Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.5.2 vulnerabilities and exploits
(subscribe to this query)
8.6
CVSSv3
CVE-2015-8555
Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and previous versions do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vect...
Citrix Xenserver 6.0
Xen Xen 4.4.3
Xen Xen 4.4.2
Xen Xen 4.6.0
Xen Xen 4.3.4
Xen Xen 4.3.3
Xen Xen 4.4.1
Xen Xen 4.4.0
Xen Xen 4.3.2
Xen Xen 4.3.1
Xen Xen 4.5.3
Xen Xen 4.5.2
Xen Xen 4.3.0
Xen Xen 4.4.4
Xen Xen 4.5.1
Xen Xen 4.5.0
Xen Xen 4.6.1
8.5
CVSSv3
CVE-2016-1570
The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x up to and including 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the...
Xen Xen 4.5.1
Xen Xen 4.5.0
Xen Xen 4.3.3
Xen Xen 4.3.2
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.1.6.1
Xen Xen 4.1.0
Xen Xen 3.4.1
Xen Xen 4.6.0
Xen Xen 4.5.2
Xen Xen 4.3.4
Xen Xen 4.2.2
Xen Xen 4.2.1
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 4.4.3
Xen Xen 4.4.2
Xen Xen 4.3.0
Xen Xen 4.2.5
Xen Xen 4.1.6
Xen Xen 4.1.5
7.8
CVSSv3
CVE-2016-4805
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel prior to 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to...
Novell Suse Linux Enterprise Desktop 12.0
Novell Suse Linux Enterprise Workstation Extension 12.0
Novell Suse Linux Enterprise Module For Public Cloud 12.0
Novell Suse Linux Enterprise Server 11.0
Novell Opensuse Leap 42.1
Novell Suse Linux Enterprise Software Development Kit 11.0
Redhat Enterprise Linux 6.0
Canonical Ubuntu Linux 12.04
Linux Linux Kernel
Novell Suse Linux Enterprise Software Development Kit 12.0
Novell Suse Linux Enterprise Server 12.0
Redhat Enterprise Linux 7.0
Oracle Linux 6
Novell Suse Linux Enterprise Real Time Extension 11.0
Novell Suse Linux Enterprise Real Time Extension 12.0
Novell Suse Linux Enterprise Live Patching 12.0
7.5
CVSSv3
CVE-2017-10916
The vCPU context-switch implementation in Xen up to and including 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220.
Xen Xen 4.6.0
Xen Xen 4.6.1
Xen Xen 4.5.3
Xen Xen 4.5.5
Xen Xen 4.8.1
Xen Xen 4.5.0
Xen Xen 4.6.2
Xen Xen 4.6.4
Xen Xen 4.6.5
Xen Xen 4.5.1
Xen Xen 4.5.2
Xen Xen 4.7.1
Xen Xen 4.8.0
6.7
CVSSv3
CVE-2016-4962
The libxl device-handling in Xen 4.6.x and previous versions allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore.
Oracle Vm Server 3.4
Oracle Vm Server 3.3
Xen Xen 4.4.4
Xen Xen 4.5.3
Xen Xen 4.5.2
Xen Xen 4.4.0
Xen Xen 4.4.3
Xen Xen 4.3.2
Xen Xen 4.3.1
Xen Xen 4.6.1
Xen Xen 4.6.0
Xen Xen 4.4.2
Xen Xen 4.4.1
Xen Xen 4.3.0
Xen Xen 4.5.1
Xen Xen 4.5.0
Xen Xen 4.3.4
Xen Xen 4.3.3
6.5
CVSSv3
CVE-2017-15591
An issue exists in Xen 4.5.x up to and including 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unmap implementation.
Xen Xen 4.6.1
Xen Xen 4.6.3
Xen Xen 4.7.3
Xen Xen 4.8.0
Xen Xen 4.5.2
Xen Xen 4.5.3
Xen Xen 4.6.6
Xen Xen 4.7.0
Xen Xen 4.5.0
Xen Xen 4.5.1
Xen Xen 4.6.4
Xen Xen 4.6.5
Xen Xen 4.8.1
Xen Xen 4.9.0
Xen Xen 4.5.5
Xen Xen 4.6.0
Xen Xen 4.7.1
Xen Xen 4.7.2
6.5
CVSSv3
CVE-2017-14318
An issue exists in Xen 4.5.x up to and including 4.9.x. The function `__gnttab_cache_flush` handles GNTTABOP_cache_flush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table i...
Xen Xen 4.5.0
Xen Xen 4.6.3
Xen Xen 4.6.4
Xen Xen 4.8.0
Xen Xen 4.8.1
Xen Xen 4.6.0
Xen Xen 4.6.1
Xen Xen 4.7.2
Xen Xen 4.7.3
Xen Xen 4.5.3
Xen Xen 4.5.5
Xen Xen 4.7.0
Xen Xen 4.7.1
Xen Xen 4.5.1
Xen Xen 4.5.2
Xen Xen 4.6.5
Xen Xen 4.6.6
Xen Xen 4.9.0
6.5
CVSSv3
CVE-2017-12855
Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some circumstances...
Xen Xen 4.8.0
Xen Xen 4.7.0
Xen Xen 4.5.3
Xen Xen 4.5.5
Xen Xen 4.7.2
Xen Xen 4.7.3
Xen Xen 4.6.0
Xen Xen 4.6.1
Xen Xen 4.7.1
Xen Xen 4.6.6
Xen Xen 4.6.3
Xen Xen 4.6.4
Xen Xen 4.5.0
Xen Xen 4.9.0
Xen Xen 4.8.1
Xen Xen 4.5.1
Xen Xen 4.5.2
Xen Xen 4.6.5
6.3
CVSSv3
CVE-2016-1571
The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x up to and including 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID...
Citrix Xenserver
Xen Xen 3.4.1
Xen Xen 3.4.0
Xen Xen 4.5.0
Xen Xen 4.4.3
Xen Xen 4.3.3
Xen Xen 4.3.2
Xen Xen 4.2.0
Xen Xen 4.1.6.1
Xen Xen 4.1.0
Xen Xen 3.4.4
Xen Xen 3.4.3
Xen Xen 3.4.2
Xen Xen 4.5.2
Xen Xen 4.5.1
Xen Xen 4.3.4
Xen Xen 4.2.3
Xen Xen 4.2.2
Xen Xen 4.2.1
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 3.3.2
6.2
CVSSv3
CVE-2016-6259
Xen 4.5.x up to and including 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.
Xen Xen 4.7.0
Xen Xen 4.6.3
Xen Xen 4.5.0
Xen Xen 4.5.1
Xen Xen 4.6.1
Xen Xen 4.5.3
Xen Xen 4.6.0
Xen Xen 4.5.2
Citrix Xenserver 6.2.0
Citrix Xenserver 7.0
Citrix Xenserver 6.5.0
Citrix Xenserver 6.0.2
Citrix Xenserver 6.0
Citrix Xenserver 6.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »