Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix xenserver 6.0.2 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2014-3798
The Windows Guest Tools in Citrix XenServer 6.2 SP1 and previous versions allows remote malicious users to cause a denial of service (guest OS crash) via a crafted Ethernet frame.
Citrix Xenserver 6.0.2
Citrix Xenserver 6.0
Citrix Xenserver 6.2.0
Citrix Xenserver 6.1.0
4.9
CVSSv3
CVE-2017-5573
An issue exists in Linux Foundation xapi in Citrix XenServer up to and including 7.0. An authenticated read-only administrator can cancel tasks of other administrators.
Citrix Xenserver 7.0
Citrix Xenserver 6.5
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
6.5
CVSSv3
CVE-2017-5572
An issue exists in Linux Foundation xapi in Citrix XenServer up to and including 7.0. An authenticated read-only administrator can corrupt the host database.
Citrix Xenserver 7.0
Citrix Xenserver 6.5
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
8.8
CVSSv3
CVE-2017-12134
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block ...
Xen Xen
Citrix Xenserver 7.0
Citrix Xenserver 7.1
Citrix Xenserver 6.5
Citrix Xenserver 6.0.2
Citrix Xenserver 7.2
Citrix Xenserver 6.2.0
6
CVSSv3
CVE-2016-10024
Xen up to and including 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations.
Xen Xen
Citrix Xenserver 7.0
Citrix Xenserver 6.5
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
8.8
CVSSv3
CVE-2017-12137
arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
Xen Xen
Citrix Xenserver 7.0
Citrix Xenserver 7.1
Citrix Xenserver 6.5
Citrix Xenserver 6.0.2
Citrix Xenserver 7.2
Citrix Xenserver 6.2.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2017-12135
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
Xen Xen
Citrix Xenserver 7.0
Citrix Xenserver 7.1
Citrix Xenserver 6.5
Citrix Xenserver 6.0.2
Citrix Xenserver 7.2
Citrix Xenserver 6.2.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.2
CVSSv3
CVE-2016-6259
Xen 4.5.x up to and including 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.
Xen Xen 4.6.0
Xen Xen 4.7.0
Xen Xen 4.6.3
Xen Xen 4.5.2
Xen Xen 4.6.1
Xen Xen 4.5.3
Xen Xen 4.5.1
Xen Xen 4.5.0
Citrix Xenserver 6.5.0
Citrix Xenserver 7.0
Citrix Xenserver 6.0.2
Citrix Xenserver 6.0
Citrix Xenserver 6.2.0
Citrix Xenserver 6.1
5.5
CVSSv3
CVE-2016-10025
VMFUNC emulation in Xen 4.6.x up to and including 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check.
Xen Xen 4.6.0
Xen Xen 4.7.0
Xen Xen 4.6.4
Xen Xen 4.6.3
Xen Xen 4.7.1
Xen Xen 4.6.1
Xen Xen 4.8.0
Citrix Xenserver 7.0
Citrix Xenserver 6.5
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
NA
CVE-2012-3495
The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and previous versions uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to ...
Xen Xen 4.1.2
Citrix Xenserver 5.5
Citrix Xenserver
Citrix Xenserver 6.0
Xen Xen 4.1.1
Xen Xen 4.1.0
Citrix Xenserver 5.6
Xen Xen 4.1.3
Citrix Xenserver 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »