Vulnerabilities > Qemu > Qemu > 0.12.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-04-18 | CVE-2014-0150 | Numeric Errors vulnerability in multiple products Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow. | 4.9 |
| 2013-10-04 | CVE-2013-4344 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command. | 7.2 |
| 2012-06-21 | CVE-2011-2527 | Permissions, Privileges, and Access Controls vulnerability in Qemu The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host. | 2.1 |