Vulnerabilities > Qemu

DATE CVE VULNERABILITY TITLE RISK
2020-12-31 CVE-2020-11947 Out-Of-Bounds Read vulnerability in Qemu 4.1.0
iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.
local
low complexity
qemu CWE-125
2.1
2020-12-31 CVE-2019-20808 Out-Of-Bounds Read vulnerability in Qemu 4.1.0
In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation.
local
low complexity
qemu CWE-125
2.1
2020-12-08 CVE-2020-27821 Heap-Based Buffer Overflow vulnerability in Qemu
A flaw was found in the memory management API of QEMU during the initialization of a memory region cache.
local
low complexity
qemu CWE-122
2.1
2020-12-04 CVE-2020-28916 Infinite Loop vulnerability in Qemu 5.0.0
hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.
local
low complexity
qemu CWE-835
2.1
2020-12-02 CVE-2020-25723 Reachable Assertion vulnerability in Qemu
A reachable assertion issue was found in the USB EHCI emulation code of QEMU.
local
low complexity
qemu CWE-617
2.1
2020-11-30 CVE-2020-25624 Out-Of-Bounds Read vulnerability in Qemu 5.0.0
hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver.
local
qemu CWE-125
4.4
2020-11-06 CVE-2020-27617 Reachable Assertion vulnerability in Qemu 4.2.1
eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure.
network
low complexity
qemu CWE-617
4.0
2020-11-06 CVE-2020-27616 Incorrect Calculation vulnerability in Qemu 4.2.1
ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a calculation.
network
low complexity
qemu CWE-682
4.0
2020-10-16 CVE-2020-24352 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Qemu
An issue was discovered in QEMU through 5.1.0.
local
low complexity
qemu CWE-119
2.1
2020-10-06 CVE-2020-25743 Null Pointer Dereference vulnerability in multiple products
hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.
local
low complexity
qemu redhat CWE-476
2.1