Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qemu qemu 0.9.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2004
The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted.
Qemu Qemu 0.9.1
NA
CVE-2008-5714
Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote malicious users to guess the VNC password, which is limited to seven characters where eight was intended.
Qemu Qemu 0.9.1
NA
CVE-2008-4553
qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories.
Qemu Qemu 0.9.1-5
NA
CVE-2010-0297
Buffer overflow in the usb_host_handle_control function in the USB passthrough handling implementation in usb-linux.c in QEMU prior to 0.11.1 allows guest OS users to cause a denial of service (guest OS crash or hang) or possibly execute arbitrary code on the host OS via a crafte...
Qemu Qemu 0.1.6
Qemu Qemu 0.5.3
Qemu Qemu 0.4.2
Qemu Qemu 0.10.3
Qemu Qemu 0.11.0-rc1
Qemu Qemu 0.1.5
Qemu Qemu 0.5.1
Qemu Qemu 0.8.2
Qemu Qemu 0.5.5
Qemu Qemu 0.10.1
Qemu Qemu 0.9.0
Qemu Qemu 0.7.2
Qemu Qemu 0.1.3
Qemu Qemu 0.7.1
Qemu Qemu 0.9.1-5
Qemu Qemu 0.5.0
Qemu Qemu 0.8.1
Qemu Qemu 0.11.0-rc2
Qemu Qemu 0.10.0
Qemu Qemu 0.4.1
Qemu Qemu
Qemu Qemu 0.5.2
NA
CVE-2011-2527
The change_process_uid function in os-posix.c in Qemu 0.14.0 and previous versions does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.
Qemu Qemu 0.12.4
Qemu Qemu 0.12.0
Qemu Qemu 0.11.0
Qemu Qemu 0.10.2
Qemu Qemu 0.9.1
Qemu Qemu 0.7.1
Qemu Qemu 0.7.0
Qemu Qemu 0.3.0
Qemu Qemu 0.2.0
Qemu Qemu 0.15.0
Qemu Qemu 0.1.5
Qemu Qemu 0.11.0-rc1
Qemu Qemu 0.13.0
Qemu Qemu 0.12.1
Qemu Qemu 0.10.5
Qemu Qemu 0.9.1-5
Qemu Qemu 0.9.0
Qemu Qemu 0.6.1
Qemu Qemu 0.6.0
Qemu Qemu
Qemu Qemu 0.12.3
Qemu Qemu 0.12.2
NA
CVE-2011-2212
Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and previous versions allows privileged guest users to cause a denial of service (guest crash) or gain privileges via a crafted indirect descriptor related to "virtqueue in and out requests."
Qemu Qemu 0.12.2
Qemu Qemu 0.12.0
Qemu Qemu 0.1.6
Qemu Qemu 0.13.0
Qemu Qemu 0.5.3
Qemu Qemu 0.4.2
Qemu Qemu 0.10.3
Qemu Qemu 0.11.0-rc1
Qemu Qemu 0.1.5
Qemu Qemu 0.5.1
Qemu Qemu 0.8.2
Qemu Qemu 0.11.0
Qemu Qemu 0.5.5
Qemu Qemu 0.10.1
Qemu Qemu 0.9.0
Qemu Qemu 0.7.2
Qemu Qemu 0.12.5
Qemu Qemu 0.1.3
Qemu Qemu 0.14.0
Qemu Qemu 0.11.1
Qemu Qemu 0.7.1
Qemu Qemu 0.9.1-5
NA
CVE-2011-1751
The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power Management emulation in qemu-kvm does not check if a device is hotpluggable before unplugging the PCI-ISA bridge, which allows privileged guest users to cause a denial of service (guest crash) and possibly execute arb...
Qemu Qemu 1.0
Qemu Qemu 0.12.2
Qemu Qemu 0.12.0
Qemu Qemu 1.1
Qemu Qemu 0.1.6
Qemu Qemu 0.13.0
Qemu Qemu 0.5.3
Qemu Qemu 0.4.2
Qemu Qemu 0.10.3
Qemu Qemu 0.11.0-rc1
Qemu Qemu 0.1.5
Qemu Qemu 0.5.1
Qemu Qemu 0.8.2
Qemu Qemu 0.11.0
Qemu Qemu 0.5.5
Qemu Qemu 0.10.1
Qemu Qemu 0.9.0
Qemu Qemu 0.7.2
Qemu Qemu 0.12.5
Qemu Qemu 0.1.3
Qemu Qemu 0.14.0
Qemu Qemu 0.11.1
1 Article
NA
CVE-2008-0928
Qemu 0.9.1 and previous versions does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.
Qemu Qemu 0.1.4
Qemu Qemu 0.1.5
Qemu Qemu 0.4.3
Qemu Qemu 0.5.0
Qemu Qemu 0.6.1
Qemu Qemu 0.7.0
Qemu Qemu 0.1.6
Qemu Qemu 0.2.0
Qemu Qemu 0.5.1
Qemu Qemu 0.5.2
Qemu Qemu 0.7.1
Qemu Qemu 0.7.2
Qemu Qemu 0.8.0
Qemu Qemu 0.1.2
Qemu Qemu 0.1.3
Qemu Qemu 0.4.1
Qemu Qemu 0.4.2
Qemu Qemu 0.5.5
Qemu Qemu 0.6.0
Qemu Qemu 0.9.0
Qemu Qemu 0.9.1
Qemu Qemu 0.1.0
NA
CVE-2013-4538
Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in QEMU prior to 1.7.2 allow remote malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_star...
Qemu Qemu 1.0
Qemu Qemu 0.12.2
Qemu Qemu 0.12.0
Qemu Qemu
Qemu Qemu 1.1
Qemu Qemu 1.6.0
Qemu Qemu 0.1.6
Qemu Qemu 1.5.0
Qemu Qemu 0.13.0
Qemu Qemu 0.5.3
Qemu Qemu 0.4.2
Qemu Qemu 0.10.3
Qemu Qemu 1.5.3
Qemu Qemu 0.15.2
Qemu Qemu 0.11.0-rc1
Qemu Qemu 0.1.5
Qemu Qemu 1.5.1
Qemu Qemu 0.5.1
Qemu Qemu 0.8.2
Qemu Qemu 0.11.0
Qemu Qemu 0.5.5
Qemu Qemu 0.10.1
NA
CVE-2013-4539
Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c in QEMU prior to 1.7.2 might allow remote malicious users to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a savevm image.
Qemu Qemu 1.0
Qemu Qemu 0.12.2
Qemu Qemu 0.12.0
Qemu Qemu
Qemu Qemu 1.1
Qemu Qemu 1.6.0
Qemu Qemu 0.1.6
Qemu Qemu 1.5.0
Qemu Qemu 0.13.0
Qemu Qemu 0.5.3
Qemu Qemu 0.4.2
Qemu Qemu 0.10.3
Qemu Qemu 1.5.3
Qemu Qemu 0.15.2
Qemu Qemu 0.11.0-rc1
Qemu Qemu 0.1.5
Qemu Qemu 1.5.1
Qemu Qemu 0.5.1
Qemu Qemu 0.8.2
Qemu Qemu 0.11.0
Qemu Qemu 0.5.5
Qemu Qemu 0.10.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »