All 77 CVE vulnerabilities found in QEMU, with AI-generated Chinese analysis, references, and POCs.
This page aggregates known security weaknesses for the QEMU virtualization product under the Common Weakness Enumeration classification. It serves as a centralized reference point for developers, security researchers, and system administrators seeking to understand the historical and current threat landscape associated with this open-source emulator. The content compiled here encompasses a broad spectrum of vulnerability types, including buffer overflows, race conditions, input validation errors, and improper privilege management issues identified in various QEMU releases. The time range covered spans from the early inception of the project through to recent developments, ensuring that both legacy concerns and modern security challenges are documented. This extensive timeline allows for a comprehensive analysis of how the codebase has evolved in response to discovered flaws. Readers can utilize this resource to track vendor advisories issued by the QEMU maintainers and upstream contributors, providing context on how specific issues were addressed. The page facilitates the understanding of specific weakness classes within the context of virtualization software, helping users identify patterns in recurring bugs. Additionally, it offers a detailed look up of the product's vulnerability history, enabling stakeholders to assess risk profiles over time and make informed decisions regarding patch management and security hardening. This structured approach supports better integration of security best practices into deployment pipelines and auditing processes.
Vendor: qemu
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-10717 | QEMU 资源管理错误漏洞 CWE-770 | 3.3 | Low | 2020-05-04 |
| CVE-2020-1711 | QEMU iSCSI Block驱动程序缓冲区错误漏洞 CWE-122 | 7.7 | High | 2020-02-11 |
| CVE-2013-4535 | QEMU 输入验证错误漏洞 | 8.8 | - | 2020-02-11 |
| CVE-2014-0148 | QEMU 安全漏洞 | 5.5 | - | 2020-02-11 |
| CVE-2014-0147 | QEMU 输入验证错误漏洞 | 6.2 | - | 2020-02-11 |
| CVE-2015-6815 | QEMU 安全漏洞 | 4.3 | - | 2020-01-31 |
| CVE-2015-5239 | QEMU 跨站请求伪造漏洞 | 4.9 | - | 2020-01-23 |
| CVE-2015-5278 | QEMU 安全漏洞 | 6.5 | - | 2020-01-23 |
| CVE-2015-5745 | QEMU 缓冲区错误漏洞 | 6.5 | - | 2020-01-23 |
| CVE-2013-4532 | QEMU 缓冲区错误漏洞 | 6.7 | - | 2020-01-02 |
| CVE-2019-3812 | QEMU 缓冲区错误漏洞 CWE-119 | 5.5 | - | 2019-02-19 |
| CVE-2017-15118 | QEMU 缓冲区错误漏洞 CWE-121 | 9.8 | - | 2018-07-27 |
| CVE-2017-15119 | QEMU 安全漏洞 CWE-400 | 7.5 | - | 2018-07-27 |
| CVE-2017-7539 | QEMU 输入验证错误漏洞 CWE-617 | 7.5 | - | 2018-07-26 |
| CVE-2016-9602 | QEMU 权限许可和访问控制漏洞 CWE-59 | 8.8 | - | 2018-04-26 |
| CVE-2017-15124 | QEMU 输入验证错误漏洞 CWE-770 | 7.5 | - | 2018-01-09 |
| CVE-2017-7493 | QEMU 访问控制错误漏洞 | 7.8 | - | 2017-05-17 |
All 77 known CVE vulnerabilities affecting QEMU with full Chinese analysis, references, and POCs where available.