Skip to main content

Qemu

335 CVEs product

Monthly

CVE-2019-20175 HIGH POC PATCH This Week

An issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 through 4.2.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Qemu
NVD
CVSS 3.1
7.5
EPSS
3.4%
CVE-2019-12068 LOW PATCH Monitor

In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Denial Of Service Qemu Ubuntu Linux Leap
NVD
CVSS 3.1
3.8
EPSS
0.5%
CVE-2019-15890 HIGH PATCH This Week

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Libslirp Qemu
NVD
CVSS 3.1
7.5
EPSS
4.0%
CVE-2019-13164 HIGH PATCH This Week

qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Qemu Debian Linux Leap Ubuntu Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-12929 CRITICAL POC Act Now

The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service RCE Information Disclosure Command Injection Qemu
NVD
CVSS 3.0
9.8
EPSS
4.9%
CVE-2019-12928 CRITICAL POC THREAT Emergency

The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection, which allows the remote attacker to achieve code execution, denial of service, or information. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service RCE Information Disclosure Command Injection Qemu
NVD
CVSS 3.0
9.8
EPSS
23.0%
CVE-2019-9824 MEDIUM PATCH This Month

tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Qemu
NVD
CVSS 3.0
5.5
EPSS
0.5%
CVE-2019-12155 HIGH POC PATCH This Week

interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Qemu
NVD
CVSS 3.0
7.5
EPSS
5.5%
CVE-2019-12247 HIGH PATCH This Week

QEMU 3.0.0 has an Integer Overflow because the qga/commands*.c files do not check the length of the argument list or the number of environment variables. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Qemu
NVD
CVSS 3.0
7.5
EPSS
3.0%
CVE-2019-5008 HIGH PATCH This Week

hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Qemu
NVD
CVSS 3.0
7.5
EPSS
2.8%
CVE-2019-8934 LOW POC PATCH Monitor

hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Qemu Leap
NVD
CVSS 3.1
3.3
EPSS
0.6%
CVE-2019-6778 HIGH PATCH This Week

In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Qemu Leap Fedora +1
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2019-6501 MEDIUM POC PATCH This Month

In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allows out-of-bounds write and read operations. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Qemu Fedora
NVD
CVSS 3.0
5.5
EPSS
0.6%
CVE-2019-3812 MEDIUM PATCH This Month

QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Qemu Fedora Ubuntu Linux Leap
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-20191 HIGH PATCH This Week

hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Qemu Ubuntu Linux Fedora
NVD
CVSS 3.1
7.5
EPSS
3.7%
CVE-2018-20124 MEDIUM PATCH This Month

hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Qemu Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2018-20216 HIGH PATCH This Week

QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Qemu Ubuntu Linux
NVD
CVSS 3.1
7.5
EPSS
3.9%
CVE-2018-20126 MEDIUM PATCH This Month

hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Qemu Ubuntu Linux Leap
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2018-20125 HIGH PATCH This Week

hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Qemu Ubuntu Linux
NVD
CVSS 3.1
7.5
EPSS
3.7%
CVE-2018-20123 MEDIUM PATCH This Month

pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Qemu Ubuntu Linux Fedora
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2018-16872 MEDIUM PATCH This Month

A flaw was found in qemu Media Transfer Protocol (MTP). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Information Disclosure Qemu Debian Linux Fedora Ubuntu Linux +1
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2018-19489 MEDIUM PATCH This Month

v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Qemu Debian Linux Fedora +2
NVD
CVSS 3.1
4.7
EPSS
0.4%
CVE-2018-19364 MEDIUM PATCH This Month

hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Information Disclosure Use After Free Qemu Ubuntu Linux +3
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2018-16867 HIGH PATCH This Week

A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. Rated high severity (CVSS 7.8).

Race Condition RCE Path Traversal Qemu Fedora +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2018-19665 MEDIUM PATCH This Month

The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Qemu Leap
NVD
CVSS 3.1
5.7
EPSS
0.9%
CVE-2018-18954 MEDIUM PATCH This Month

The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Qemu Ubuntu Linux Leap
NVD
CVSS 3.0
5.5
EPSS
0.5%
CVE-2018-16847 HIGH PATCH This Week

An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Qemu Ubuntu Linux
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2018-18438 MEDIUM PATCH This Month

Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Qemu Enterprise Linux Openstack
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-10839 MEDIUM POC PATCH This Month

Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow Stack Overflow Qemu Ubuntu Linux Debian Linux
NVD
CVSS 3.0
6.5
EPSS
3.2%
CVE-2018-17963 CRITICAL PATCH Act Now

qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Qemu Debian Linux Ubuntu Linux +3
NVD
CVSS 3.1
9.8
EPSS
4.8%
CVE-2018-17962 HIGH POC This Week

Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Qemu Ubuntu Linux Debian Linux Linux +1
NVD
CVSS 3.0
7.5
EPSS
4.5%
CVE-2018-17958 HIGH PATCH This Week

Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Qemu Ubuntu Linux Debian Linux +2
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2018-15746 MEDIUM PATCH This Month

qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2018-12617 HIGH POC PATCH THREAT This Week

qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Qemu Ubuntu Linux Debian Linux
NVD GitHub Exploit-DB
CVSS 3.1
7.5
EPSS
25.3%
CVE-2018-11806 HIGH PATCH This Week

m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Qemu Ubuntu Linux Openstack +8
NVD
CVSS 3.1
8.2
EPSS
0.8%
CVE-2018-7858 MEDIUM PATCH This Month

Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Denial Of Service Buffer Overflow Qemu Leap +7
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2018-7550 HIGH PATCH This Week

The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure RCE Buffer Overflow Qemu Debian Linux +7
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2018-5683 MEDIUM POC PATCH This Month

The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Denial Of Service Buffer Overflow Qemu Debian Linux +7
NVD
CVSS 3.1
6.0
EPSS
0.7%
CVE-2017-17381 MEDIUM This Month

The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2017-16845 CRITICAL PATCH Act Now

hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Qemu Debian Linux Ubuntu Linux
NVD
CVSS 3.1
10.0
EPSS
2.1%
CVE-2015-7549 MEDIUM This Month

The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qemu
NVD
CVSS 3.0
6.0
EPSS
0.1%
CVE-2015-7504 HIGH PATCH This Week

Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Denial Of Service RCE Qemu +2
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2017-15289 MEDIUM PATCH This Month

The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Buffer Overflow Memory Corruption Denial Of Service Qemu
NVD
CVSS 3.1
6.0
EPSS
0.0%
CVE-2017-15268 HIGH POC PATCH This Week

Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Qemu
NVD
CVSS 3.0
7.5
EPSS
2.0%
CVE-2017-15038 MEDIUM PATCH This Month

Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to. Rated medium severity (CVSS 5.6).

Race Condition Information Disclosure Qemu
NVD
CVSS 3.0
5.6
EPSS
0.0%
CVE-2017-14167 HIGH PATCH This Week

Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Integer Overflow RCE Buffer Overflow Qemu Debian Linux
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2017-13711 HIGH PATCH This Week

Use-after-free vulnerability in the sofree function in slirp/socket.c in QEMU (aka Quick Emulator) allows attackers to cause a denial of service (QEMU instance crash) by leveraging failure to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free Qemu Debian Linux
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2017-13672 MEDIUM PATCH This Month

QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure Qemu Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2017-13673 MEDIUM PATCH This Month

The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service (assertion failure) in the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Qemu
NVD
CVSS 3.0
6.5
EPSS
1.1%
CVE-2017-8380 CRITICAL PATCH Act Now

Buffer overflow in the "megasas_mmio_write" function in Qemu 2.9.0 allows remote attackers to have unspecified impact via unknown vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Qemu
NVD
CVSS 3.0
9.8
EPSS
2.8%
CVE-2017-12809 MEDIUM PATCH This Month

QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Null Pointer Dereference Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2014-0146 MEDIUM This Month

The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qemu
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2014-0145 HIGH PATCH This Week

Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Denial Of Service Qemu
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2014-0143 HIGH PATCH This Week

Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in. Rated high severity (CVSS 7.0).

Integer Overflow Denial Of Service Buffer Overflow Enterprise Linux Qemu
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2014-0142 MEDIUM This Month

QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Qemu
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-11334 MEDIUM PATCH This Month

The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Information Disclosure Qemu Debian Linux
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2017-10806 MEDIUM PATCH This Month

Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU process crash) via vectors related to logging debug. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2017-10664 HIGH PATCH This Week

qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Qemu Debian Linux Virtualization Openstack +6
NVD
CVSS 3.1
7.5
EPSS
5.1%
CVE-2017-11434 MEDIUM PATCH This Month

The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure Qemu Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2017-7980 HIGH PATCH This Week

Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Denial Of Service Qemu Ubuntu Linux +9
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-9524 HIGH PATCH This Week

The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2017-9503 MEDIUM PATCH This Month

QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Null Pointer Dereference Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2017-9375 MEDIUM PATCH This Month

QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2017-9374 MEDIUM PATCH This Month

Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2017-9373 MEDIUM PATCH This Month

Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2017-9330 MEDIUM PATCH This Month

QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return. Rated medium severity (CVSS 5.6).

Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
5.6
EPSS
0.1%
CVE-2017-9310 MEDIUM PATCH This Month

QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest OS privileged users to cause a denial of service (infinite loop) via vectors related to setting the. Rated medium severity (CVSS 5.6).

Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
5.6
EPSS
0.1%
CVE-2017-9060 MEDIUM PATCH This Month

Memory leak in the virtio_gpu_set_scanout function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (memory consumption) via a large. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2017-8379 MEDIUM PATCH This Month

Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux Openstack
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2017-8309 HIGH PATCH This Week

Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Qemu Debian Linux Openstack
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2017-7493 HIGH PATCH This Week

Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Privilege Escalation Qemu Debian Linux
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2017-8112 MEDIUM PATCH This Month

hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2017-8086 MEDIUM PATCH This Month

Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (memory consumption) via vectors. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2017-8284 HIGH PATCH This Week

The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain. Rated high severity (CVSS 7.0). This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Qemu
NVD GitHub
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-7718 MEDIUM PATCH This Month

hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure Qemu Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2015-8619 HIGH PATCH This Week

The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
7.5
EPSS
3.3%
CVE-2015-8567 HIGH PATCH This Week

Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Qemu Ubuntu Linux Debian Linux Linux Enterprise Debuginfo +6
NVD
CVSS 3.1
7.7
EPSS
3.5%
CVE-2015-8345 MEDIUM PATCH This Month

The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2015-8666 HIGH PATCH This Week

Heap-based buffer overflow in QEMU, when built with the Q35-chipset-based PC system emulator. Rated high severity (CVSS 7.9), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Qemu Debian Linux
NVD
CVSS 3.1
7.9
EPSS
0.1%
CVE-2015-8613 MEDIUM PATCH This Month

Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2015-8568 MEDIUM PATCH This Month

Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service VMware Qemu Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2015-8504 MEDIUM PATCH This Month

Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
6.5
EPSS
2.8%
CVE-2017-7377 MEDIUM PATCH This Month

The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
6.0
EPSS
0.1%
CVE-2017-5973 MEDIUM PATCH This Month

The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux Openstack Virtualization
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2017-5931 HIGH PATCH This Week

Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Integer Overflow RCE Denial Of Service Buffer Overflow Qemu
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2016-9922 MEDIUM PATCH This Month

The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2015-8556 CRITICAL POC THREAT Emergency

Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 21.2%.

Race Condition Privilege Escalation Qemu
NVD Exploit-DB
CVSS 3.0
10.0
EPSS
21.2%
Threat
4.1
CVE-2017-6058 HIGH PATCH This Week

Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in QEMU (aka Quick Emulator), when the VLANSTRIP feature is enabled on the vmxnet3 device, allows remote attackers to cause a denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Denial Of Service Qemu
NVD
CVSS 3.1
7.5
EPSS
3.4%
CVE-2017-5987 MEDIUM PATCH This Month

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2017-5857 MEDIUM PATCH This Month

Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Qemu
NVD
CVSS 3.1
6.5
EPSS
0.1%
EPSS 3% CVSS 7.5
HIGH POC PATCH This Week

An issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 through 4.2.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Qemu
NVD
EPSS 1% CVSS 3.8
LOW PATCH Monitor

In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Denial Of Service Qemu Ubuntu Linux +1
NVD
EPSS 4% CVSS 7.5
HIGH PATCH This Week

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Qemu Debian Linux +2
NVD GitHub
EPSS 5% CVSS 9.8
CRITICAL POC Act Now

The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service RCE Information Disclosure +2
NVD
EPSS 23% CVSS 9.8
CRITICAL POC THREAT Emergency

The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection, which allows the remote attacker to achieve code execution, denial of service, or information. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service RCE Information Disclosure +2
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Qemu
NVD
EPSS 6% CVSS 7.5
HIGH POC PATCH This Week

interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Qemu
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

QEMU 3.0.0 has an Integer Overflow because the qga/commands*.c files do not check the length of the argument list or the number of environment variables. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Qemu
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Qemu
NVD
EPSS 1% CVSS 3.3
LOW POC PATCH Monitor

hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Qemu Leap
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Qemu +3
NVD
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allows out-of-bounds write and read operations. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Qemu +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Qemu Fedora +2
NVD
EPSS 4% CVSS 7.5
HIGH PATCH This Week

hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Qemu +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Qemu +1
NVD
EPSS 4% CVSS 7.5
HIGH PATCH This Week

QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Qemu Ubuntu Linux
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Qemu Ubuntu Linux +1
NVD
EPSS 4% CVSS 7.5
HIGH PATCH This Week

hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Qemu +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Qemu Ubuntu Linux +1
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

A flaw was found in qemu Media Transfer Protocol (MTP). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Information Disclosure Qemu Debian Linux +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Qemu +4
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Information Disclosure Use After Free +5
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. Rated high severity (CVSS 7.8).

Race Condition RCE Path Traversal +3
NVD
EPSS 1% CVSS 5.7
MEDIUM PATCH This Month

The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Qemu +1
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Qemu +2
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Qemu +2
NVD
EPSS 3% CVSS 6.5
MEDIUM POC PATCH This Month

Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow Stack Overflow Qemu +2
NVD
EPSS 5% CVSS 9.8
CRITICAL PATCH Act Now

qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Qemu +5
NVD
EPSS 5% CVSS 7.5
HIGH POC This Week

Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Qemu Ubuntu Linux +3
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Qemu +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu
NVD
EPSS 25% CVSS 7.5
HIGH POC PATCH THREAT This Week

qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Qemu +2
NVD GitHub Exploit-DB
EPSS 1% CVSS 8.2
HIGH PATCH This Week

m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Qemu +10
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Denial Of Service Buffer Overflow +9
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure RCE Buffer Overflow +9
NVD GitHub
EPSS 1% CVSS 6.0
MEDIUM POC PATCH This Month

The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Denial Of Service Buffer Overflow +9
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Qemu Debian Linux
NVD
EPSS 2% CVSS 10.0
CRITICAL PATCH Act Now

hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Qemu Debian Linux +1
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qemu
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Denial Of Service +4
NVD
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Buffer Overflow Memory Corruption Denial Of Service +1
NVD
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Qemu
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to. Rated medium severity (CVSS 5.6).

Race Condition Information Disclosure Qemu
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Integer Overflow RCE Buffer Overflow +2
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Use-after-free vulnerability in the sofree function in slirp/socket.c in QEMU (aka Quick Emulator) allows attackers to cause a denial of service (QEMU instance crash) by leveraging failure to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free +2
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure +2
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service (assertion failure) in the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Qemu
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Buffer overflow in the "megasas_mmio_write" function in Qemu 2.9.0 allows remote attackers to have unspecified impact via unknown vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Qemu
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Null Pointer Dereference Denial Of Service Qemu +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qemu
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Denial Of Service +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in. Rated high severity (CVSS 7.0).

Integer Overflow Denial Of Service Buffer Overflow +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Qemu
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Information Disclosure +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU process crash) via vectors related to logging debug. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Denial Of Service +2
NVD
EPSS 5% CVSS 7.5
HIGH PATCH This Week

qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Qemu Debian Linux +8
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Denial Of Service +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Null Pointer Dereference Denial Of Service Qemu +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return. Rated medium severity (CVSS 5.6).

Denial Of Service Qemu Debian Linux
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest OS privileged users to cause a denial of service (infinite loop) via vectors related to setting the. Rated medium severity (CVSS 5.6).

Denial Of Service Qemu Debian Linux
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Memory leak in the virtio_gpu_set_scanout function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (memory consumption) via a large. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux +1
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Qemu Debian Linux +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Privilege Escalation Qemu Debian Linux
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (memory consumption) via vectors. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain. Rated high severity (CVSS 7.0). This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Qemu
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure +2
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Denial Of Service +2
NVD
EPSS 4% CVSS 7.7
HIGH PATCH This Week

Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Qemu Ubuntu Linux +8
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
EPSS 0% CVSS 7.9
HIGH PATCH This Week

Heap-based buffer overflow in QEMU, when built with the Q35-chipset-based PC system emulator. Rated high severity (CVSS 7.9), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Qemu +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Denial Of Service +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service VMware Qemu +1
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Integer Overflow RCE Denial Of Service +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu
NVD
EPSS 21% 4.1 CVSS 10.0
CRITICAL POC THREAT Emergency

Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 21.2%.

Race Condition Privilege Escalation Qemu
NVD Exploit-DB
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in QEMU (aka Quick Emulator), when the VLANSTRIP feature is enabled on the vmxnet3 device, allows remote attackers to cause a denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Denial Of Service Qemu
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Qemu
NVD
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy