Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qemu vulnerabilities and exploits
(subscribe to this query)
7.4
CVSSv2
CVE-2011-1750
Multiple heap-based buffer overflows in the virtio-blk driver (hw/virtio-blk.c) in qemu-kvm 0.14.0 allow local guest users to cause a denial of service (guest crash) and possibly gain privileges via a (1) write request to the virtio_blk_handle_write function or (2) read request t...
Qemu Qemu 0.14.0
7.4
CVSSv2
CVE-2012-0029
Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets.
Kvm Group Qemu-kvm 0.12
7.2
CVSSv2
CVE-2020-14339
A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform ope...
Redhat Enterprise Linux 8.0
Redhat Libvirt
7.2
CVSSv2
CVE-2020-25637
A double free memory issue was found to occur in the libvirt API, in versions prior to 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read...
Redhat Libvirt
Opensuse Leap 15.1
Opensuse Leap 15.2
2 Github repositories
7.2
CVSSv2
CVE-2013-4535
The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU prior to 1.7.2 allows remote malicious users to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read.
Qemu Qemu
Redhat Enterprise Linux Server Tus 6.5
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Virtualization 3.0
7.2
CVSSv2
CVE-2019-0155
Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) A...
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server Eus 7.5
Intel Graphics Driver
Intel Core I9-10980xe Firmware -
Intel Core I9-10900x Firmware -
Intel Core I9-10920x Firmware -
Intel Core I9-9900x Firmware -
Intel Core I9-9920x Firmware -
Intel Core I9-9960x Firmware -
Intel Core I9-9980xe Firmware -
Intel Core I9-9940x Firmware -
Intel Core I9-7960x Firmware -
Intel Core I9-7940x Firmware -
Intel Core I9-7980xe Firmware -
Intel Core I9-7920x Firmware -
Intel Core I9-7900x Firmware -
Intel Core I7-7820x Firmware -
Intel Core I7-7800x Firmware -
Intel Core I9-9900ks Firmware -
Intel Core I9-9900t Firmware -
Intel Core I9-9900 Firmware -
7.2
CVSSv2
CVE-2019-14835
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length t...
Linux Linux Kernel 5.3
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Netapp Aff A700s Firmware -
Netapp H410c Firmware -
Netapp H610s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
1 Article
7.2
CVSSv2
CVE-2017-18509
An issue exists in net/ipv6/ip6mr.c in the Linux kernel prior to 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstanc...
Linux Linux Kernel
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.2
CVSSv2
CVE-2017-5931
Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request, which triggers a heap-based buff...
Qemu Qemu
7.2
CVSSv2
CVE-2015-5260
Heap-based buffer overflow in SPICE prior to 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.
Redhat Enterprise Linux Server Eus 6.7.z
Redhat Enterprise Linux Hpc Node 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Spice Project Spice
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Hpc Node Eus 7.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »