Max CVSS | 6.5 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-5126 | 4.6 |
Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.
|
12-02-2023 - 23:23 | 01-06-2016 - 22:59 | |
CVE-2019-13164 | 4.6 |
qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.
|
06-10-2022 - 19:51 | 03-07-2019 - 14:15 | |
CVE-2016-5403 | 4.9 |
The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.
|
04-08-2021 - 17:15 | 02-08-2016 - 16:59 | |
CVE-2019-12155 | 5.0 |
interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference.
|
30-12-2020 - 20:15 | 24-05-2019 - 16:29 | |
CVE-2017-9375 | 1.9 |
QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving control transfer descriptors sequencing.
|
10-11-2020 - 17:47 | 16-06-2017 - 22:29 | |
CVE-2019-14378 | 6.5 |
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
|
24-08-2020 - 17:37 | 29-07-2019 - 11:15 | |
CVE-2019-12068 | 2.1 |
In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read ne
|
26-07-2020 - 14:15 | 24-09-2019 - 20:15 | |
CVE-2019-15890 | 5.0 |
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
|
20-09-2019 - 11:15 | 06-09-2019 - 17:15 |