Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix xen vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv2
CVE-2021-3308
An issue exists in Xen 4.12.3 up to and including 4.12.4 and 4.13.1 up to and including 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. S...
Xen Xen 4.12.4
Xen Xen 4.12.3
Xen Xen
Fedoraproject Fedora 32
7.2
CVSSv2
CVE-2017-8903
Xen up to and including 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213.
Xen Xen 4.8.1
Xen Xen 4.8.0
1 Github repository
6.8
CVSSv2
CVE-2017-8904
Xen up to and including 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214.
Xen Xen 4.8.1
Xen Xen 4.8.0
1 Github repository
7.2
CVSSv2
CVE-2017-15592
An issue exists in Xen up to and including 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.
Xen Xen
2.1
CVSSv2
CVE-2020-11742
An issue exists in Xen up to and including 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOP_copy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135...
Xen Xen
Xen Xen 4.13.0
Fedoraproject Fedora 32
2.1
CVSSv2
CVE-2020-11743
An issue exists in Xen up to and including 4.13.x, allowing guest OS users to cause a denial of service because of a bad error path in GNTTABOP_map_grant. Grant table operations are expected to return 0 for success, and a negative number for errors. Some misplaced brackets cause ...
Xen Xen
Xen Xen 4.13.0
Fedoraproject Fedora 32
6.9
CVSSv2
CVE-2021-28705
issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them t...
Xen Xen 4.15.0
Xen Xen 4.15.1
Xen Xen
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 11.0
4.7
CVSSv2
CVE-2016-1571
The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x up to and including 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID...
Citrix Xenserver
Xen Xen 3.4.1
Xen Xen 3.4.0
Xen Xen 4.5.0
Xen Xen 4.4.3
Xen Xen 4.3.3
Xen Xen 4.3.2
Xen Xen 4.2.0
Xen Xen 4.1.6.1
Xen Xen 4.1.0
Xen Xen 3.4.4
Xen Xen 3.4.3
Xen Xen 3.4.2
Xen Xen 4.5.2
Xen Xen 4.5.1
Xen Xen 4.3.4
Xen Xen 4.2.3
Xen Xen 4.2.2
Xen Xen 4.2.1
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 3.3.2
1.5
CVSSv2
CVE-2016-7094
Buffer overflow in Xen 4.7.x and previous versions allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update.
Xen Xen
1 Article
4.9
CVSSv2
CVE-2018-15468
An issue exists in Xen up to and including 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitab...
Xen Xen
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »