Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.5.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-8341
The libxl toolstack library in Xen 4.1.x up to and including 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows malicious users to cause a denial of service (memory and disk consu...
Xen Xen 4.3.2
Xen Xen 4.6.0
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.3
Xen Xen 4.3.0
Xen Xen 4.1.2
Xen Xen 4.5.2
Xen Xen 4.4.2
Xen Xen 4.4.3
Xen Xen 4.1.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 4.1.6
Xen Xen 4.2.5
Xen Xen 4.1.3
Xen Xen 4.1.6.1
Xen Xen 4.3.4
Xen Xen 4.5.1
Xen Xen 4.2.4
Xen Xen 4.1.4
8.5
CVSSv3
CVE-2016-1570
The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x up to and including 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the...
Xen Xen 4.3.2
Xen Xen 4.6.0
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.3
Xen Xen 3.4.0
Xen Xen 4.3.0
Xen Xen 4.1.2
Xen Xen 4.5.2
Xen Xen 4.4.2
Xen Xen 4.4.3
Xen Xen 4.4.0
Xen Xen 4.1.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 4.1.6
Xen Xen 4.2.5
Xen Xen 4.1.3
Xen Xen 4.1.6.1
Xen Xen 4.3.4
Xen Xen 4.5.1
6.3
CVSSv3
CVE-2016-1571
The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x up to and including 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID...
Citrix Xenserver
Xen Xen 4.3.2
Xen Xen 4.6.0
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.3
Xen Xen 3.4.0
Xen Xen 4.3.0
Xen Xen 3.3.2
Xen Xen 4.1.2
Xen Xen 4.5.2
Xen Xen 4.4.2
Xen Xen 3.4.4
Xen Xen 4.4.3
Xen Xen 4.4.0
Xen Xen 4.1.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 3.4.3
Xen Xen 4.1.6
Xen Xen 4.2.5
4.7
CVSSv3
CVE-2016-4963
The libxl device-handling in Xen up to and including 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore.
Xen Xen 4.3.2
Xen Xen 4.6.0
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.3
Xen Xen 4.3.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 4.1.2
Xen Xen 4.5.2
Xen Xen 4.4.2
Xen Xen 4.4.4
Xen Xen 4.0.0
Xen Xen 4.4.3
Xen Xen 4.4.0
Xen Xen 4.1.1
Xen Xen 4.6.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 4.1.6
Xen Xen 4.5.3
NA
CVE-2015-8339
The memory_exchange function in common/memory.c in Xen 3.2.x up to and including 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain teardown.
Xen Xen 3.2.0
Xen Xen 4.3.2
Xen Xen 4.6.0
Xen Xen 4.1.5
Xen Xen 3.2.1
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.3
Xen Xen 3.4.0
Xen Xen 4.3.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 3.3.2
Xen Xen 4.1.2
Xen Xen 3.2.2
Xen Xen 4.5.2
Xen Xen 4.4.2
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.4.3
Xen Xen 4.1.1
Xen Xen 4.2.0
NA
CVE-2015-8340
The memory_exchange function in common/memory.c in Xen 3.2.x up to and including 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service (deadlock or host crash) via unspecified vectors, related to XENMEM_exchange error handli...
Xen Xen 3.2.0
Xen Xen 4.3.2
Xen Xen 4.6.0
Xen Xen 4.1.5
Xen Xen 3.2.1
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.3
Xen Xen 3.4.0
Xen Xen 4.3.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 3.3.2
Xen Xen 4.1.2
Xen Xen 3.2.2
Xen Xen 4.5.2
Xen Xen 4.4.2
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.4.3
Xen Xen 4.1.1
Xen Xen 4.2.0
5.5
CVSSv3
CVE-2017-14431
Memory leak in Xen 3.3 up to and including 4.8.x allows guest OS users to cause a denial of service (ARM or x86 AMD host OS memory consumption) by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207.
Xen Xen 4.3.2
Xen Xen 4.6.0
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 4.5.5
Xen Xen 4.2.3
Xen Xen 4.3.3
Xen Xen 3.4.0
Xen Xen 4.6.4
Xen Xen 4.3.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 3.3.2
Xen Xen 4.7.1
Xen Xen 4.1.2
Xen Xen 4.5.2
Xen Xen 4.4.2
Xen Xen 4.4.4
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.4.3
Xen Xen 4.4.0
7.8
CVSSv3
CVE-2016-4805
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel prior to 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to...
Novell Suse Linux Enterprise Desktop 12.0
Novell Suse Linux Enterprise Workstation Extension 12.0
Novell Suse Linux Enterprise Module For Public Cloud 12.0
Novell Suse Linux Enterprise Server 11.0
Novell Opensuse Leap 42.1
Novell Suse Linux Enterprise Software Development Kit 11.0
Redhat Enterprise Linux 6.0
Canonical Ubuntu Linux 12.04
Linux Linux Kernel
Novell Suse Linux Enterprise Software Development Kit 12.0
Novell Suse Linux Enterprise Server 12.0
Redhat Enterprise Linux 7.0
Oracle Linux 6
Novell Suse Linux Enterprise Real Time Extension 11.0
Novell Suse Linux Enterprise Real Time Extension 12.0
Novell Suse Linux Enterprise Live Patching 12.0
4.6
CVSSv3
CVE-2016-2187
The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel up to and including 4.5.2 allows physically proximate malicious users to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Linux Linux Kernel
Novell Suse Linux Enterprise Server 11
Novell Suse Linux Enterprise Debuginfo 11
Novell Suse Linux Enterprise Software Development Kit 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2