Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.2.1 vulnerabilities and exploits
(subscribe to this query)
418
VMScore
CVE-2013-1918
Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and previous versions are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to "deep page table traversal."
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 4.1.3
Xen Xen 4.1.2
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.2.0
436
VMScore
CVE-2015-4163
GNTTABOP_swap_grant_ref in Xen 4.2 up to and including 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hypercall without a GNTTABOP_setup_table or GNTTABOP_set_version.
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.4.0
Xen Xen 4.4.1
Xen Xen 4.3.4
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.5.0
490
VMScore
CVE-2014-3967
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.
Xen Xen 4.2.3
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.2.0
Xen Xen 4.4.0
Opensuse Opensuse 13.1
Opensuse Opensuse 12.3
Xen Xen 4.3.0
Xen Xen 4.3.1
490
VMScore
CVE-2014-3968
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged.
Xen Xen 4.3.1
Xen Xen 4.3.0
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.2.0
Xen Xen 4.2.1
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Xen Xen 4.4.0
418
VMScore
CVE-2014-5149
Certain MMU virtualization operations in Xen 4.2.x up to and including 4.4.x, when using shadow pagetables, are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Xen Xen 4.2.2
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.4.0
Xen Xen 4.3.0
Xen Xen 4.2.3
418
VMScore
CVE-2014-5146
Certain MMU virtualization operations in Xen 4.2.x up to and including 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging (HAP), are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, whic...
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Xen Xen 4.3.0
Xen Xen 4.2.3
Xen Xen 4.3.1
Xen Xen 4.4.0
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.2.2
418
VMScore
CVE-2013-2078
Xen 4.0.2 up to and including 4.0.4, 4.1.x, and 4.2.x allows local PV guest users to cause a denial of service (hypervisor crash) via certain bit combinations to the XSETBV instruction.
Xen Xen 4.2.0
Xen Xen 4.1.5
Xen Xen 4.0.3
Xen Xen 4.0.2
Xen Xen 4.2.2
Xen Xen 4.1.4
Xen Xen 4.1.3
Xen Xen 4.2.1
Xen Xen 4.1.0
Xen Xen 4.0.4
Xen Xen 4.1.2
Xen Xen 4.1.1
409
VMScore
CVE-2014-1950
Use-after-free vulnerability in the xc_cpupool_getinfo function in Xen 4.1.x up to and including 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xc_cpumap_alloc function, which allows local users with access to management functions to cause ...
Xen Xen 4.1.5
Xen Xen 4.1.6.1
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.2.1
463
VMScore
CVE-2013-4416
The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply.
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.1.4
Xen Xen 4.1.5
169
VMScore
CVE-2013-1952
Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, does not properly check the source when accessing a bridge device's interrupt remapping table entries for MSI interrupts, which allows local guest domains to cause a denial of service (interrupt injection...
Xen Xen 4.1.1
Xen Xen 4.0.2
Xen Xen 4.0.1
Xen Xen 4.1.0
Xen Xen 4.2.0
Xen Xen 4.0.0
Xen Xen 4.1.4
Xen Xen 4.2.1
Xen Xen 4.1.3
Xen Xen 4.1.2
Xen Xen 4.2.2
Xen Xen 4.0.4
Xen Xen 4.0.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »