Vulnerabilities > Qemu
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-09 | CVE-2018-17958 | Integer Overflow or Wraparound vulnerability in multiple products Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. | 7.5 |
| 2018-08-29 | CVE-2018-15746 | Unspecified vulnerability in Qemu qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread. | 5.5 |
| 2018-07-27 | CVE-2017-15118 | Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. | 9.8 |
| 2018-07-27 | CVE-2016-9603 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. | 9.9 |
| 2018-07-27 | CVE-2017-2633 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. | 6.5 |
| 2018-07-27 | CVE-2017-2620 | Out-of-bounds Write vulnerability in multiple products Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. | 9.9 |
| 2018-07-27 | CVE-2017-2630 | Stack-based Buffer Overflow vulnerability in Qemu A stack buffer overflow flaw was found in the Quick Emulator (QEMU) before 2.9 built with the Network Block Device (NBD) client support. | 8.8 |
| 2018-07-27 | CVE-2017-15119 | Resource Exhaustion vulnerability in multiple products The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. | 8.6 |
| 2018-07-26 | CVE-2017-7539 | Reachable Assertion vulnerability in multiple products An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. | 7.5 |
| 2018-07-09 | CVE-2017-7471 | Incorrect Permission Assignment for Critical Resource vulnerability in Qemu Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System (9pfs) support, is vulnerable to an improper access control issue. | 9.0 |