-4540

CVE-2013-4540 affects QEMU’s savevm handling: a buffer overflow in scoop_gpio_handler_update (in QEMU before 1.7.2) can allow remote code execution via crafted values in a savevm image (prev_level, gpio_level, or gpio_dir). Affected product/component: QEMU, vulnerable function: scoop_gpio_handler...

7.5CVSS8.7AI score0.04554EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2014/11/04 9:0 p.m.89 views

CVE-2014-3461

CVE-2014-3461 affects QEMU 1.6.2 (hw/usb/bus.c). The issue arises from crafted savevm data triggering a heap-based buffer overflow related to USB post load checks, enabling remote code execution with network access (CVSS v2 base 6.8). No specific exploit details, affected platforms, or patched ve...

6.8CVSS7.2AI score0.02696EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/11/04 9:0 p.m.22 views

CVE-2014-3461

hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."...

7.4AI score0.02696EPSS
Exploits0References4
Rows per page
Query Builder