Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix xen vulnerabilities and exploits
(subscribe to this query)
436
VMScore
CVE-2021-3308
An issue exists in Xen 4.12.3 up to and including 4.12.4 and 4.13.1 up to and including 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. S...
Xen Xen 4.12.4
Xen Xen 4.12.3
Xen Xen
Fedoraproject Fedora 32
641
VMScore
CVE-2017-8903
Xen up to and including 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213.
Xen Xen 4.8.1
Xen Xen 4.8.0
1 Github repository
605
VMScore
CVE-2017-8904
Xen up to and including 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214.
Xen Xen 4.8.1
Xen Xen 4.8.0
1 Github repository
641
VMScore
CVE-2017-15592
An issue exists in Xen up to and including 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.
Xen Xen
187
VMScore
CVE-2020-11742
An issue exists in Xen up to and including 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOP_copy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135...
Xen Xen
Xen Xen 4.13.0
Fedoraproject Fedora 32
187
VMScore
CVE-2020-11743
An issue exists in Xen up to and including 4.13.x, allowing guest OS users to cause a denial of service because of a bad error path in GNTTABOP_map_grant. Grant table operations are expected to return 0 for success, and a negative number for errors. Some misplaced brackets cause ...
Xen Xen
Xen Xen 4.13.0
Fedoraproject Fedora 32
614
VMScore
CVE-2021-28705
issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them t...
Xen Xen 4.15.0
Xen Xen 4.15.1
Xen Xen
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 11.0
418
VMScore
CVE-2016-1571
The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x up to and including 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID...
Citrix Xenserver
Xen Xen 3.4.1
Xen Xen 3.4.0
Xen Xen 4.5.0
Xen Xen 4.4.3
Xen Xen 4.3.3
Xen Xen 4.3.2
Xen Xen 4.2.0
Xen Xen 4.1.6.1
Xen Xen 4.1.0
Xen Xen 3.4.4
Xen Xen 3.4.3
Xen Xen 3.4.2
Xen Xen 4.5.2
Xen Xen 4.5.1
Xen Xen 4.3.4
Xen Xen 4.2.3
Xen Xen 4.2.2
Xen Xen 4.2.1
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 3.3.2
134
VMScore
CVE-2016-7094
Buffer overflow in Xen 4.7.x and previous versions allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update.
Xen Xen
1 Article
436
VMScore
CVE-2018-15468
An issue exists in Xen up to and including 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitab...
Xen Xen
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »