Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Qemu Subscribe
Filtered by product Qemu
Total 392 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-6227 1 Qemu 1 Qemu 2018-10-15 7.2 HIGH N/A
QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to overwrite the TranslationBlock (code_gen_buffer) buffer, and probably have unspecified other impacts related to an "overflow," via certain Windows executable programs, as demonstrated by qemu-dos.com.
CVE-2017-15038 1 Qemu 1 Qemu 2018-09-07 1.9 LOW 5.6 MEDIUM
Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to reading extended attributes.
CVE-2014-3471 1 Qemu 1 Qemu 2018-01-31 2.1 LOW 5.5 MEDIUM
Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU instance crash) via hotplug and hotunplug operations of Virtio block devices.
CVE-2008-2004 1 Qemu 1 Qemu 2017-09-28 4.9 MEDIUM N/A
The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted.
CVE-2017-8380 1 Qemu 1 Qemu 2017-09-05 7.5 HIGH 9.8 CRITICAL
Buffer overflow in the "megasas_mmio_write" function in Qemu 2.9.0 allows remote attackers to have unspecified impact via unknown vectors.
CVE-2008-5714 1 Qemu 1 Qemu 2017-08-07 7.8 HIGH N/A
Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended.
CVE-2008-4553 2 Debian, Qemu 2 Debian Linux, Qemu 2017-08-07 7.2 HIGH N/A
qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories.
CVE-2015-8556 1 Qemu 1 Qemu 2017-03-27 10.0 HIGH 10.0 CRITICAL
Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.
CVE-2013-4375 2 Qemu, Xen 2 Qemu, Xen 2017-01-06 2.7 LOW N/A
The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors.
CVE-2015-4037 1 Qemu 1 Qemu 2016-12-23 1.9 LOW N/A
The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program.
CVE-2014-5263 1 Qemu 1 Qemu 2014-11-18 6.8 MEDIUM N/A
vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_END_OF_LIST macro, which allows attackers to cause a denial of service (out-of-bounds access, infinite loop, and memory corruption) and possibly gain privileges via unspecified vectors.
CVE-2013-4377 1 Qemu 1 Qemu 2014-03-05 2.3 LOW N/A
Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by "hot-unplugging" a virtio device.