| Max CVSS | 6.8 | Min CVSS | 2.7 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-20382 | 2.7 |
QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd.
|
24-01-2023 - 02:11 | 05-03-2020 - 19:15 | |
| CVE-2020-1711 | 6.0 |
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_s
|
05-04-2022 - 14:49 | 11-02-2020 - 20:15 | |
| CVE-2020-8608 | 6.8 |
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
|
14-02-2021 - 03:50 | 06-02-2020 - 17:15 | |
| CVE-2020-7039 | 6.8 |
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute
|
14-02-2021 - 03:50 | 16-01-2020 - 23:15 | |
| CVE-2019-6778 | 4.6 |
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.
|
24-08-2020 - 17:37 | 21-03-2019 - 16:01 | |
| CVE-2019-15034 | 4.4 |
hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space.
|
28-05-2020 - 23:15 | 10-03-2020 - 18:15 |