Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qemu qemu vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2015-8345
The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.
Qemu Qemu
Qemu Qemu 2.5.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2015-8504
Qemu, when built with VNC display driver support, allows remote malicious users to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.
Qemu Qemu
Qemu Qemu 2.5.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
7.8
CVSSv3
CVE-2022-2962
A DMA reentrancy issue was found in the Tulip device emulation in QEMU. When Tulip reads or writes to the rx/tx descriptor or copies the rx/tx frame, it doesn't check whether the destination address is its own MMIO address. This can cause the device to trigger MMIO handlers ...
Qemu Qemu
8.8
CVSSv3
CVE-2022-1050
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition.
Qemu Qemu
6.5
CVSSv3
CVE-2020-27661
A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.
Qemu Qemu
6
CVSSv3
CVE-2015-7549
The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method.
Qemu Qemu
6
CVSSv3
CVE-2016-4964
The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop, and CPU consumption or QEMU process crash) via vectors involving s->state.
Qemu Qemu
6.5
CVSSv3
CVE-2020-10717
A potential DoS flaw was found in the virtio-fs shared file system daemon (virtiofsd) implementation of the QEMU version >= v5.0. Virtio-fs is meant to share a host file system directory with a guest via virtio-fs device. If the guest opens the maximum number of file descripto...
Qemu Qemu
10
CVSSv3
CVE-2022-36648
The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and previous versions, allows remote malicious users to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This ...
Qemu Qemu
5.5
CVSSv3
CVE-2016-10029
The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a scanout id in a VIRTIO_GPU_CMD_SET_SCANOUT command larger than num_...
Qemu Qemu
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5274
CVE-2024-35388
CVE-2024-35396
elevation of privilege
CVE-2021-47544
file upload
CVE-2021-47545
memory leak
CVE-2024-4956
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »