Shodan
Vulnerabilities
Vulnerable Software
Qemu:  >> Qemu  >> 1.6.0  Security Vulnerabilities
CVE-2014-7840
The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.
CVSS Score
7.5
EPSS Score
0.025
Published
2014-12-12
CVE-2014-8106
Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320.
CVSS Score
4.6
EPSS Score
0.002
Published
2014-12-08
CVE-2014-5388
Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corruption.
CVSS Score
4.6
EPSS Score
0.001
Published
2014-11-15
CVE-2014-7815
The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.
CVSS Score
5.0
EPSS Score
0.038
Published
2014-11-14
CVE-2014-3689
The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling.
CVSS Score
7.2
EPSS Score
0.001
Published
2014-11-14
CVE-2013-4542
The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access.
CVSS Score
7.5
EPSS Score
0.021
Published
2014-11-04
CVE-2013-6399
Array index error in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image.
CVSS Score
7.5
EPSS Score
0.015
Published
2014-11-04
CVE-2014-0182
Heap-based buffer overflow in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image.
CVSS Score
7.5
EPSS Score
0.035
Published
2014-11-04
CVE-2014-0222
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.
CVSS Score
7.5
EPSS Score
0.009
Published
2014-11-04
CVE-2014-0223
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read.
CVSS Score
4.6
EPSS Score
0.001
Published
2014-11-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved