High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-11-02	CVE-2018-16847	Out-of-bounds Write vulnerability in multiple products An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. local low complexity qemu canonical CWE-787	7.8
2018-10-09	CVE-2018-17962	Integer Overflow or Wraparound vulnerability in multiple products Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. network low complexity qemu suse debian canonical redhat oracle CWE-190	7.5
2018-10-09	CVE-2018-17958	Integer Overflow or Wraparound vulnerability in multiple products Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. network low complexity qemu canonical debian redhat CWE-190	7.5
2018-07-27	CVE-2017-2630	Stack-based Buffer Overflow vulnerability in Qemu A stack buffer overflow flaw was found in the Quick Emulator (QEMU) before 2.9 built with the Network Block Device (NBD) client support. network low complexity qemu CWE-121	8.8
2018-07-27	CVE-2017-15119	Resource Exhaustion vulnerability in multiple products The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. network low complexity qemu canonical debian redhat CWE-400	8.6
2018-07-26	CVE-2017-7539	Reachable Assertion vulnerability in multiple products An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. network low complexity qemu redhat CWE-617	7.5
2018-06-21	CVE-2018-12617	Integer Overflow or Wraparound vulnerability in multiple products qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. network low complexity qemu canonical debian CWE-190	7.5
2018-06-13	CVE-2018-11806	Out-of-bounds Write vulnerability in multiple products m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. local low complexity qemu canonical redhat debian CWE-787	8.2
2018-04-26	CVE-2016-9602	Link Following vulnerability in multiple products Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. network low complexity qemu debian CWE-59	8.8
2018-03-01	CVE-2018-7550	Out-of-bounds Write vulnerability in multiple products The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access. local low complexity qemu debian canonical redhat CWE-787	8.8