Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qemu qemu 5.0.0 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2020-17380
A heap-based buffer overflow was found in QEMU up to and including 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via the sdhci_sdma_transfer_multi_blocks() routine in hw/sd/sdhci.c. A guest user or process could use this flaw ...
Qemu Qemu
Debian Debian Linux 9.0
2.1
CVSSv2
CVE-2020-28916
hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.
Qemu Qemu 5.0.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
4.4
CVSSv2
CVE-2020-25624
hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver.
Qemu Qemu 5.0.0
Debian Debian Linux 10.0
2.1
CVSSv2
CVE-2020-24352
An issue exists in QEMU up to and including 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while handling MMIO write operations through the ati_mm_write() callback. A malici...
Qemu Qemu
Qemu Qemu 5.0.0
2.1
CVSSv2
CVE-2020-25741
fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive.
Qemu Qemu 5.0.0
2.1
CVSSv2
CVE-2020-25084
QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked.
Qemu Qemu 5.0.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
4.4
CVSSv2
CVE-2020-25085
QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.
Qemu Qemu 5.0.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
4.7
CVSSv2
CVE-2020-25625
hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop.
Qemu Qemu 5.0.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
2.1
CVSSv2
CVE-2020-12829
In QEMU up to and including 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse this flaw to crash ...
Qemu Qemu
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 10.0
2.1
CVSSv2
CVE-2020-14415
oss_write in audio/ossaudio.c in QEMU prior to 5.0.0 mishandles a buffer position.
Qemu Qemu
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »