Vulnerabilities > Qemu > Critical

DATE CVE VULNERABILITY TITLE RISK
2016-10-05 CVE-2016-7161 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet.
network
low complexity
qemu debian CWE-787
critical
9.8
2016-01-08 CVE-2015-7512 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet.
network
high complexity
qemu redhat debian oracle CWE-120
critical
9.0
2009-10-23 CVE-2009-3616 Use After Free vulnerability in multiple products
Multiple use-after-free vulnerabilities in vnc.c in the VNC server in QEMU 0.10.6 and earlier might allow guest OS users to execute arbitrary code on the host OS by establishing a connection from a VNC client and then (1) disconnecting during data transfer, (2) sending a message using incorrect integer data types, or (3) using the Fuzzy Screen Mode protocol, related to double free vulnerabilities.
network
low complexity
qemu redhat CWE-416
critical
9.9