Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qemu vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2021-3947
A stack-buffer-overflow was found in QEMU in the NVME component. The flaw lies in nvme_changed_nslist() where a malicious guest controlling certain input can read out of bounds memory. A malicious user could use this flaw leading to disclosure of sensitive information.
Qemu Qemu 6.2.0
Qemu Qemu
1 Github repository
2.1
CVSSv2
CVE-2014-3471
Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU instance crash) via hotplug and hotunplug operations of Virtio block devices.
Qemu Qemu
Qemu Qemu 2.1.2
2.1
CVSSv2
CVE-2016-9922
The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.
Qemu Qemu
Qemu Qemu 2.8.0
2.1
CVSSv2
CVE-2020-24352
An issue exists in QEMU up to and including 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while handling MMIO write operations through the ati_mm_write() callback. A malici...
Qemu Qemu
Qemu Qemu 5.0.0
4.6
CVSSv2
CVE-2014-0145
Multiple buffer overflows in QEMU prior to 1.7.2 and 2.x prior to 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) un...
Qemu Qemu
Qemu Qemu 2.0.0
1.9
CVSSv2
CVE-2014-0146
The qcow2_open function in the (block/qcow2.c) in QEMU prior to 1.7.2 and 2.x prior to 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots...
Qemu Qemu
Qemu Qemu 2.0.0
2.1
CVSSv2
CVE-2016-6490
The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the descriptor buffer.
Qemu Qemu 2.7.0
Qemu Qemu
2.1
CVSSv2
CVE-2015-5158
Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAP_SYS_RAWIO permissions to cause a denial of service (instance crash) via an invalid opcode in a SCSI command descriptor block.
Qemu Qemu
Qemu Qemu 2.4.0
NA
CVE-2023-4135
A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allo...
Qemu Qemu 8.1.0
Qemu Qemu
Fedoraproject Fedora 38
2.7
CVSSv2
CVE-2018-19665
The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption.
Qemu Qemu
Qemu Qemu 3.1.0
Opensuse Leap 42.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »