Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix xenserver vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-15588
An issue exists in Xen up to and including 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry.
Xen Xen 4.9.0
8.8
CVSSv3
CVE-2017-15592
An issue exists in Xen up to and including 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.
Xen Xen
6.5
CVSSv3
CVE-2017-15589
An issue exists in Xen up to and including 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS (or an arbitrary guest OS) because intercepted I/O operations can cause a write of data from uninitialized hypervisor stack memory.
Xen Xen 4.9.0
6.5
CVSSv3
CVE-2017-15593
An issue exists in Xen up to and including 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled.
Xen Xen
8.8
CVSSv3
CVE-2017-15590
An issue exists in Xen up to and including 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because MSI mapping was mishandled.
Xen Xen 4.9.0
8.8
CVSSv3
CVE-2017-15595
An issue exists in Xen up to and including 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.
Xen Xen
1 EDB exploit
8.8
CVSSv3
CVE-2017-14319
A grant unmapping issue exists in Xen up to and including 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, ...
Xen Xen
8.8
CVSSv3
CVE-2017-14316
A parameter verification issue exists in Xen up to and including 4.9.x. The function `alloc_heap_pages` allows callers to specify the first NUMA node that should be used for allocations through the `memflags` parameter; the node is extracted using the `MEMF_get_node` macro. While...
Xen Xen
6.5
CVSSv3
CVE-2017-14318
An issue exists in Xen 4.5.x up to and including 4.9.x. The function `__gnttab_cache_flush` handles GNTTABOP_cache_flush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table i...
Xen Xen 4.5.0
Xen Xen 4.6.3
Xen Xen 4.6.4
Xen Xen 4.8.0
Xen Xen 4.8.1
Xen Xen 4.6.0
Xen Xen 4.6.1
Xen Xen 4.7.2
Xen Xen 4.7.3
Xen Xen 4.5.3
Xen Xen 4.5.5
Xen Xen 4.7.0
Xen Xen 4.7.1
Xen Xen 4.5.1
Xen Xen 4.5.2
Xen Xen 4.6.5
Xen Xen 4.6.6
Xen Xen 4.9.0
8.8
CVSSv3
CVE-2017-12134
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block ...
Xen Xen
Citrix Xenserver 7.0
Citrix Xenserver 6.5
Citrix Xenserver 7.1
Citrix Xenserver 6.2.0
Citrix Xenserver 7.2
Citrix Xenserver 6.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »