Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qemu qemu 3.1 vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2019-6501
In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allows out-of-bounds write and read operations.
Qemu Qemu 3.1
Fedoraproject Fedora 30
641
VMScore
CVE-2007-5730
Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-13...
Qemu Qemu 0.8.2
Debian Debian Linux 3.1
Debian Debian Linux 4.0
187
VMScore
CVE-2007-1322
QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction.
Qemu Qemu 0.8.2
Debian Debian Linux 3.1
Debian Debian Linux 4.0
187
VMScore
CVE-2007-1366
QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by "aam 0x0," which triggers a divide-by-zero error.
Qemu Qemu 0.8.2
Debian Debian Linux 3.1
Debian Debian Linux 4.0
641
VMScore
CVE-2007-5729
The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: so...
Qemu Qemu 0.8.2
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Opensuse Opensuse 11.0
Opensuse Opensuse 11.1
641
VMScore
CVE-2007-1321
Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness erro...
Qemu Qemu 0.8.2
Fedoraproject Fedora 7
Fedoraproject Fedora Core 6
Debian Debian Linux 3.1
Debian Debian Linux 4.0
392
VMScore
CVE-2019-15034
hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space.
Qemu Qemu 4.0.0
445
VMScore
CVE-2019-12155
interface_release_resource in hw/display/qxl.c in QEMU 3.1.x up to and including 4.0.0 has a NULL pointer dereference.
Qemu Qemu 4.0.0
409
VMScore
CVE-2019-13164
qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.
Qemu Qemu 3.1
Qemu Qemu 4.0.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
392
VMScore
CVE-2020-15863
hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU prior to 07-20-2020 has a buffer overflow. This occurs during packet transmission and affects the highbank and midway emulated machines. A guest user or process could use this flaw to crash the QEMU process on the host, resu...
Qemu Qemu
Qemu Qemu 5.1.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »