Max CVSS | 5.0 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-16872 | 3.5 |
A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn't consider that the underlying filesystem may have changed since the t
|
16-05-2023 - 10:48 | 13-12-2018 - 21:29 | |
CVE-2019-3812 | 2.1 |
QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memo
|
12-02-2023 - 23:38 | 19-02-2019 - 14:29 | |
CVE-2019-6778 | 4.6 |
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.
|
24-08-2020 - 17:37 | 21-03-2019 - 16:01 | |
CVE-2018-16867 | 4.4 |
A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, thi
|
14-05-2020 - 15:24 | 12-12-2018 - 13:29 | |
CVE-2018-19489 | 1.9 |
v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.
|
12-05-2020 - 18:28 | 13-12-2018 - 19:29 | |
CVE-2018-20191 | 5.0 |
hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference).
|
12-05-2020 - 18:02 | 20-12-2018 - 23:29 | |
CVE-2018-20124 | 2.1 |
hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.
|
12-05-2020 - 17:58 | 20-12-2018 - 23:29 | |
CVE-2018-20125 | 5.0 |
hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings.
|
12-05-2020 - 17:53 | 20-12-2018 - 21:29 | |
CVE-2018-20126 | 2.1 |
hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled.
|
12-05-2020 - 17:46 | 20-12-2018 - 21:29 | |
CVE-2018-20123 | 2.1 |
pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error.
|
12-05-2020 - 17:45 | 17-12-2018 - 19:29 | |
CVE-2018-20216 | 5.0 |
QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled).
|
12-05-2020 - 17:44 | 20-12-2018 - 21:29 |