Vulnerabilities > Qemu > Medium

DATE CVE VULNERABILITY TITLE RISK
2014-04-18 CVE-2014-0150 Numeric Errors vulnerability in multiple products
Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.
4.9
2012-06-21 CVE-2011-0011 Improper Authentication vulnerability in Qemu
qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions.
high complexity
qemu CWE-287
4.3
2008-12-24 CVE-2008-2382 Resource Management Errors vulnerability in multiple products
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
network
low complexity
qemu kvm-qumranet CWE-399
5.0
2008-05-12 CVE-2008-2004 Information Exposure vulnerability in Qemu 0.9.1
The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted.
local
low complexity
qemu CWE-200
4.9
2008-03-03 CVE-2008-0928 Permissions, Privileges, and Access Controls vulnerability in Qemu
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.
local
qemu CWE-264
4.7