Vulnerabilities > Redhat > Virtualization > 3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-29 | CVE-2014-0144 | Improper Input Validation vulnerability in multiple products QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process. | 8.6 |
| 2022-09-29 | CVE-2014-0147 | Integer Overflow or Wraparound vulnerability in multiple products Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling update_refcount() routine. | 6.2 |
| 2022-09-29 | CVE-2014-0148 | Infinite Loop vulnerability in multiple products Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other potential issues when calculating BAT entries, due to missing bounds checks for block_size and logical_sector_size variables. | 5.5 |
| 2020-02-11 | CVE-2013-4535 | Improper Input Validation vulnerability in multiple products The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read. | 8.8 |
| 2019-11-22 | CVE-2015-1780 | Incorrect Authorization vulnerability in Redhat Ovirt-Engine and Virtualization oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center | 4.0 |
| 2018-08-20 | CVE-2015-5160 | Information Exposure vulnerability in multiple products libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing. | 2.1 |
| 2018-07-26 | CVE-2017-7539 | Reachable Assertion vulnerability in multiple products An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. | 7.5 |
| 2017-08-02 | CVE-2017-10664 | qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt. | 5.0 |
| 2017-07-25 | CVE-2017-7980 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation. | 4.6 |
| 2016-08-02 | CVE-2016-5403 | Resource Exhaustion vulnerability in multiple products The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion. | 4.9 |