Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.0.0 vulnerabilities and exploits
(subscribe to this query)
436
VMScore
CVE-2012-4538
The HVMOP_pagetable_dying hypercall in Xen 4.0, 4.1, and 4.2 does not properly check the pagetable state when running on shadow pagetables, which allows a local HVM guest OS to cause a denial of service (hypervisor crash) via unspecified vectors.
Xen Xen 4.1.0
Xen Xen 4.2.0
Xen Xen 4.0.0
169
VMScore
CVE-2012-2934
Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS users to cause a denial of service (host hang) via sequential execution of instructions across a non-canonica...
Xen Xen 4.0.0
Xen Xen 4.1.0
436
VMScore
CVE-2012-3433
Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of service (domain 0 VCPU hang and kernel panic) by modifying the physical address space in a way that triggers excessive shared page search time during the p2m teardown.
Xen Xen 4.0.0
Xen Xen 4.1.0
187
VMScore
CVE-2012-3494
The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and previous versions, when running on x86-64 systems, allows local OS guest users to cause a denial of service (host crash) by writing to the reserved bits of the DR7 de...
Citrix Xenserver
Xen Xen 4.0.0
Xen Xen 4.1.0
Xen Xen 4.2.0
418
VMScore
CVE-2012-3496
XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and previous versions, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_de...
Xen Xen 4.0.0
Xen Xen 4.1.0
Xen Xen 4.2.0
Citrix Xenserver
543
VMScore
CVE-2012-5634
Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough, does not properly configure VT-d when supporting a device that is behind a legacy PCI Bridge, which allows local guests to cause a denial of service to other guests by injecting an interrupt.
Xen Xen 4.1.3
Xen Xen 4.1.2
Xen Xen 4.2.0
Xen Xen 4.1.4
Xen Xen 4.0.0
Xen Xen 4.2.1
Xen Xen 4.1.1
Xen Xen 4.1.0
187
VMScore
CVE-2012-4539
Xen 4.0 up to and including 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka "Grant table hypercall infin...
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 4.0.1
Xen Xen 4.0.0
Xen Xen 4.1.2
Xen Xen 4.0.4
Xen Xen 4.2.0
Xen Xen 4.1.3
Xen Xen 4.0.3
Xen Xen 4.0.2
418
VMScore
CVE-2012-5510
Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service (hypervisor crash) via unspecified vectors.
Xen Xen 4.1.2
Xen Xen 4.0.4
Xen Xen 4.2.0
Xen Xen 4.1.3
Xen Xen 4.0.3
Xen Xen 4.0.2
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 4.0.1
Xen Xen 4.0.0
418
VMScore
CVE-2012-5511
Stack-based buffer overflow in the dirty video RAM tracking functionality in Xen 3.4 up to and including 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) via a large bitmap image.
Xen Xen 3.4.0
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 3.4.3
Xen Xen 4.1.0
Xen Xen 3.4.4
Xen Xen 4.0.0
169
VMScore
CVE-2012-3432
The handle_mmio function in arch/x86/hvm/io.c in the MMIO operations emulator for Xen 3.3 and 4.x, when running an HVM guest, does not properly reset certain state information between emulation cycles, which allows local guest OS users to cause a denial of service (guest OS crash...
Xen Xen 3.3.0
Xen Xen 4.1.1
Xen Xen 4.0.2
Xen Xen 4.0.1
Xen Xen 4.1.3
Xen Xen 4.1.2
Xen Xen 4.1.0
Xen Xen 4.2.0
Xen Xen 4.0.0
Xen Xen 4.0.4
Xen Xen 4.0.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »