Vulnerabilities > Qemu > Qemu > 6.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-24 | CVE-2021-4158 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference issue was found in the ACPI code of QEMU. | 6.0 |
| 2022-07-11 | CVE-2022-35414 | Use of Uninitialized Resource vulnerability in multiple products softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash. | 8.8 |
| 2022-05-11 | CVE-2021-3611 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. | 6.5 |
| 2022-05-02 | CVE-2021-3750 | Use After Free vulnerability in multiple products A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. | 8.2 |
| 2022-04-29 | CVE-2021-4206 | Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. | 8.2 |
| 2022-04-29 | CVE-2021-4207 | Classic Buffer Overflow vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. | 8.2 |
| 2022-03-16 | CVE-2021-20257 | Infinite Loop vulnerability in multiple products An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. | 6.5 |
| 2022-03-16 | CVE-2022-26353 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products A flaw was found in the virtio-net device of QEMU. | 7.5 |
| 2022-03-16 | CVE-2022-26354 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products A flaw was found in the vhost-vsock device of QEMU. | 3.2 |
| 2022-02-18 | CVE-2021-3930 | Off-by-one Error vulnerability in multiple products An off-by-one error was found in the SCSI device emulation in QEMU. | 6.5 |