Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen - vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-2124
An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.
Linux Linux Kernel
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Netapp H300s Firmware -
Netapp H410c Firmware -
Netapp H410s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
7.8
CVSSv3
CVE-2022-42335
x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for ...
Xen Xen 4.17.0
Fedoraproject Fedora 38
7.8
CVSSv3
CVE-2023-2007
The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in t...
Linux Linux Kernel
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Netapp Solidfire \\& Hci Management Node -
7.8
CVSSv3
CVE-2022-42332
x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tab...
Xen Xen
Debian Debian Linux 11.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
7.8
CVSSv3
CVE-2022-4378
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Linux Linux Kernel
7.8
CVSSv3
CVE-2022-45934
An issue exists in the Linux kernel up to and including 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.
Linux Linux Kernel
Fedoraproject Fedora 37
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2022-39189
An issue exists the x86 KVM subsystem in the Linux kernel prior to 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.
Linux Linux Kernel
Netapp Hci Baseboard Management Controller H300s
Netapp Hci Baseboard Management Controller H500s
Netapp Hci Baseboard Management Controller H700s
Netapp Hci Baseboard Management Controller H410s
Netapp Hci Baseboard Management Controller H410c
7.8
CVSSv3
CVE-2022-36123
The Linux kernel prior to 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.
Linux Linux Kernel
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
7.8
CVSSv3
CVE-2022-33743
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.
Xen Xen -
Linux Linux Kernel
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2022-34918
An issue exists in the Linux kernel up to and including 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local malicious user to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root ac...
Linux Linux Kernel
Debian Debian Linux 11.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 22.04
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
10 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »