Vulnerabilities > Qemu > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-16 | CVE-2017-9503 | NULL Pointer Dereference vulnerability in multiple products QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing. | 1.9 |
| 2017-04-13 | CVE-2015-8345 | Resource Management Errors vulnerability in multiple products The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. | 2.1 |
| 2017-04-11 | CVE-2015-8613 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command. | 1.9 |
| 2016-12-29 | CVE-2015-8701 | Off-by-one Error vulnerability in Qemu QEMU (aka Quick Emulator) built with the Rocker switch emulation support is vulnerable to an off-by-one error. | 2.1 |
| 2016-12-29 | CVE-2015-8743 | Out-of-bounds Read vulnerability in multiple products QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. | 3.6 |
| 2016-12-29 | CVE-2016-1922 | NULL Pointer Dereference vulnerability in multiple products QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. | 2.1 |
| 2016-12-29 | CVE-2016-2197 | NULL Pointer Dereference vulnerability in Qemu QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw. | 2.1 |
| 2016-12-29 | CVE-2016-2198 | NULL Pointer Dereference vulnerability in multiple products QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. | 2.1 |
| 2016-12-29 | CVE-2016-9776 | Infinite Loop vulnerability in multiple products QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. | 2.1 |
| 2016-12-29 | CVE-2016-9845 | Information Exposure vulnerability in Qemu QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. | 2.1 |