Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qemu qemu 6.0.0 vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2020-35505
A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions prior to 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEMU process on the h...
Qemu Qemu
Qemu Qemu 6.0.0
Debian Debian Linux 10.0
4.6
CVSSv2
CVE-2020-35506
A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions prior to 6.0.0 during the handling of the 'Information Transfer' command (CMD_TI). This flaw allows a privileged guest user to crash the QEMU process on the host...
Qemu Qemu
2.1
CVSSv2
CVE-2020-35504
A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions prior to 6.0.0. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system av...
Qemu Qemu
Fedoraproject Fedora 33
Debian Debian Linux 10.0
3.6
CVSSv2
CVE-2021-3507
A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this f...
Qemu Qemu
Debian Debian Linux 10.0
Redhat Enterprise Linux 8.0
2.7
CVSSv2
CVE-2019-20485
qemu/qemu_driver.c in libvirt prior to 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows malicious users to cause a denial of service (API blockage).
Redhat Libvirt
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
4
CVSSv2
CVE-2020-10703
A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as netwo...
Redhat Libvirt
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started