Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qemu vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2021-3947
A stack-buffer-overflow was found in QEMU in the NVME component. The flaw lies in nvme_changed_nslist() where a malicious guest controlling certain input can read out of bounds memory. A malicious user could use this flaw leading to disclosure of sensitive information.
Qemu Qemu 6.2.0
Qemu Qemu
1 Github repository
187
VMScore
CVE-2016-9922
The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.
Qemu Qemu
Qemu Qemu 2.8.0
187
VMScore
CVE-2016-6490
The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the descriptor buffer.
Qemu Qemu 2.7.0
Qemu Qemu
NA
CVE-2022-3872
An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhci_read_dataport and sdhci_write_dataport, respectively, if data_count == block_size. A malicious guest could use this flaw to crash the QEMU p...
Qemu Qemu
Qemu Qemu 7.1.0
187
VMScore
CVE-2014-3471
Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU instance crash) via hotplug and hotunplug operations of Virtio block devices.
Qemu Qemu
Qemu Qemu 2.1.2
187
VMScore
CVE-2015-5158
Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAP_SYS_RAWIO permissions to cause a denial of service (instance crash) via an invalid opcode in a SCSI command descriptor block.
Qemu Qemu
Qemu Qemu 2.4.0
409
VMScore
CVE-2014-0145
Multiple buffer overflows in QEMU prior to 1.7.2 and 2.x prior to 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) un...
Qemu Qemu
Qemu Qemu 2.0.0
169
VMScore
CVE-2014-0146
The qcow2_open function in the (block/qcow2.c) in QEMU prior to 1.7.2 and 2.x prior to 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots...
Qemu Qemu
Qemu Qemu 2.0.0
240
VMScore
CVE-2018-19665
The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption.
Qemu Qemu
Qemu Qemu 3.1.0
Opensuse Leap 42.3
NA
CVE-2023-4135
A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allo...
Qemu Qemu 8.1.0
Qemu Qemu
Fedoraproject Fedora 38
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »