Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 3.2.2 vulnerabilities and exploits
(subscribe to this query)
6.9
CVSSv2
CVE-2012-5513
The XENMEM_exchange handler in Xen 4.2 and previous versions does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor ...
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.0.4
Xen Xen 3.4.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 3.3.2
Xen Xen 4.1.2
Xen Xen 3.2.2
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 3.4.3
Xen Xen 3.0.3
Xen Xen 4.1.3
Xen Xen 3.2.3
Xen Xen
Xen Xen 3.3.1
Xen Xen 3.0.2
Xen Xen 3.4.2
Xen Xen 3.4.1
4.7
CVSSv2
CVE-2012-5514
The guest_physmap_mark_populate_on_demand function in Xen 4.2 and previous versions does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vectors.
Xen Xen
Xen Xen 4.0.2
Xen Xen 4.0.1
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 3.0.4
Xen Xen 3.0.3
Xen Xen 4.0.4
Xen Xen 4.0.3
Xen Xen 3.4.2
Xen Xen 3.4.0
Xen Xen 3.2.0
Xen Xen 3.1.4
Xen Xen 3.1.3
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 4.0.0
Xen Xen 3.4.3
Xen Xen 3.3.2
Xen Xen 3.2.3
Xen Xen 3.0.2
Xen Xen 4.1.3
4.7
CVSSv2
CVE-2012-5515
The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and previous versions allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value.
Xen Xen 4.1.2
Xen Xen 4.0.4
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 3.2.0
Xen Xen 3.1.4
Xen Xen 4.1.0
Xen Xen 4.1.3
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 3.2.2
Xen Xen 3.2.1
Xen Xen 4.0.3
Xen Xen 4.0.2
Xen Xen 3.4.0
Xen Xen 3.3.0
Xen Xen 3.1.3
Xen Xen 3.0.4
Xen Xen
Xen Xen 4.1.1
Xen Xen 4.0.1
Xen Xen 4.0.0
4.4
CVSSv2
CVE-2013-1920
Xen 4.2.x, 4.1.x, and previous versions, when the hypervisor is running "under memory pressure" and the Xen Security Module (XSM) is enabled, uses the wrong ordering of operations when extending the per-domain event channel tracking table, which causes a use-after-free ...
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 3.3.1
Xen Xen 3.2.3
Xen Xen 3.1.3
Xen Xen 3.0.2
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.0.3
Xen Xen 4.0.2
Xen Xen 3.2.2
Xen Xen 3.1.4
Xen Xen 4.1.4
Xen Xen 4.1.3
Xen Xen 4.0.1
Xen Xen 4.0.0
Xen Xen 3.2.0
Xen Xen 3.0.4
Xen Xen 3.4.2
Xen Xen 3.4.0
Xen Xen 3.4.4
Xen Xen 3.4.1
2.7
CVSSv2
CVE-2010-3699
The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, ...
Citrix Xen 3.3.0
Citrix Xen 3.0.2
Citrix Xen 3.2.3
Citrix Xen 3.3.1
Citrix Xen 3.0.4
Citrix Xen 3.1.3
Citrix Xen 3.3.2
Citrix Xen 3.4.0
Citrix Xen 3.0.3
Citrix Xen 3.2.1
Citrix Xen 3.2.2
Citrix Xen 3.4.3
Citrix Xen 3.1.4
Citrix Xen 3.2.0
Citrix Xen 3.4.1
Citrix Xen 3.4.2
2.1
CVSSv2
CVE-2015-2044
The emulation routines for unspecified X86 devices in Xen 3.2.x up to and including 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size.
Xen Xen 4.4.0
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.4.1
Xen Xen 4.5.0
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.2.2
Xen Xen 3.4.2
Xen Xen 3.4.3
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.1
2.1
CVSSv2
CVE-2015-7971
Xen 3.2.x up to and including 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, which are not properl...
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.3.2
Xen Xen 4.3.4
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.4.0
Xen Xen 4.4.1
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.2.2
Xen Xen 3.4.2
Xen Xen 3.4.3
1.9
CVSSv2
CVE-2014-8595
arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 up to and including 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service (crash) via a crafted (1) CALL, (2) JMP, (3) RETF, (4) LCALL, (5) LJMP, or (6) LRET far...
Debian Debian Linux 7.0
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.5
Xen Xen 4.1.6.1
Xen Xen 4.4.0
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 3.2.3
Xen Xen 3.3.0
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.3.0
4.9
CVSSv2
CVE-2015-4164
The compat_iret function in Xen 3.1 up to and including 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via a hypercall_iret call with EFLAGS.VM set.
Xen Xen 3.1.3
Xen Xen 3.1.4
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.4.0
Xen Xen 3.2.2
Xen Xen 3.2.3
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.0.4
6.1
CVSSv2
CVE-2010-4255
The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and previous versions on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial ...
Citrix Xen 3.1.3
Citrix Xen 3.1.4
Citrix Xen 3.2.2
Citrix Xen 3.3.2
Citrix Xen 3.0.2
Citrix Xen 3.0.4
Citrix Xen 3.3.1
Citrix Xen 3.4.1
Citrix Xen 3.2.0
Citrix Xen 3.2.1
Citrix Xen 3.1.2
Citrix Xen 3.2.3
Citrix Xen 3.4.2
Citrix Xen 4.0.0
Citrix Xen
Citrix Xen 3.0.3
Citrix Xen 3.3.0
Citrix Xen 3.4.0
Citrix Xen 3.4.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »