qemu-kvm-common (AlmaLinux:10) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:10 package qemu-kvm-common, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2024-11697 — CVSS 8.8 (high): When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation…
CVE-2024-11699 — CVSS 8.8 (high): Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory…
CVE-2025-11234 — CVSS 7.5 (high): A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This…
CVE-2024-11694 — CVSS 6.1 (medium): Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google…
CVE-2024-11696 — CVSS 5.4 (medium): The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This…
CVE-2024-11695 — CVSS 5.4 (medium): A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential…
CVE-2024-11692 — CVSS 4.3 (medium): An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing…