Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

qemu qemu vulnerabilities and exploits

(subscribe to this query)
0.003
EPSS

CVE-2011-1751

The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power Management emulation in qemu-kvm does not check if a device is hotpluggable before unplugging the PCI-ISA bridge, which allows privileged guest users to cause a denial of service (guest crash) and possibly execute arb...
Qemu Qemu 0.1.0Qemu Qemu 0.1.1Qemu Qemu 0.1.2Qemu Qemu 0.1.3Qemu Qemu 0.1.4Qemu Qemu 0.1.5Qemu Qemu 0.1.6Qemu Qemu 0.2.0Qemu Qemu 0.3.0Qemu Qemu 0.4.0Qemu Qemu 0.4.1Qemu Qemu 0.4.2
0.000
EPSS

CVE-2011-2527

The change_process_uid function in os-posix.c in Qemu 0.14.0 and previous versions does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.
Qemu QemuQemu Qemu 0.1.0Qemu Qemu 0.1.1Qemu Qemu 0.1.2Qemu Qemu 0.1.3Qemu Qemu 0.1.4Qemu Qemu 0.1.5Qemu Qemu 0.1.6Qemu Qemu 0.2.0Qemu Qemu 0.3.0Qemu Qemu 0.4.0Qemu Qemu 0.4.1
0.024
EPSS

CVE-2013-4530

Buffer overflow in hw/ssi/pl022.c in QEMU prior to 1.7.2 allows remote malicious users to cause a denial of service or possibly execute arbitrary code via crafted tx_fifo_head and rx_fifo_head values in a savevm image.
Qemu QemuQemu Qemu 0.1.0Qemu Qemu 0.1.1Qemu Qemu 0.1.2Qemu Qemu 0.1.3Qemu Qemu 0.1.4Qemu Qemu 0.1.5Qemu Qemu 0.1.6Qemu Qemu 0.2.0Qemu Qemu 0.3.0Qemu Qemu 0.4.0Qemu Qemu 0.4.1
0.019
EPSS

CVE-2013-4537

The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU prior to 1.7.2 allows remote malicious users to execute arbitrary code via a crafted arglen value in a savevm image.
Qemu QemuQemu Qemu 0.1.0Qemu Qemu 0.1.1Qemu Qemu 0.1.2Qemu Qemu 0.1.3Qemu Qemu 0.1.4Qemu Qemu 0.1.5Qemu Qemu 0.1.6Qemu Qemu 0.2.0Qemu Qemu 0.3.0Qemu Qemu 0.4.0Qemu Qemu 0.4.1
0.025
EPSS

CVE-2013-4538

Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in QEMU prior to 1.7.2 allow remote malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_star...
Qemu QemuQemu Qemu 0.1.0Qemu Qemu 0.1.1Qemu Qemu 0.1.2Qemu Qemu 0.1.3Qemu Qemu 0.1.4Qemu Qemu 0.1.5Qemu Qemu 0.1.6Qemu Qemu 0.2.0Qemu Qemu 0.3.0Qemu Qemu 0.4.0Qemu Qemu 0.4.1
0.042
EPSS

CVE-2013-4539

Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c in QEMU prior to 1.7.2 might allow remote malicious users to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a savevm image.
Qemu QemuQemu Qemu 0.1.0Qemu Qemu 0.1.1Qemu Qemu 0.1.2Qemu Qemu 0.1.3Qemu Qemu 0.1.4Qemu Qemu 0.1.5Qemu Qemu 0.1.6Qemu Qemu 0.2.0Qemu Qemu 0.3.0Qemu Qemu 0.4.0Qemu Qemu 0.4.1
0.038
EPSS

CVE-2013-4540

Buffer overflow in scoop_gpio_handler_update in QEMU prior to 1.7.2 might allow remote malicious users to execute arbitrary code via a large (1) prev_level, (2) gpio_level, or (3) gpio_dir value in a savevm image.
Qemu QemuQemu Qemu 0.1.0Qemu Qemu 0.1.1Qemu Qemu 0.1.2Qemu Qemu 0.1.3Qemu Qemu 0.1.4Qemu Qemu 0.1.5Qemu Qemu 0.1.6Qemu Qemu 0.2.0Qemu Qemu 0.3.0Qemu Qemu 0.4.0Qemu Qemu 0.4.1
0.025
EPSS

CVE-2013-4526

Buffer overflow in hw/ide/ahci.c in QEMU prior to 1.7.2 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via vectors related to migrating ports.
Qemu QemuQemu Qemu 0.1.0Qemu Qemu 0.1.1Qemu Qemu 0.1.2Qemu Qemu 0.1.3Qemu Qemu 0.1.4Qemu Qemu 0.1.5Qemu Qemu 0.1.6Qemu Qemu 0.2.0Qemu Qemu 0.3.0Qemu Qemu 0.4.0Qemu Qemu 0.4.1
0.020
EPSS

CVE-2013-4531

Buffer overflow in target-arm/machine.c in QEMU prior to 1.7.2 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a negative value in cpreg_vmstate_array_len in a savevm image.
Qemu QemuQemu Qemu 0.1.0Qemu Qemu 0.1.1Qemu Qemu 0.1.2Qemu Qemu 0.1.3Qemu Qemu 0.1.4Qemu Qemu 0.1.5Qemu Qemu 0.1.6Qemu Qemu 0.2.0Qemu Qemu 0.3.0Qemu Qemu 0.4.0Qemu Qemu 0.4.1
0.020
EPSS

CVE-2013-4533

Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c in QEMU prior to 1.7.2 allows remote malicious users to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image.
Qemu QemuQemu Qemu 0.1.0Qemu Qemu 0.1.1Qemu Qemu 0.1.2Qemu Qemu 0.1.3Qemu Qemu 0.1.4Qemu Qemu 0.1.5Qemu Qemu 0.1.6Qemu Qemu 0.2.0Qemu Qemu 0.3.0Qemu Qemu 0.4.0Qemu Qemu 0.4.1
Preferred Score:
EPSS
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2024-9182CVE-2025-4761CVE-2025-1289XML injectiond-linkCVE-2025-4427cameralocalgenesis64ibmCVE-2025-47161spotipyCVE-2023-21563
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook