Qemu Security Vulnerabilities (CVEs)
Track 17 security vulnerabilities affecting Qemu products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability in QEMU's PCIe Single Root I/O Virtualization (SR-IOV) implementation allows attackers with guest VM access to potentially manipula...
Jul 25, 2025A heap buffer overflow vulnerability in QEMU's virtio-snd device allows attackers to write beyond allocated memory boundaries when processing audio in...
Nov 14, 2024A use-after-free vulnerability in QEMU's LSI53C895A SCSI Host Bus Adapter emulation allows attackers to cause a denial of service or potentially escap...
Oct 21, 2024A vulnerability in QEMU's USB endpoint handling allows unprivileged guest users to trigger an assertion failure, crashing the QEMU process on the host...
Sep 19, 2024A heap overflow vulnerability in QEMU's virtio-net device allows privileged guest users to crash the host QEMU process by manipulating RSS indirection...
Jul 5, 2024This CVE describes an integer underflow and buffer overflow vulnerability in QEMU's SCSI emulation (esp.c). Attackers can exploit this to execute arbi...
Feb 20, 2024CVE-2023-2680 is a use-after-free vulnerability in qemu-kvm virtualization software that occurs due to an incomplete fix for CVE-2021-3750. This allow...
Sep 13, 2023This CVE describes a vulnerability in QEMU's hardware emulation where a malformed program executed in a guest OS could crash the host QEMU process and...
Aug 22, 2023This vulnerability allows a local unprivileged user on Windows systems running QEMU Guest Agent to manipulate the installer's repair custom actions, l...
Mar 29, 2023This vulnerability in QEMU's VMWare paravirtual RDMA device allows a malicious guest VM driver to allocate excessive page tables, potentially causing ...
Mar 23, 2023CVE-2022-35414 is an uninitialized read vulnerability in QEMU's memory management component that can lead to crashes when handling I/O operations. Thi...
Jul 11, 2022A DMA reentrancy vulnerability in QEMU's USB EHCI controller emulation allows malicious guests to write crafted data to controller registers during pa...
May 2, 2022This vulnerability in QEMU's QXL display device emulation allows a malicious privileged guest user to trigger an integer overflow and subsequent heap ...
Apr 29, 2022A memory leak vulnerability in QEMU's virtio-net device occurs when cached virtqueue elements aren't unmapped during error conditions. This flaw affec...
Mar 16, 2022This vulnerability allows a malicious guest user in QEMU virtual machines to perform out-of-bounds writes in the UAS device emulation, potentially lea...
Aug 25, 2021This vulnerability in QEMU's USB redirector device emulation allows a malicious SPICE client to trigger a heap corruption when packet queues fill duri...
Aug 5, 2021This vulnerability allows a privileged guest user in QEMU virtual machines to trigger an out-of-bounds write in the virtio vhost-user GPU device. It c...
Jun 2, 2021Why Monitor Qemu Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 17+ known vulnerabilities affecting Qemu products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Qemu packages in under 60 seconds. No agents required - completely agentless scanning that works across Qemu deployments.
Free vulnerability database: Access detailed information about every Qemu CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Qemu CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
