CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 6 days ago•14 views

CVE-2026-3195

CVE-2026-3195 : In QEMU’s virtio-snd, the heap buffer overflow occurs in the input callback (virtio_snd_pcm_in_cb) due to an incomplete bounds/iov check. The Attackerkb entry reiterates that the function does not verify whether the iov can fit the data buffer, enabling a heap out-of-bounds write....

Cvelist•added 6 days ago•29 views

CVE-2026-3195 Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb (incomplete fix for cve-2024-7730)

7.4CVSS0.00112EPSS

ATTACKERKB•added 6 days ago•6 views

CVE-2026-3195

Exploits0References3Affected Software6

CVE•added 6 days ago•41 views

CVE-2026-3196

CVE-2026-3196 describes an integer overflow in the virtio-snd device triggered by PCM_INFO requests from a guest, causing unbounded host memory allocation and potential denial-of-service. Documented in multiple feeds (CVE listing, AttackersKB, OSV/Nessus advisories) indicates the vulnerability af...

Debian CVE•added 6 days ago•4 views

CVE-2026-3196

An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...

Tenable Nessus•added 2026/06/14 12:0 a.m.•5 views

Exploits0

SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2026:2385-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2385-1 advisory. - CVE-2026-2243: incorrect bounds check leads to heap out-of-bounds read and a 12-byte information leak when...

7.4CVSS7.4AI score0.00114EPSS

Exploits1References14

SUSE Linux•added 2026/06/12 1:54 p.m.•14 views

Security update for qemu

This update for qemu fixes the following issues: CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. CVE-2026-2243: incorrect bounds check leads to heap...

8.8CVSS6.7AI score0.00143EPSS

Exploits1References26

OSV•added 2026/06/12 1:54 p.m.•4 views

SUSE-SU-2026:2386-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. - CVE-2026-2243: incorrect bounds check leads to hea...

7.4CVSS6.7AI score0.00143EPSS

Exploits1References14

OSV•added 2026/05/28 2:52 p.m.•4 views

SUSE-SU-2026:21912-1 Security update for qemu

This update for qemu fixes the following issues - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. - CVE-2026-2243: incorrect bounds check leads to heap...

7.4CVSS6.9AI score0.00143EPSS

Exploits1References13

OSV•added 2026/04/20 10:24 a.m.•5 views

SUSE-SU-2026:21354-1 Security update for qemu

This update for qemu fixes the following issues: Update to version 10.0.9. Security issues fixed: - CVE-2026-3196: unbounded memory allocation and host denial-of-service via PCMINFO requests sent from the guest bsc1259079. - CVE-2026-3195: heap out-of-bounds write when reading input audio in the...

7.4CVSS7.5AI score0.00114EPSS

Exploits1References7

OSV•added 2026/04/20 10:24 a.m.•3 views

OPENSUSE-SU-2026:20567-1 Security update for qemu

7.4CVSS6AI score0.00114EPSS

Exploits1References6

Tenable Nessus•added 2026/04/13 12:0 a.m.•12 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : QEMU vulnerabilities (USN-8161-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8161-1 advisory. It was discovered that the LSI53C895A SCSI Host Bus Adapter implementation of QEMU incorrectly handled memory. An attacker inside the...

8.2CVSS8.5AI score0.0025EPSS

Exploits1References6

OSV•added 2026/04/11 2:3 p.m.•3 views

OESA-2026-1847 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer,...

OSV•added 2026/04/11 2:3 p.m.•4 views

OESA-2026-1846 qemu security update

OSV•added 2026/04/11 2:3 p.m.•2 views

OESA-2026-1845 qemu security update

OSV•added 2026/04/09 2:22 p.m.•4 views

USN-8161-1 qemu vulnerabilities

It was discovered that the LSI53C895A SCSI Host Bus Adapter implementation of QEMU incorrectly handled memory. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2024-6519 It was discovered...

8.2CVSS6.1AI score0.0025EPSS

Exploits1References6

OSV•added 2026/03/03 12:0 a.m.•2 views

UBUNTU-CVE-2026-3196

RedhatCVE•added 2026/03/02 5:13 p.m.•5 views

Exploits0References4

CVE-2026-3196

Tenable Nessus•added 2026/01/22 12:0 a.m.•5 views

Azure Linux 3.0 Security Update: qemu (CVE-2024-7730)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7730 advisory. - A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio- snd...

7.8CVSS5.9AI score0.00273EPSS