Vulnerabilities > Qemu > Qemu > 4.2.0.34
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-29 | CVE-2023-0664 | Improper Privilege Management vulnerability in multiple products A flaw was found in the QEMU Guest Agent service for Windows. | 7.8 |
2023-03-23 | CVE-2023-1544 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. | 6.3 |
2022-11-29 | CVE-2022-4144 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. | 6.5 |
2022-11-07 | CVE-2022-3872 | Off-by-one Error vulnerability in Qemu An off-by-one read/write issue was found in the SDHCI device of QEMU. | 8.6 |
2022-09-13 | CVE-2022-2962 | Improper Synchronization vulnerability in Qemu A DMA reentrancy issue was found in the Tulip device emulation in QEMU. | 7.8 |
2022-08-29 | CVE-2022-0358 | Improper Check for Dropped Privileges vulnerability in multiple products A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. | 7.8 |
2022-08-25 | CVE-2021-3929 | Use After Free vulnerability in multiple products A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. | 8.2 |
2022-07-11 | CVE-2022-35414 | Use of Uninitialized Resource vulnerability in multiple products softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash. | 8.8 |
2022-05-11 | CVE-2021-3611 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. | 6.5 |
2022-05-02 | CVE-2021-3750 | Use After Free vulnerability in multiple products A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. | 8.2 |