Browse all 4 CVE security advisories affecting The QEMU Project. AI-powered Chinese analysis, POCs, and references for each vulnerability.
QEMU is an open-source machine emulator and virtualizer primarily used for running operating systems and applications in virtual environments. Historically, QEMU has been vulnerable to classes including remote code execution, privilege escalation, and denial-of-service, often through flaws in device emulation or virtual hardware. The project maintains a security-focused development model, though it has faced notable incidents like the 2019 "virtio-fs" vulnerability (CVE-2019-3886) that allowed privilege escalation, and the 2022 "e1000" flaw (CVE-2022-3160) enabling denial-of-service. With four current CVEs, QEMU continues to address security challenges in its complex emulation codebase while supporting diverse virtualization use cases from development to cloud infrastructure.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-10702 | QEMU 安全漏洞 — qemuCWE-325 | 5.5 | Medium | 2020-06-04 |
| CVE-2020-10717 | QEMU 资源管理错误漏洞 — QEMUCWE-770 | 3.3 | Low | 2020-05-04 |
| CVE-2019-3812 | QEMU 缓冲区错误漏洞 — qemuCWE-119 | 5.5 | - | 2019-02-19 |
| CVE-2018-10839 | QEMU 输入验证错误漏洞 — Qemu-kvmCWE-121 | 5.5 | - | 2018-10-16 |
This page lists every published CVE security advisory associated with The QEMU Project. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.