Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.2.0 vulnerabilities and exploits
(subscribe to this query)
498
VMScore
CVE-2012-3498
PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and previous versions allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map->index.
Xen Xen 4.1.0
Xen Xen 4.2.0
Citrix Xenserver
490
VMScore
CVE-2014-3967
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.
Xen Xen 4.2.3
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.2.0
Xen Xen 4.4.0
Opensuse Opensuse 13.1
Opensuse Opensuse 12.3
Xen Xen 4.3.0
Xen Xen 4.3.1
490
VMScore
CVE-2014-3968
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged.
Xen Xen 4.3.1
Xen Xen 4.3.0
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.2.0
Xen Xen 4.2.1
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Xen Xen 4.4.0
481
VMScore
CVE-2014-8594
The do_mmu_update function in arch/x86/mm.c in Xen 4.x up to and including 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service (NULL pointer dereference) by leveraging hardware emulation services for HVM gues...
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Debian Debian Linux 7.0
Xen Xen 4.0.0
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 4.1.5
Xen Xen 4.1.6.1
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.2.0
Xen Xen 4.2.1
463
VMScore
CVE-2014-1891
Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and previous versions, when XSM is enabled, allow local users to cause a denial of service ...
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 3.2.2
Xen Xen 3.2.3
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.3.1
Xen Xen
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 4.1.0
463
VMScore
CVE-2013-4553
The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x up to and including 4.3.x (possibly 4.3.1) does not always obtain the page_alloc_lock and mm_rwlock in the same order, which allows local guest administrators to cause a denial of service (host deadlock).
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.1.6.1
Xen Xen 4.0.0
Xen Xen 3.4.2
Xen Xen 3.4.3
Xen Xen 4.2.3
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 3.4.4
Xen Xen 4.3.0
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.0.3
463
VMScore
CVE-2013-4416
The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply.
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.1.4
Xen Xen 4.1.5
463
VMScore
CVE-2013-2077
Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of a XRSTOR, which allows local PV guest users to cause a denial of service (unhandled exception and hypervisor crash) via unspecified vectors.
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 4.0.0
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.1.0
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 4.2.0
Xen Xen 4.2.1
437
VMScore
CVE-2015-2150
Xen 3.3.x up to and including 4.5.x and the Linux kernel up to and including 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or...
Ubuntu Ubuntu 12.04
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 3.4.0
Xen Xen 4.3.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 3.3.2
Xen Xen 4.1.2
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.4.0
Xen Xen 4.1.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 3.4.3
Xen Xen 4.4.1
Xen Xen 4.1.3
Xen Xen 4.1.6.1
Xen Xen 3.3.1
Xen Xen 3.4.2
436
VMScore
CVE-2022-0617
A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.
Linux Linux Kernel 4.2.0
Linux Linux Kernel 4.2
Linux Linux Kernel 5.17
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »