Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.3.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-4163
GNTTABOP_swap_grant_ref in Xen 4.2 up to and including 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hypercall without a GNTTABOP_setup_table or GNTTABOP_set_version.
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.4.0
Xen Xen 4.4.1
Xen Xen 4.3.4
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.5.0
8.6
CVSSv3
CVE-2015-8555
Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and previous versions do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vect...
Citrix Xenserver 6.0
Xen Xen 4.4.3
Xen Xen 4.4.2
Xen Xen 4.6.0
Xen Xen 4.3.4
Xen Xen 4.3.3
Xen Xen 4.4.1
Xen Xen 4.4.0
Xen Xen 4.3.2
Xen Xen 4.3.1
Xen Xen 4.5.3
Xen Xen 4.5.2
Xen Xen 4.3.0
Xen Xen 4.4.4
Xen Xen 4.5.1
Xen Xen 4.5.0
Xen Xen 4.6.1
NA
CVE-2015-3259
Stack-based buffer overflow in the xl command line utility in Xen 4.1.x up to and including 4.5.x allows local guest administrators to gain privileges via a long configuration argument.
Xen Xen 4.4.0
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.3.1
Xen Xen 4.3.4
Xen Xen 4.5.0
Xen Xen 4.4.2
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.4.1
Xen Xen 4.1.0
Xen Xen 4.2.1
Xen Xen 4.2.2
6.7
CVSSv3
CVE-2016-4962
The libxl device-handling in Xen 4.6.x and previous versions allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore.
Oracle Vm Server 3.4
Oracle Vm Server 3.3
Xen Xen 4.4.4
Xen Xen 4.5.3
Xen Xen 4.5.2
Xen Xen 4.4.0
Xen Xen 4.4.3
Xen Xen 4.3.2
Xen Xen 4.3.1
Xen Xen 4.6.1
Xen Xen 4.6.0
Xen Xen 4.4.2
Xen Xen 4.4.1
Xen Xen 4.3.0
Xen Xen 4.5.1
Xen Xen 4.5.0
Xen Xen 4.3.4
Xen Xen 4.3.3
NA
CVE-2015-7311
libxl in Xen 4.1.x up to and including 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image.
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.2.5
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.5.0
Xen Xen 4.5.1
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.3.4
Xen Xen 4.4.0
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.3.2
Xen Xen 4.3.3
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.2.3
Xen Xen 4.2.4
Xen Xen 4.4.1
NA
CVE-2015-7969
Multiple memory leaks in Xen 4.0 up to and including 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of "teardowns" of domains with the vcpu pointer array allocated using the ...
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.3.2
Xen Xen 4.3.4
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.4.0
Xen Xen 4.4.1
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.5.0
Xen Xen 4.5.1
Xen Xen 4.0.0
Xen Xen 4.1.2
Xen Xen 4.1.3
NA
CVE-2015-8341
The libxl toolstack library in Xen 4.1.x up to and including 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows malicious users to cause a denial of service (memory and disk consu...
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.2.0
Xen Xen 4.2.3
Xen Xen 4.3.4
Xen Xen 4.4.0
Xen Xen 4.6.0
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.2.4
Xen Xen 4.2.5
Xen Xen 4.4.1
Xen Xen 4.4.2
Xen Xen 4.1.0
Xen Xen 4.1.6.1
Xen Xen 4.2.2
Xen Xen 4.2.1
Xen Xen 4.3.2
Xen Xen 4.3.3
Xen Xen 4.5.1
Xen Xen 4.5.2
Xen Xen 4.1.5
8.5
CVSSv3
CVE-2016-1570
The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x up to and including 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the...
Xen Xen 4.5.1
Xen Xen 4.5.0
Xen Xen 4.3.3
Xen Xen 4.3.2
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.1.6.1
Xen Xen 4.1.0
Xen Xen 3.4.1
Xen Xen 4.6.0
Xen Xen 4.5.2
Xen Xen 4.3.4
Xen Xen 4.2.2
Xen Xen 4.2.1
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 4.4.3
Xen Xen 4.4.2
Xen Xen 4.3.0
Xen Xen 4.2.5
Xen Xen 4.1.6
Xen Xen 4.1.5
NA
CVE-2015-4104
Xen 3.3.x up to and including 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors.
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.5
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.3.4
Xen Xen 4.4.0
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.3.1
NA
CVE-2015-7972
The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x up to and including 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allows local HVM g...
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.4.1
Xen Xen 4.5.0
Xen Xen 3.4.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.3.4
Xen Xen 4.4.0
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.2.3
Xen Xen 4.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »