Vulnerabilities > Qemu > Qemu > 0.11.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-11-06 | CVE-2015-6855 | Divide By Zero vulnerability in multiple products hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash. | 5.0 |
| 2015-08-26 | CVE-2015-4037 | Code vulnerability in Qemu The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program. | 1.9 |
| 2015-06-03 | CVE-2015-4106 | Incorrect Authorization vulnerability in multiple products QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors. | 4.6 |
| 2014-04-18 | CVE-2014-0150 | Numeric Errors vulnerability in multiple products Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow. | 4.9 |
| 2013-10-04 | CVE-2013-4344 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command. | 7.2 |
| 2012-06-21 | CVE-2011-2527 | Permissions, Privileges, and Access Controls vulnerability in Qemu The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host. | 2.1 |
| 2012-06-21 | CVE-2011-0011 | Improper Authentication vulnerability in Qemu qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions. | 4.3 |