Vulnerabilities > Qemu > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-09-19 CVE-2024-8354 Reachable Assertion vulnerability in multiple products
A flaw was found in QEMU.
local
low complexity
redhat qemu CWE-617
5.5
2024-07-05 CVE-2024-6505 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the virtio-net device in QEMU.
network
low complexity
qemu redhat CWE-125
6.8
2024-04-10 CVE-2024-3567 Reachable Assertion vulnerability in multiple products
A flaw was found in QEMU.
local
low complexity
qemu redhat CWE-617
5.5
2024-01-12 CVE-2023-6683 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages.
network
low complexity
qemu redhat CWE-476
6.5
2024-01-02 CVE-2023-6693 Out-of-bounds Write vulnerability in multiple products
A stack based buffer overflow was found in the virtio-net device of QEMU.
local
low complexity
qemu redhat fedoraproject CWE-787
5.3
2023-09-13 CVE-2023-3255 Infinite Loop vulnerability in multiple products
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages.
network
low complexity
qemu redhat fedoraproject CWE-835
6.5
2023-09-13 CVE-2023-3301 Race Condition vulnerability in multiple products
A flaw was found in QEMU.
local
high complexity
qemu redhat CWE-362
5.6
2023-09-11 CVE-2023-42467 Divide By Zero vulnerability in Qemu
QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256.
local
low complexity
qemu CWE-369
5.5
2023-08-14 CVE-2023-40360 NULL Pointer Dereference vulnerability in Qemu
QEMU through 8.0.4 accesses a NULL pointer in nvme_directive_receive in hw/nvme/ctrl.c because there is no check for whether an endurance group is configured before checking whether Flexible Data Placement is enabled.
local
low complexity
qemu CWE-476
5.5
2023-08-04 CVE-2023-4135 Out-of-bounds Read vulnerability in multiple products
A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU.
local
low complexity
qemu fedoraproject CWE-125
6.5