Vulnerabilities > Qemu

DATE CVE VULNERABILITY TITLE RISK
2016-12-29 CVE-2016-9846 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qemu
QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue.
local
low complexity
qemu CWE-119
6.5
6.5
2016-12-29 CVE-2016-9845 Information Exposure vulnerability in Qemu
QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue.
local
low complexity
qemu CWE-200
6.5
6.5
2016-12-29 CVE-2016-9776 Infinite Loop vulnerability in multiple products
QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue.
local
low complexity
qemu debian CWE-835
5.5
5.5
2016-12-29 CVE-2016-2198 NULL Pointer Dereference vulnerability in multiple products
QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw.
local
low complexity
qemu debian CWE-476
5.5
5.5
2016-12-29 CVE-2016-2197 NULL Pointer Dereference vulnerability in Qemu
QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw.
local
low complexity
qemu CWE-476
5.5
5.5
2016-12-29 CVE-2016-1981 Infinite Loop vulnerability in multiple products
QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue.
local
low complexity
qemu debian CWE-835
5.5
5.5
2016-12-29 CVE-2016-1922 NULL Pointer Dereference vulnerability in multiple products
QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw.
local
low complexity
qemu debian CWE-476
5.5
5.5
2016-12-29 CVE-2015-8818 Unspecified vulnerability in Qemu
The cpu_physical_memory_write_rom_internal function in exec.c in QEMU (aka Quick Emulator) does not properly skip MMIO regions, which allows local privileged guest users to cause a denial of service (guest crash) via unspecified vectors.
local
low complexity
qemu
5.5
5.5
2016-12-29 CVE-2015-8817 Out-of-bounds Write vulnerability in Qemu
QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue.
local
low complexity
qemu CWE-787
5.5
5.5
2016-12-29 CVE-2015-8745 Reachable Assertion vulnerability in multiple products
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue.
local
low complexity
qemu debian CWE-617
5.5
5.5