Vulnerabilities > Qemu

DATE CVE VULNERABILITY TITLE RISK
2018-12-12 CVE-2018-16867 Race Condition vulnerability in multiple products
A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0.
local
high complexity
qemu fedoraproject canonical CWE-362
7.8
2018-12-06 CVE-2018-19665 Integer Overflow or Wraparound vulnerability in multiple products
The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption.
low complexity
qemu opensuse CWE-190
5.7
2018-11-15 CVE-2018-18954 Out-of-bounds Write vulnerability in multiple products
The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory.
local
low complexity
qemu canonical opensuse CWE-787
5.5
2018-11-02 CVE-2018-16847 Out-of-bounds Write vulnerability in multiple products
An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU.
local
low complexity
qemu canonical CWE-787
7.8
2018-10-19 CVE-2018-18438 Integer Overflow or Wraparound vulnerability in multiple products
Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.
local
low complexity
qemu redhat CWE-190
5.5
2018-10-16 CVE-2018-10839 Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue.
network
low complexity
qemu canonical debian
6.5
2018-10-09 CVE-2018-17963 Integer Overflow or Wraparound vulnerability in multiple products
qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.
network
low complexity
qemu debian canonical redhat CWE-190
critical
9.8
2018-10-09 CVE-2018-17962 Integer Overflow or Wraparound vulnerability in multiple products
Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.
network
low complexity
qemu suse debian canonical redhat oracle CWE-190
7.5
2018-10-09 CVE-2018-17958 Integer Overflow or Wraparound vulnerability in multiple products
Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.
network
low complexity
qemu canonical debian redhat CWE-190
7.5
2018-08-29 CVE-2018-15746 Unspecified vulnerability in Qemu
qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.
local
low complexity
qemu
5.5