| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-12155 | 5.0 |
interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference.
|
30-12-2020 - 20:15 | 24-05-2019 - 16:29 | |
| CVE-2019-9824 | 2.1 |
tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure.
|
24-08-2020 - 17:37 | 03-06-2019 - 21:29 | |
| CVE-2018-20815 | 7.5 |
In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer overflow risk.
|
02-07-2019 - 23:15 | 31-05-2019 - 22:29 | |
| CVE-2019-5008 | 5.0 |
hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver.
|
14-05-2019 - 20:29 | 19-04-2019 - 19:29 |