Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 3.3.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-1917
Xen 3.1 up to and including 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not properly handl...
Xen Xen 3.1.4
Xen Xen 3.1.3
Xen Xen 3.3.0
Xen Xen 3.4.3
Xen Xen 4.0.2
Xen Xen 4.0.1
Xen Xen 4.1.2
Xen Xen 4.2.2
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.4
Xen Xen 4.0.3
Xen Xen 4.2.0
Xen Xen 4.1.3
Xen Xen 3.2.3
Xen Xen 3.2.1
Xen Xen 3.4.4
Xen Xen 3.4.1
Xen Xen 4.0.0
Xen Xen 4.1.4
Xen Xen 3.2.2
Xen Xen 3.2.0
NA
CVE-2012-5513
The XENMEM_exchange handler in Xen 4.2 and previous versions does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor ...
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.0.4
Xen Xen 3.4.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 3.3.2
Xen Xen 4.1.2
Xen Xen 3.2.2
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 3.4.3
Xen Xen 3.0.3
Xen Xen 4.1.3
Xen Xen 3.2.3
Xen Xen
Xen Xen 3.3.1
Xen Xen 3.0.2
Xen Xen 3.4.2
Xen Xen 3.4.1
NA
CVE-2012-5514
The guest_physmap_mark_populate_on_demand function in Xen 4.2 and previous versions does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vectors.
Xen Xen
Xen Xen 4.0.2
Xen Xen 4.0.1
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 3.0.4
Xen Xen 3.0.3
Xen Xen 4.0.4
Xen Xen 4.0.3
Xen Xen 3.4.2
Xen Xen 3.4.0
Xen Xen 3.2.0
Xen Xen 3.1.4
Xen Xen 3.1.3
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 4.0.0
Xen Xen 3.4.3
Xen Xen 3.3.2
Xen Xen 3.2.3
Xen Xen 3.0.2
Xen Xen 4.1.3
NA
CVE-2012-5515
The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and previous versions allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value.
Xen Xen 4.1.2
Xen Xen 4.0.4
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 3.2.0
Xen Xen 3.1.4
Xen Xen 4.1.0
Xen Xen 4.1.3
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 3.2.2
Xen Xen 3.2.1
Xen Xen 4.0.3
Xen Xen 4.0.2
Xen Xen 3.4.0
Xen Xen 3.3.0
Xen Xen 3.1.3
Xen Xen 3.0.4
Xen Xen
Xen Xen 4.1.1
Xen Xen 4.0.1
Xen Xen 4.0.0
NA
CVE-2013-1920
Xen 4.2.x, 4.1.x, and previous versions, when the hypervisor is running "under memory pressure" and the Xen Security Module (XSM) is enabled, uses the wrong ordering of operations when extending the per-domain event channel tracking table, which causes a use-after-free ...
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 3.3.1
Xen Xen 3.2.3
Xen Xen 3.1.3
Xen Xen 3.0.2
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.0.3
Xen Xen 4.0.2
Xen Xen 3.2.2
Xen Xen 3.1.4
Xen Xen 4.1.4
Xen Xen 4.1.3
Xen Xen 4.0.1
Xen Xen 4.0.0
Xen Xen 3.2.0
Xen Xen 3.0.4
Xen Xen 3.4.2
Xen Xen 3.4.0
Xen Xen 3.4.4
Xen Xen 3.4.1
NA
CVE-2015-4104
Xen 3.3.x up to and including 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors.
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.5
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.3.4
Xen Xen 4.4.0
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.3.1
NA
CVE-2010-3699
The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, ...
Citrix Xen 3.3.0
Citrix Xen 3.0.2
Citrix Xen 3.2.3
Citrix Xen 3.3.1
Citrix Xen 3.0.4
Citrix Xen 3.1.3
Citrix Xen 3.3.2
Citrix Xen 3.4.0
Citrix Xen 3.0.3
Citrix Xen 3.2.1
Citrix Xen 3.2.2
Citrix Xen 3.4.3
Citrix Xen 3.1.4
Citrix Xen 3.2.0
Citrix Xen 3.4.1
Citrix Xen 3.4.2
NA
CVE-2015-4103
Xen 3.3.x up to and including 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and accessing spanning mult...
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.5
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.3.4
Xen Xen 4.4.0
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.4.1
Xen Xen 4.5.0
Xen Xen 3.3.0
Xen Xen 3.4.4
Xen Xen 4.0.1
Xen Xen 4.1.3
Xen Xen 4.1.4
NA
CVE-2015-4105
Xen 3.3.x up to and including 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations.
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.4.0
Xen Xen 4.4.1
Xen Xen 3.3.0
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.5
Xen Xen 4.1.6.1
NA
CVE-2015-2150
Xen 3.3.x up to and including 4.5.x and the Linux kernel up to and including 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or...
Ubuntu Ubuntu 12.04
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 3.4.0
Xen Xen 4.3.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 3.3.2
Xen Xen 4.1.2
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.4.0
Xen Xen 4.1.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 3.4.3
Xen Xen 4.4.1
Xen Xen 4.1.3
Xen Xen 4.1.6.1
Xen Xen 3.3.1
Xen Xen 3.4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »