Vulnerabilities > Qemu > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-19 | CVE-2024-8354 | Reachable Assertion vulnerability in multiple products A flaw was found in QEMU. | 5.5 |
| 2024-07-05 | CVE-2024-6505 | Out-of-bounds Read vulnerability in multiple products A flaw was found in the virtio-net device in QEMU. | 6.8 |
| 2024-04-10 | CVE-2024-3567 | Reachable Assertion vulnerability in multiple products A flaw was found in QEMU. | 5.5 |
| 2024-01-12 | CVE-2023-6683 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. | 6.5 |
| 2024-01-02 | CVE-2023-6693 | Out-of-bounds Write vulnerability in multiple products A stack based buffer overflow was found in the virtio-net device of QEMU. | 5.3 |
| 2023-09-13 | CVE-2023-3255 | Infinite Loop vulnerability in multiple products A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. | 6.5 |
| 2023-09-13 | CVE-2023-3301 | Race Condition vulnerability in multiple products A flaw was found in QEMU. | 5.6 |
| 2023-09-11 | CVE-2023-42467 | Divide By Zero vulnerability in Qemu QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. | 5.5 |
| 2023-08-14 | CVE-2023-40360 | NULL Pointer Dereference vulnerability in Qemu QEMU through 8.0.4 accesses a NULL pointer in nvme_directive_receive in hw/nvme/ctrl.c because there is no check for whether an endurance group is configured before checking whether Flexible Data Placement is enabled. | 5.5 |
| 2023-08-04 | CVE-2023-4135 | Out-of-bounds Read vulnerability in multiple products A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. | 6.5 |