Shodan
Vulnerabilities
Vulnerable Software
Qemu:  Security Vulnerabilities
CVE-2019-5008
hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver.
CVSS Score
7.5
EPSS Score
0.012
Published
2019-04-19
CVE-2019-8934
hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest.
CVSS Score
3.3
EPSS Score
0.001
Published
2019-03-21
CVE-2019-6778
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-03-21
CVE-2019-6501
In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allows out-of-bounds write and read operations.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-03-21
CVE-2018-18849
In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.
CVSS Score
5.5
EPSS Score
0.0
Published
2019-03-21
CVE-2019-3812
QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host.
CVSS Score
4.4
EPSS Score
0.001
Published
2019-02-19
CVE-2018-20124
hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.
CVSS Score
5.5
EPSS Score
0.002
Published
2018-12-20
CVE-2018-20191
hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference).
CVSS Score
7.5
EPSS Score
0.016
Published
2018-12-20
CVE-2018-20216
QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled).
CVSS Score
7.5
EPSS Score
0.028
Published
2018-12-20
CVE-2018-20125
hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings.
CVSS Score
7.5
EPSS Score
0.017
Published
2018-12-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved