Vulnerabilities > Qemu > Qemu > 6.0.0

DATE CVE VULNERABILITY TITLE RISK
2022-02-18 CVE-2021-3930 Off-by-one Error vulnerability in multiple products
An off-by-one error was found in the SCSI device emulation in QEMU.
local
low complexity
qemu redhat debian CWE-193
6.5
6.5
2022-02-18 CVE-2021-3947 Out-of-bounds Read vulnerability in Qemu 6.0.0/6.1.0/6.2.0
A stack-buffer-overflow was found in QEMU in the NVME component.
local
low complexity
qemu CWE-125
5.5
5.5
2021-08-25 CVE-2021-3713 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device emulation of QEMU in versions prior to 6.2.0-rc0.
low complexity
qemu debian CWE-787
7.4
7.4
2021-08-05 CVE-2021-3682 Release of Invalid Pointer or Reference vulnerability in multiple products
A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2.
network
high complexity
qemu redhat debian CWE-763
8.5
8.5
2021-06-02 CVE-2020-35503 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU in versions before and including 6.0.
local
low complexity
qemu fedoraproject CWE-476
2.1
2.1
2021-06-02 CVE-2021-3544 Memory Leak vulnerability in multiple products
Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0.
local
low complexity
qemu debian CWE-401
6.5
6.5
2021-06-02 CVE-2021-3545 Use of Uninitialized Resource vulnerability in multiple products
An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0.
local
low complexity
qemu debian CWE-908
6.5
6.5
2021-06-02 CVE-2021-3546 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0.
local
low complexity
qemu debian CWE-787
8.2
8.2
2021-05-28 CVE-2020-35504 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0.
local
low complexity
qemu fedoraproject debian CWE-476
2.1
2.1
2021-05-28 CVE-2020-35505 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0.
local
low complexity
qemu debian CWE-476
2.1
2.1