Max CVSS | 7.8 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-15124 | 7.8 |
VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VN
|
12-02-2023 - 23:28 | 09-01-2018 - 21:29 | |
CVE-2019-20382 | 2.7 |
QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd.
|
24-01-2023 - 02:11 | 05-03-2020 - 19:15 | |
CVE-2020-14364 | 4.4 |
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_tok
|
16-11-2022 - 14:06 | 31-08-2020 - 18:15 | |
CVE-2018-11806 | 7.2 |
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
|
04-08-2021 - 17:15 | 13-06-2018 - 16:29 | |
CVE-2020-8608 | 6.8 |
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
|
14-02-2021 - 03:50 | 06-02-2020 - 17:15 | |
CVE-2020-7039 | 6.8 |
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute
|
14-02-2021 - 03:50 | 16-01-2020 - 23:15 | |
CVE-2020-14364 | 4.4 |
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_tok
|
30-09-2020 - 18:15 | 31-08-2020 - 18:15 | |
CVE-2019-14378 | 6.5 |
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
|
24-08-2020 - 17:37 | 29-07-2019 - 11:15 | |
CVE-2019-6501 | 2.1 |
In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allows out-of-bounds write and read operations.
|
06-08-2019 - 17:15 | 21-03-2019 - 16:01 | |
CVE-2018-20815 | 7.5 |
In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer overflow risk.
|
02-07-2019 - 23:15 | 31-05-2019 - 22:29 |