Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kvm group qemu-kvm vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-0358
A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory...
Qemu Qemu
Redhat Enterprise Linux 8.0
5.6
CVSSv3
CVE-2019-11091
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c...
Intel Microarchitectural Data Sampling Uncacheable Memory Firmware -
Fedoraproject Fedora 29
3 Github repositories
1 Article
5.6
CVSSv3
CVE-2018-12126
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found...
Intel Microarchitectural Store Buffer Data Sampling Firmware -
Fedoraproject Fedora 29
3 Github repositories
1 Article
5.6
CVSSv3
CVE-2018-12127
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:...
Intel Microarchitectural Load Port Data Sampling Firmware -
Fedoraproject Fedora 29
2 Github repositories
1 Article
5.6
CVSSv3
CVE-2018-12130
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h...
Intel Microarchitectural Fill Buffer Data Sampling Firmware -
Fedoraproject Fedora 29
3 Github repositories
1 Article
NA
CVE-2011-2512
The virtio_queue_notify in qemu-kvm 0.14.0 and previous versions does not properly validate the virtqueue number, which allows guest users to cause a denial of service (guest crash) and possibly execute arbitrary code via a negative number in the Queue Notify field of the Virtio ...
Kvm Group Qemu-kvm 0.12
Kvm Group Qemu-kvm
NA
CVE-2011-2212
Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and previous versions allows privileged guest users to cause a denial of service (guest crash) or gain privileges via a crafted indirect descriptor related to "virtqueue in and out requests."
Qemu Qemu 0.12.2
Qemu Qemu 0.12.0
Qemu Qemu 0.1.6
Qemu Qemu 0.13.0
Qemu Qemu 0.5.3
Qemu Qemu 0.4.2
Qemu Qemu 0.10.3
Qemu Qemu 0.11.0-rc1
Qemu Qemu 0.1.5
Qemu Qemu 0.5.1
Qemu Qemu 0.8.2
Qemu Qemu 0.11.0
Qemu Qemu 0.5.5
Qemu Qemu 0.10.1
Qemu Qemu 0.9.0
Qemu Qemu 0.7.2
Qemu Qemu 0.12.5
Qemu Qemu 0.1.3
Qemu Qemu 0.14.0
Qemu Qemu 0.11.1
Qemu Qemu 0.7.1
Qemu Qemu 0.9.1-5
NA
CVE-2011-2527
The change_process_uid function in os-posix.c in Qemu 0.14.0 and previous versions does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.
Qemu Qemu 0.12.2
Qemu Qemu 0.12.0
Qemu Qemu 0.1.6
Qemu Qemu 0.13.0
Qemu Qemu 0.4.2
Qemu Qemu 0.10.3
Qemu Qemu 0.11.0-rc1
Qemu Qemu 0.1.5
Qemu Qemu 0.8.2
Qemu Qemu 0.11.0
Qemu Qemu 0.10.1
Qemu Qemu 0.9.0
Qemu Qemu 0.7.2
Qemu Qemu 0.12.5
Qemu Qemu 0.1.3
Qemu Qemu 0.14.0
Qemu Qemu 0.11.1
Qemu Qemu 0.7.1
Qemu Qemu 0.9.1-5
Qemu Qemu 0.15.0
Qemu Qemu
Qemu Qemu 0.14.1
NA
CVE-2012-0029
Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets.
Kvm Group Qemu-kvm 0.12
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started