Vulnerabilities > Qemu > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-29 | CVE-2022-0358 | Improper Check for Dropped Privileges vulnerability in multiple products A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. | 7.8 |
| 2022-08-25 | CVE-2021-3929 | Use After Free vulnerability in multiple products A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. | 8.2 |
| 2022-07-11 | CVE-2022-35414 | Use of Uninitialized Resource vulnerability in multiple products softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash. | 8.8 |
| 2022-05-02 | CVE-2021-3750 | Use After Free vulnerability in multiple products A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. | 8.2 |
| 2022-04-29 | CVE-2021-4206 | Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. | 8.2 |
| 2022-04-29 | CVE-2021-4207 | Classic Buffer Overflow vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. | 8.2 |
| 2022-03-29 | CVE-2022-1050 | Use After Free vulnerability in Qemu A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. | 8.8 |
| 2022-03-23 | CVE-2021-3748 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in the virtio-net device of QEMU. | 7.5 |
| 2022-03-16 | CVE-2022-26353 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products A flaw was found in the virtio-net device of QEMU. | 7.5 |
| 2021-08-25 | CVE-2021-3713 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device emulation of QEMU in versions prior to 6.2.0-rc0. | 7.4 |