Vulnerabilities > Qemu > High

DATE CVE VULNERABILITY TITLE RISK
2018-11-02 CVE-2018-16847 Out-of-bounds Write vulnerability in multiple products
An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU.
local
low complexity
qemu canonical CWE-787
7.8
2018-10-09 CVE-2018-17962 Integer Overflow or Wraparound vulnerability in multiple products
Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.
network
low complexity
qemu suse debian canonical redhat oracle CWE-190
7.5
2018-10-09 CVE-2018-17958 Integer Overflow or Wraparound vulnerability in multiple products
Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.
network
low complexity
qemu canonical debian redhat CWE-190
7.5
2018-07-27 CVE-2017-2630 Stack-based Buffer Overflow vulnerability in Qemu
A stack buffer overflow flaw was found in the Quick Emulator (QEMU) before 2.9 built with the Network Block Device (NBD) client support.
network
low complexity
qemu CWE-121
8.8
2018-07-27 CVE-2017-15119 Resource Exhaustion vulnerability in multiple products
The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue.
network
low complexity
qemu canonical debian redhat CWE-400
8.6
2018-07-26 CVE-2017-7539 Reachable Assertion vulnerability in multiple products
An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined.
network
low complexity
qemu redhat CWE-617
7.5
2018-06-21 CVE-2018-12617 Integer Overflow or Wraparound vulnerability in multiple products
qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk.
network
low complexity
qemu canonical debian CWE-190
7.5
2018-06-13 CVE-2018-11806 Out-of-bounds Write vulnerability in multiple products
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
local
low complexity
qemu canonical redhat debian CWE-787
8.2
2018-04-26 CVE-2016-9602 Link Following vulnerability in multiple products
Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS.
network
low complexity
qemu debian CWE-59
8.8
2018-03-01 CVE-2018-7550 Out-of-bounds Write vulnerability in multiple products
The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access.
local
low complexity
qemu debian canonical redhat CWE-787
8.8