Vulnerabilities > Qemu > Qemu > 2.5.1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-05 | CVE-2021-3682 | Release of Invalid Pointer or Reference vulnerability in multiple products A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. | 8.5 |
| 2021-06-02 | CVE-2020-27661 | Divide By Zero vulnerability in Qemu A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. | 6.5 |
| 2021-06-02 | CVE-2020-35503 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU in versions before and including 6.0. | 2.1 |
| 2021-05-13 | CVE-2021-20181 | Race Condition vulnerability in multiple products A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. | 7.5 |
| 2021-03-23 | CVE-2021-3409 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. | 5.7 |
| 2021-03-18 | CVE-2021-3416 | Infinite Loop vulnerability in multiple products A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. | 6.0 |
| 2021-02-25 | CVE-2021-20203 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. | 3.2 |
| 2021-01-30 | CVE-2020-17380 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. | 6.3 |
| 2020-12-08 | CVE-2020-27821 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. | 6.0 |
| 2020-12-02 | CVE-2020-25723 | Reachable Assertion vulnerability in multiple products A reachable assertion issue was found in the USB EHCI emulation code of QEMU. | 3.2 |