Vulnerabilities > Qemu > Qemu > 0.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-29 | CVE-2021-4206 | Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. | 8.2 |
| 2022-04-29 | CVE-2021-4207 | Classic Buffer Overflow vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. | 8.2 |
| 2022-04-01 | CVE-2021-20295 | Out-of-bounds Read vulnerability in Qemu It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 (https://access.redhat.com/errata/RHSA-2020:4676) erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in virt:rhel/qemu-kvm via erratum RHSA-2020:4059 (https://access.redhat.com/errata/RHSA-2020:4059). | 6.5 |
| 2022-03-29 | CVE-2022-1050 | Use After Free vulnerability in Qemu A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. | 8.8 |
| 2022-03-25 | CVE-2021-3582 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. | 6.5 |
| 2022-03-16 | CVE-2021-20257 | Infinite Loop vulnerability in multiple products An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. | 6.5 |
| 2022-03-16 | CVE-2022-26354 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products A flaw was found in the vhost-vsock device of QEMU. | 3.2 |
| 2022-02-24 | CVE-2021-3607 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. | 6.0 |
| 2022-02-24 | CVE-2021-3608 | Access of Uninitialized Pointer vulnerability in multiple products A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. | 6.0 |
| 2022-02-18 | CVE-2021-3930 | Off-by-one Error vulnerability in multiple products An off-by-one error was found in the SCSI device emulation in QEMU. | 6.5 |