Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-42334
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly...
Xen Xen
Debian Debian Linux 11.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
5.5
CVSSv3
CVE-2022-42331
x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be att...
Xen Xen
Fedoraproject Fedora 37
Fedoraproject Fedora 38
8.8
CVSSv3
CVE-2023-24763
In the module "Xen Forum" (xenforum) for PrestaShop, an authenticated user can perform SQL injection in versions up to 2.13.0.
Prestashop Xen Forum
4.7
CVSSv3
CVE-2022-27672
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.
Amd Athlon X4 750 Firmware -
Amd Athlon X4 760k Firmware -
Amd Athlon X4 830 Firmware -
Amd Athlon X4 840 Firmware -
Amd Athlon X4 860k Firmware -
Amd Athlon X4 870k Firmware -
Amd Athlon X4 880k Firmware -
Amd Athlon X4 835 Firmware -
Amd Athlon X4 845 Firmware -
Amd Athlon X4 940 Firmware -
Amd Athlon X4 950 Firmware -
Amd Athlon X4 970 Firmware -
Amd Ryzen Threadripper Pro 5995wx Firmware -
Amd Ryzen Threadripper Pro 5975w Firmware -
Amd Ryzen Threadripper Pro 5965wx Firmware -
Amd Ryzen Threadripper Pro 5955wx Firmware -
Amd Ryzen Threadripper Pro 5945wx Firmware -
Amd Ryzen Threadripper 2990wx Firmware -
Amd Ryzen Threadripper 2970wx Firmware -
Amd Ryzen Threadripper 2950x Firmware -
Amd Ryzen Threadripper 2920x Firmware -
Amd Ryzen Threadripper 3960x Firmware -
1 Article
7.5
CVSSv3
CVE-2022-42330
Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" (e.g. for performing a kexec) the libxl based Xen toolstack will normally perform a XS_RELEASE Xenstore operation. Due to a bug in xenstored this can result in a crash of xenstored. Any ot...
Xen Xen 4.17.0
NA
CVE-2022-23816
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.
1 Article
7.8
CVSSv3
CVE-2022-4378
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Linux Linux Kernel
5.5
CVSSv3
CVE-2022-42328
Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free...
Linux Linux Kernel
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2022-42329
Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free...
Linux Linux Kernel
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2022-3643
Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an (unwritten?) assumption in the rest of the Linux networ...
Linux Linux Kernel
Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »