Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qemu qemu 3.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-15890
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
Libslirp Project Libslirp 4.0.0
Qemu Qemu 4.1.0
NA
CVE-2007-1320
Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-e...
Qemu Qemu 0.8.2
Fedoraproject Fedora 8
Fedoraproject Fedora 9
Fedoraproject Fedora Core 6
Opensuse Opensuse 11.0
Opensuse Opensuse 11.1
Debian Debian Linux 3.1
Debian Debian Linux 4.0
5.5
CVSSv3
CVE-2018-18954
The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu prior to 3.1 allows out-of-bounds write or read access to PowerNV memory.
Qemu Qemu
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Opensuse Leap 42.3
3.8
CVSSv3
CVE-2020-12829
In QEMU up to and including 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse this flaw to crash ...
Qemu Qemu
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 10.0
5.6
CVSSv3
CVE-2020-7039
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.
Libslirp Project Libslirp 4.1.0
Qemu Qemu 4.2.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
6.7
CVSSv3
CVE-2020-13754
hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.
Qemu Qemu
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
2.5
CVSSv3
CVE-2020-13659
address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.
Qemu Qemu 4.2.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
3.8
CVSSv3
CVE-2019-12068
In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This c...
Qemu Qemu 1\\
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.0
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Opensuse Leap 15.1
Canonical Ubuntu Linux 19.10
3.8
CVSSv3
CVE-2020-16092
In QEMU up to and including 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of servic...
Qemu Qemu
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.2
3.2
CVSSv3
CVE-2020-13362
In QEMU 5.0.0 and previous versions, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.
Qemu Qemu
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »