Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix xenserver vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2012-4606
Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges.
Citrix Xenserver 4.1
Citrix Xenserver 5.0
Citrix Xenserver 5.5
Citrix Xenserver 5.6
Citrix Xenserver 6.0
7.2
CVSSv2
CVE-2017-12134
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block ...
Xen Xen
Citrix Xenserver 7.0
Citrix Xenserver 6.5
Citrix Xenserver 7.1
Citrix Xenserver 6.2.0
Citrix Xenserver 7.2
Citrix Xenserver 6.0.2
6.1
CVSSv2
CVE-2014-3798
The Windows Guest Tools in Citrix XenServer 6.2 SP1 and previous versions allows remote malicious users to cause a denial of service (guest OS crash) via a crafted Ethernet frame.
Citrix Xenserver 6.2.0
Citrix Xenserver 6.0
Citrix Xenserver 6.0.2
Citrix Xenserver 6.1.0
5.5
CVSSv2
CVE-2017-5572
An issue exists in Linux Foundation xapi in Citrix XenServer up to and including 7.0. An authenticated read-only administrator can corrupt the host database.
Citrix Xenserver 7.0
Citrix Xenserver 6.5
Citrix Xenserver 6.2.0
Citrix Xenserver 6.0.2
4
CVSSv2
CVE-2017-5573
An issue exists in Linux Foundation xapi in Citrix XenServer up to and including 7.0. An authenticated read-only administrator can cancel tasks of other administrators.
Citrix Xenserver 6.5
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
Citrix Xenserver 7.0
4.9
CVSSv2
CVE-2016-10024
Xen up to and including 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations.
Xen Xen
Citrix Xenserver 6.5
Citrix Xenserver 6.2.0
Citrix Xenserver 6.0.2
Citrix Xenserver 7.0
10
CVSSv2
CVE-2018-14007
Citrix XenServer 7.1 and newer allows Directory Traversal.
Citrix Xenserver 7.4
Citrix Xenserver 7.5
Citrix Xenserver 7.1
4.6
CVSSv2
CVE-2017-12135
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
Xen Xen
Citrix Xenserver 7.1
Citrix Xenserver 7.2
Citrix Xenserver 6.0.2
Citrix Xenserver 7.0
Citrix Xenserver 6.2.0
Citrix Xenserver 6.5
Debian Debian Linux 9.0
Debian Debian Linux 8.0
7.2
CVSSv2
CVE-2017-12137
arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
Xen Xen
Citrix Xenserver 6.0.2
Citrix Xenserver 7.2
Citrix Xenserver 6.2.0
Citrix Xenserver 7.0
Citrix Xenserver 6.5
Citrix Xenserver 7.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.9
CVSSv2
CVE-2018-19962
An issue exists in Xen up to and including 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.
Xen Xen
Debian Debian Linux 9.0
Citrix Xenserver 7.0
Citrix Xenserver 7.5
Citrix Xenserver 7.6
Citrix Xenserver 7.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »