Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qemu qemu - vulnerabilities and exploits
(subscribe to this query)
6
CVSSv3
CVE-2023-0330
A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free.
Qemu Qemu 8.0.0
Qemu Qemu
Debian Debian Linux 10.0
4.4
CVSSv3
CVE-2020-35505
A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions prior to 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEMU process on the h...
Qemu Qemu
Qemu Qemu 6.0.0
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2017-7718
hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functi...
Qemu Qemu
Qemu Qemu 2.9.0
Debian Debian Linux 8.0
5.5
CVSSv3
CVE-2016-2198
QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process ...
Qemu Qemu
Qemu Qemu 2.6.0
Debian Debian Linux 8.0
7.9
CVSSv3
CVE-2015-8666
Heap-based buffer overflow in QEMU, when built with the Q35-chipset-based PC system emulator.
Qemu Qemu
Qemu Qemu 2.5.0
Debian Debian Linux 8.0
NA
CVE-2011-4111
Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU prior to 0.15.2 and 1.x prior to 1.0-rc4 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VSC_ATR message.
Redhat Enterprise Linux Server Supplementary 6.1.z
Redhat Enterprise Linux 6.0
Qemu Qemu 1.0
Qemu Qemu 0.15.0
Qemu Qemu
NA
CVE-2011-3346
Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU prior to 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulner...
Xen Xen -
Qemu Qemu 0.15.0
Redhat Enterprise Linux 5
Qemu Qemu
6
CVSSv3
CVE-2016-8667
The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value.
Qemu Qemu
Qemu Qemu 2.9.0
Opensuse Leap 42.2
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2023-3180
A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of `src_len` and `dst_len` in virtio_crypto_sym_op_helper, potentially leading to a heap buffer overflow when the...
Qemu Qemu
Qemu Qemu 8.1.0
Fedoraproject Fedora 38
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2015-8345
The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.
Qemu Qemu
Qemu Qemu 2.5.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »