Qemu

Qemu

422 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2015-6815

  • EPSS 2.25%
  • Published 31.01.2020 22:15:11
  • Last modified 21.11.2024 02:35:42

The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecifie...

6.5

CVE-2015-5745

Exploit
  • EPSS 1.92%
  • Published 23.01.2020 20:15:12
  • Last modified 21.11.2024 02:33:45

Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.

6.5

CVE-2015-5239

  • EPSS 5.06%
  • Published 23.01.2020 20:15:11
  • Last modified 21.11.2024 02:32:37

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

6.5

CVE-2015-5278

  • EPSS 1.85%
  • Published 23.01.2020 20:15:11
  • Last modified 21.11.2024 02:32:42

The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets.

7.5

CVE-2020-7211

  • EPSS 0.5%
  • Published 21.01.2020 17:15:12
  • Last modified 21.11.2024 05:36:50

tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows.

6.8

CVE-2020-7039

  • EPSS 1.02%
  • Published 16.01.2020 23:15:12
  • Last modified 21.11.2024 05:36:32

tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute ...

7.8

CVE-2013-4532

  • EPSS 0.17%
  • Published 02.01.2020 16:15:11
  • Last modified 21.11.2024 01:55:45

Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.

7.5

CVE-2019-20175

Exploit
  • EPSS 0.54%
  • Published 31.12.2019 04:15:10
  • Last modified 21.11.2024 04:38:09

An issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 through 4.2.0. The guest system can crash the QEMU process in the host system via a special SCSI_IOCTL_SEND_COMMAND. It hits an assertion that implies that the size of successful ...

7.8

CVE-2013-2016

Exploit
  • EPSS 0.07%
  • Published 30.12.2019 22:15:11
  • Last modified 21.11.2024 01:50:52

A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use ...

3.8

CVE-2019-12068

  • EPSS 0.1%
  • Published 24.09.2019 20:15:11
  • Last modified 21.11.2024 04:22:10

In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read ne...