CVEs (419)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
3Opensuse QemuRedhat4Leap OpenstackQemu+1 moreMay 6, 2026 Dec 10, 2016 N/A· v4 6.0 MEDIUM· v3 2.1 LOW· v2 The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descr...Show more |
The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure t...Show more |
3Debian OpensuseQemu3Debian Linux LeapQemuMay 6, 2026 Dec 10, 2016 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to c...Show more |
The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 functions in hw/scsi/mptconfig.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via ve...Show more |
The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging an incorrect...Show more |
hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds access or infinite loop, and QEMU process crash) via a crafted page count for descriptor...Show more |
Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to access host files outside the export path via a .. (dot dot) in an unspecified string. |
3Debian QemuRedhat4Debian Linux OpenstackQemu+1 moreMay 6, 2026 Dec 10, 2016 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation co...Show more |
The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcq_descr ob...Show more |
3Debian QemuRedhat3Debian Linux QemuVirtualizationMay 6, 2026 Dec 10, 2016 N/A· v4 6.0 MEDIUM· v3 2.1 LOW· v2 The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP heade...Show more |
The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length f...Show more |
Use-after-free vulnerability in the vmxnet3_io_bar0_write function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU instance crash) by leveraging fa...Show more |
The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the descri...Show more |
The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop, and CPU consumption or QEMU process crash) via vectors...Show more |
3Debian OpensuseQemu3Debian Linux LeapQemuMay 6, 2026 Dec 9, 2016 N/A· v4 6.0 MEDIUM· v3 2.1 LOW· v2 Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector. |
3Debian OpensuseQemu3Debian Linux LeapQemuMay 6, 2026 Dec 9, 2016 N/A· v4 6.0 MEDIUM· v3 2.1 LOW· v2 Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fi...Show more |
3Debian OpensuseQemu3Debian Linux LeapQemuMay 6, 2026 Dec 9, 2016 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash)...Show more |
The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host heap memory information by reading xattribute values before writing to them. |
Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) via a large number o...Show more |
3Debian OpensuseQemu3Debian Linux LeapQemuMay 6, 2026 Dec 9, 2016 N/A· v4 6.0 MEDIUM· v3 2.1 LOW· v2 Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC...Show more |