Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.3.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-8339
The memory_exchange function in common/memory.c in Xen 3.2.x up to and including 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain teardown.
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 3.2.2
Xen Xen 3.2.3
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.2.5
Xen Xen 4.3.0
Xen Xen 4.4.2
Xen Xen 4.4.3
Xen Xen 3.4.2
Xen Xen 3.4.3
Xen Xen 3.2.1
Xen Xen 3.2.0
Xen Xen 4.1.6
Xen Xen 4.1.6.1
Xen Xen 4.3.1
Xen Xen 4.3.2
Xen Xen 4.5.0
Xen Xen 4.5.1
Xen Xen 4.0.3
Xen Xen 4.0.4
5.5
CVSSv3
CVE-2017-14431
Memory leak in Xen 3.3 up to and including 4.8.x allows guest OS users to cause a denial of service (ARM or x86 AMD host OS memory consumption) by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207.
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.2.5
Xen Xen 4.3.0
Xen Xen 4.4.1
Xen Xen 4.4.2
Xen Xen 4.5.5
Xen Xen 4.6.0
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.1.6
Xen Xen 4.1.6.1
Xen Xen 4.3.1
Xen Xen 4.3.2
Xen Xen 4.4.3
4.4
CVSSv3
CVE-2015-8552
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x up to and including 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a s...
Xen Xen 4.3.3
Xen Xen 4.3.2
Xen Xen 4.2.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 4.0.4
Xen Xen 3.4.2
Xen Xen 3.4.1
Xen Xen 3.2.1
Xen Xen 3.2.0
Xen Xen 4.3.1
Xen Xen 4.3.0
Xen Xen 4.1.6.1
Xen Xen 4.1.6
Xen Xen 4.0.3
Xen Xen 4.0.2
Xen Xen 3.4.0
Xen Xen 3.3.2
Xen Xen 3.1.4
Xen Xen 3.1.3
Xen Xen 4.2.5
Xen Xen 4.2.4
NA
CVE-2015-3340
Xen 4.2.x up to and including 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.3.3
Xen Xen 4.3.4
Xen Xen 4.5.0
Xen Xen 4.2.3
Xen Xen 4.2.4
Xen Xen 4.4.0
Xen Xen 4.2.0
Xen Xen 4.3.1
Xen Xen 4.3.2
Xen Xen 4.4.2
Xen Xen 4.4.1
Xen Xen 4.2.5
Xen Xen 4.3.0
Suse Suse Linux Enterprise Server 11.0
Suse Suse Linux Enterprise Software Development Kit 11.0
Suse Suse Linux Enterprise Desktop 11.0
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3