Vulnerabilities > Qemu

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-20	CVE-2018-20191	NULL Pointer Dereference vulnerability in multiple products hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference). network low complexity qemu canonical fedoraproject CWE-476	7.5
2018-12-20	CVE-2018-20124	Out-of-bounds Read vulnerability in multiple products hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value. local low complexity qemu canonical CWE-125	2.1
2018-12-20	CVE-2018-20216	Infinite Loop vulnerability in multiple products QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled). network low complexity qemu canonical CWE-835	5.0
2018-12-20	CVE-2018-20126	Missing Release of Resource after Effective Lifetime vulnerability in multiple products hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled. local low complexity qemu canonical opensuse CWE-772	2.1
2018-12-20	CVE-2018-20125	NULL Pointer Dereference vulnerability in multiple products hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings. network low complexity qemu canonical CWE-476	5.0
2018-12-17	CVE-2018-20123	Missing Release of Resource after Effective Lifetime vulnerability in multiple products pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error. local low complexity qemu canonical fedoraproject CWE-772	5.5
2018-12-13	CVE-2018-16872	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A flaw was found in qemu Media Transfer Protocol (MTP). network high complexity qemu debian fedoraproject canonical opensuse CWE-367	5.3
2018-12-13	CVE-2018-19489	Race Condition vulnerability in multiple products v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. local high complexity qemu debian fedoraproject canonical opensuse CWE-362	4.7
2018-12-13	CVE-2018-19364	Use After Free vulnerability in multiple products hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome. local low complexity qemu canonical debian fedoraproject opensuse CWE-416	5.5
2018-12-12	CVE-2018-16867	Race Condition vulnerability in multiple products A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. local high complexity qemu fedoraproject canonical CWE-362	7.8

Vulnerabilities > Qemu {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Qemu"}]}

Vulnerabilities > Qemu