Vulnerabilities > Qemu > High

DATE CVE VULNERABILITY TITLE RISK
2021-08-05 CVE-2021-3682 Release of Invalid Pointer or Reference vulnerability in multiple products
A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2.
network
high complexity
qemu redhat debian CWE-763
8.5
2021-06-02 CVE-2021-3546 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0.
local
low complexity
qemu debian CWE-787
8.2
2021-05-28 CVE-2013-4536 Improper Privilege Management vulnerability in Qemu
An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.
local
low complexity
qemu CWE-269
7.8
2021-05-13 CVE-2021-20181 Race Condition vulnerability in multiple products
A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0.
local
high complexity
qemu debian CWE-362
7.5
2021-01-28 CVE-2020-35517 Improper Privilege Management vulnerability in Qemu
A flaw was found in qemu.
local
low complexity
qemu CWE-269
8.2
2020-02-11 CVE-2013-4535 Improper Input Validation vulnerability in multiple products
The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read.
local
low complexity
qemu redhat CWE-20
8.8
2019-12-31 CVE-2019-20175 Improper Check for Unusual or Exceptional Conditions vulnerability in Qemu
An issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 through 4.2.0.
network
low complexity
qemu CWE-754
7.5
2019-07-03 CVE-2019-13164 qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.
local
low complexity
qemu debian opensuse canonical
7.8
2019-05-24 CVE-2019-12155 NULL Pointer Dereference vulnerability in Qemu 4.0.0
interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference.
network
low complexity
qemu CWE-476
7.5
2019-05-22 CVE-2019-12247 Integer Overflow or Wraparound vulnerability in Qemu 3.0.0
QEMU 3.0.0 has an Integer Overflow because the qga/commands*.c files do not check the length of the argument list or the number of environment variables.
network
low complexity
qemu CWE-190
7.5