Vulnerabilities > Qemu > Low

DATE CVE VULNERABILITY TITLE RISK
2021-01-26 CVE-2020-29443 Out-of-bounds Read vulnerability in multiple products
ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.
local
high complexity
qemu debian CWE-125
3.9
2020-12-31 CVE-2020-11947 Out-of-bounds Read vulnerability in Qemu 4.1.0
iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.
local
low complexity
qemu CWE-125
3.8
2020-12-02 CVE-2020-25723 Reachable Assertion vulnerability in multiple products
A reachable assertion issue was found in the USB EHCI emulation code of QEMU.
local
low complexity
qemu debian CWE-617
3.2
2020-10-16 CVE-2020-24352 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qemu
An issue was discovered in QEMU through 5.1.0.
local
low complexity
qemu CWE-119
2.1
2020-10-06 CVE-2020-25742 NULL Pointer Dereference vulnerability in Qemu
pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer.
local
low complexity
qemu CWE-476
2.1
2020-10-06 CVE-2020-25743 NULL Pointer Dereference vulnerability in multiple products
hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.
local
low complexity
qemu redhat CWE-476
2.1
2020-10-02 CVE-2020-25741 NULL Pointer Dereference vulnerability in Qemu 5.0.0
fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive.
local
low complexity
qemu CWE-476
2.1
2020-09-25 CVE-2020-25084 Use After Free vulnerability in multiple products
QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked.
local
low complexity
qemu debian CWE-416
2.1
2020-08-31 CVE-2020-12829 Integer Overflow or Wraparound vulnerability in multiple products
In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation.
local
low complexity
qemu canonical debian CWE-190
2.1
2020-08-27 CVE-2020-14415 Divide By Zero vulnerability in multiple products
oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position.
local
low complexity
qemu canonical CWE-369
3.3