Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qemu qemu vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-20175
An issue exists in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 up to and including 4.2.0. The guest system can crash the QEMU process in the host system via a special SCSI_IOCTL_SEND_COMMAND. It hits an assertion that implies that the size of successful DMA transfers there must b...
Qemu Qemu
7.5
CVSSv3
CVE-2019-15890
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
Libslirp Project Libslirp 4.0.0
Qemu Qemu 4.1.0
7.5
CVSSv3
CVE-2019-14459
nfdump 1.6.17 and previous versions is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service).
Nfdump Project Nfdump
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
7.5
CVSSv3
CVE-2019-10639
The Linux kernel 4.x (starting from 4.1) and 5.x prior to 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connect...
Linux Linux Kernel
7.5
CVSSv3
CVE-2019-12155
interface_release_resource in hw/display/qxl.c in QEMU 3.1.x up to and including 4.0.0 has a NULL pointer dereference.
Qemu Qemu 4.0.0
7.5
CVSSv3
CVE-2019-12247
QEMU 3.0.0 has an Integer Overflow because the qga/commands*.c files do not check the length of the argument list or the number of environment variables. NOTE: This has been disputed as not exploitable
Qemu Qemu 3.0.0
7.5
CVSSv3
CVE-2019-5008
hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the malicious user to cause a denial of service via a device driver.
Qemu Qemu 3.1.50
7.5
CVSSv3
CVE-2018-20191
hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows malicious users to cause a denial of service (NULL pointer dereference).
Qemu Qemu
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Fedoraproject Fedora 29
Fedoraproject Fedora 30
7.5
CVSSv3
CVE-2018-20125
hw/rdma/vmw/pvrdma_cmd.c in QEMU allows malicious users to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings.
Qemu Qemu
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
7.5
CVSSv3
CVE-2018-20216
QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled).
Qemu Qemu
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5274
CVE-2024-35388
CVE-2024-35396
elevation of privilege
CVE-2021-47544
file upload
CVE-2021-47545
memory leak
CVE-2024-4956
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »