| Max CVSS | 7.8 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-7550 | 4.6 |
The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or
|
30-01-2024 - 22:15 | 01-03-2018 - 17:29 | |
| CVE-2017-15124 | 7.8 |
VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VN
|
12-02-2023 - 23:28 | 09-01-2018 - 21:29 | |
| CVE-2017-5715 | 1.9 |
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
|
16-08-2021 - 09:15 | 04-01-2018 - 13:29 | |
| CVE-2017-15289 | 2.1 |
The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation.
|
10-11-2020 - 18:53 | 16-10-2017 - 18:29 | |
| CVE-2017-17381 | 2.1 |
The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings.
|
10-11-2020 - 18:19 | 07-12-2017 - 02:29 | |
| CVE-2017-16845 | 6.4 |
hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.
|
10-09-2020 - 17:42 | 17-11-2017 - 20:29 | |
| CVE-2018-5683 | 2.1 |
The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.
|
14-05-2020 - 14:14 | 23-01-2018 - 18:29 | |
| CVE-2017-15119 | 5.0 |
The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB per request. A client
|
09-10-2019 - 23:24 | 27-07-2018 - 16:29 | |
| CVE-2017-15268 | 5.0 |
Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c.
|
03-10-2019 - 00:03 | 12-10-2017 - 15:29 | |
| CVE-2017-18043 | 2.1 |
Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash).
|
07-03-2019 - 15:01 | 31-01-2018 - 20:29 | |
| CVE-2017-15038 | 1.9 |
Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to reading extended attributes.
|
07-09-2018 - 10:29 | 10-10-2017 - 01:30 |