Shodan
Vulnerabilities
Vulnerable Software
Qemu:  Security Vulnerabilities
CVE-2017-7718
hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-04-20
CVE-2015-8345
The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.
CVSS Score
6.5
EPSS Score
0.001
Published
2017-04-13
CVE-2015-8567
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
CVSS Score
7.7
EPSS Score
0.048
Published
2017-04-13
CVE-2015-8619
The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash).
CVSS Score
7.5
EPSS Score
0.033
Published
2017-04-13
CVE-2015-8504
Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.
CVSS Score
6.5
EPSS Score
0.041
Published
2017-04-11
CVE-2015-8568
Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly.
CVSS Score
6.5
EPSS Score
0.001
Published
2017-04-11
CVE-2015-8613
Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command.
CVSS Score
6.5
EPSS Score
0.001
Published
2017-04-11
CVE-2015-8666
Heap-based buffer overflow in QEMU, when built with the Q35-chipset-based PC system emulator.
CVSS Score
7.9
EPSS Score
0.001
Published
2017-04-11
CVE-2017-7377
The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid.
CVSS Score
6.0
EPSS Score
0.001
Published
2017-04-10
CVE-2016-9922
The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-03-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved