Vulnerabilities > Qemu
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-28 | CVE-2020-35504 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. | 2.1 |
2021-05-28 | CVE-2020-35505 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. | 2.1 |
2021-05-28 | CVE-2020-35506 | Use After Free vulnerability in Qemu A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0 during the handling of the 'Information Transfer' command (CMD_TI). | 4.6 |
2021-05-26 | CVE-2021-20196 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. | 6.5 |
2021-05-26 | CVE-2021-3527 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the USB redirector device (usb-redir) of QEMU. | 5.5 |
2021-05-13 | CVE-2021-20181 | Race Condition vulnerability in multiple products A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. | 7.5 |
2021-05-13 | CVE-2021-20221 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. | 6.0 |
2021-05-06 | CVE-2021-3507 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). | 6.1 |
2021-03-23 | CVE-2021-3409 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. | 5.7 |
2021-03-23 | CVE-2021-3392 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the MegaRAID emulator of QEMU. | 3.2 |