qemu

419 tracked vulnerabilities.

CVE-2025-54567 MEDIUM
QEMU < 10.0.3 - Incorrect VF Enable Bit Write Mask Handling
Jul 25, 2025
CVSS 4.2
EPSS 0.00
CVE-2025-54566 MEDIUM
QEMU < 10.0.3 - Migration State Inconsistency in PCIe SRIOV
Jul 25, 2025
CVSS 4.2
EPSS 0.00
CVE-2024-7730 HIGH
QEMU < 9.1.0 - Heap-based Buffer Overflow in virtio-snd Input Callback
Nov 14, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-3447 MEDIUM
QEMU - Heap-based Buffer Overflow in SDHCI Device Emulation
Nov 14, 2024
CVSS 6.0
EPSS 0.00
CVE-2024-6519 HIGH
QEMU - Use-After-Free in LSI53C895A SCSI Host Bus Adapter Emulation
Oct 21, 2024
CVSS 8.2
EPSS 0.00
CVE-2024-8354 MEDIUM
QEMU - Denial of Service via USB Endpoint Assertion Failure
Sep 19, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-6505 MEDIUM
QEMU - Out-of-bounds Read in virtio-net RSS indirections_table
Jul 05, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-3567 MEDIUM
QEMU 8.1.0-8.2.3 - Denial of Service via SCTP Checksum Calculation
Apr 10, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-24474 HIGH
qemu < 8.2.0 - Integer Underflow and Buffer Overflow via TI Command in ESP DMA Transfer
Feb 20, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-26328 MEDIUM
QEMU 7.1.0-8.2.1 - Out-of-bounds Write in PCIe SRIOV Implementation
Feb 19, 2024
CVSS 6.0
EPSS 0.00
CVE-2024-26327 MEDIUM
QEMU 7.1.0-8.2.1 - Heap-based Buffer Overflow via PCIe SRIOV NumVFs Write
Feb 19, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-6683 MEDIUM
QEMU 6.1.0-8.2.1 - Authenticated Denial of Service via VNC ClientCutText Message
Jan 12, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-6693 MEDIUM
QEMU < 8.2.1 - Stack-based Buffer Overflow in virtio-net TX Flush
Jan 02, 2024
CVSS 4.9
EPSS 0.00
CVE-2023-2861 MEDIUM
qemu < 8.1.0 - Improper Access Control via 9pfs Special File Handling
Dec 06, 2023
CVSS 6.0
EPSS 0.00
CVE-2023-5088 MEDIUM
QEMU < 8.2.0 - Arbitrary Disk Offset Overwrite via Guest I/O Operation
Nov 03, 2023
CVSS 6.4
EPSS 0.00
CVE-2023-3301 MEDIUM
QEMU < 8.0.3 - Denial of Service via Hot-Unplug Race Condition
Sep 13, 2023
CVSS 5.6
EPSS 0.00
CVE-2023-3255 MEDIUM
QEMU < 8.0.3 - Authenticated Denial of Service via VNC ClientCutText Message Handling
Sep 13, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-2680 HIGH
qemu-kvm <RHSA-2022:7967 - Privilege Escalation
Sep 13, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-42467 MEDIUM
QEMU < 8.0.0 - Denial of Service via Division by Zero in SCSI Disk Reset
Sep 11, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-40360 MEDIUM
QEMU 8.0.0-8.0.4 - NULL Pointer Dereference in NVMe Directive Receive
Aug 14, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-4135 MEDIUM
QEMU 8.0.0-8.0.x - Heap Out-of-bounds Read in Virtual NVMe Device
Aug 04, 2023
CVSS 6.0
EPSS 0.00
CVE-2023-3180 MEDIUM
QEMU < 8.1.0 - Heap-based Buffer Overflow in virtio_crypto_sym_op_helper
Aug 03, 2023
CVSS 6.0
EPSS 0.00
CVE-2023-3019 MEDIUM
QEMU < 8.2.0 - Use-After-Free in e1000e NIC Emulation
Jul 24, 2023
CVSS 6.0
EPSS 0.00
CVE-2023-1386 LOW
QEMU - Improper Preservation of Permissions in 9p Passthrough Filesystem
Jul 24, 2023
CVSS 3.3
EPSS 0.00
CVE-2023-3354 HIGH
QEMU < 8.1.0 - Unauthenticated Denial of Service via VNC Server Connection Cleanup
Jul 11, 2023
CVSS 7.5
EPSS 0.00
Products
qemu 419
Quick Filters
Critical CVEs With Exploits In CISA KEV