Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qemu qemu vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-5008
hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the malicious user to cause a denial of service via a device driver.
Qemu Qemu 3.1.50
7.4
CVSSv2
CVE-2011-1750
Multiple heap-based buffer overflows in the virtio-blk driver (hw/virtio-blk.c) in qemu-kvm 0.14.0 allow local guest users to cause a denial of service (guest crash) and possibly gain privileges via a (1) write request to the virtio_blk_handle_write function or (2) read request t...
Qemu Qemu 0.14.0
6.8
CVSSv2
CVE-2020-11102
hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length.
Qemu Qemu 4.2.0
2.1
CVSSv2
CVE-2020-25741
fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive.
Qemu Qemu 5.0.0
5
CVSSv2
CVE-2019-12155
interface_release_resource in hw/display/qxl.c in QEMU 3.1.x up to and including 4.0.0 has a NULL pointer dereference.
Qemu Qemu 4.0.0
4
CVSSv2
CVE-2020-27616
ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a calculation. A guest can crash the QEMU process.
Qemu Qemu 4.2.1
7.2
CVSSv2
CVE-2007-6227
QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to overwrite the TranslationBlock (code_gen_buffer) buffer, and probably have unspecified other impacts related to an "overflow," via certain Windows executable programs, as demonstrated by qemu-do...
Qemu Qemu 0.9.0
1 EDB exploit
4.4
CVSSv2
CVE-2019-15034
hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space.
Qemu Qemu 4.0.0
6.8
CVSSv2
CVE-2014-5263
vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_END_OF_LIST macro, which allows malicious users to cause a denial of service (out-of-bounds access, infinite loop, and memory corruption) and possibly gain privileges via unspecifie...
Qemu Qemu 1.6.0
2.1
CVSSv2
CVE-2020-11947
iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.
Qemu Qemu 4.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »