Vulnerabilities > Qemu
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-06 | CVE-2021-3507 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). | 6.1 |
2021-03-23 | CVE-2021-3409 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. | 5.7 |
2021-03-23 | CVE-2021-3392 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the MegaRAID emulator of QEMU. | 3.2 |
2021-03-18 | CVE-2021-3416 | Infinite Loop vulnerability in multiple products A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. | 6.0 |
2021-03-09 | CVE-2021-20255 | Uncontrolled Recursion vulnerability in multiple products A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. | 2.1 |
2021-03-09 | CVE-2021-20263 | Improper Preservation of Permissions vulnerability in Qemu A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU. | 3.3 |
2021-02-25 | CVE-2021-20203 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. | 3.2 |
2021-01-30 | CVE-2020-17380 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. | 6.3 |
2021-01-28 | CVE-2020-35517 | Improper Privilege Management vulnerability in Qemu A flaw was found in qemu. | 8.2 |
2021-01-26 | CVE-2020-29443 | Out-of-bounds Read vulnerability in multiple products ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated. | 3.9 |