Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.4.0 vulnerabilities and exploits
(subscribe to this query)
436
VMScore
CVE-2015-2752
The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x up to and including 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the device model (qemu-dm)...
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Xen Xen 4.3.2
Xen Xen 4.3.0
Xen Xen 4.4.1
Xen Xen 4.3.1
Xen Xen 4.5.0
Xen Xen 4.4.0
436
VMScore
CVE-2015-2756
QEMU, as used in Xen 3.3.x up to and including 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI...
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Xen Xen 4.3.2
Xen Xen 4.3.0
Xen Xen 4.4.1
Xen Xen 4.3.1
Xen Xen 4.5.0
Xen Xen 4.4.0
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
436
VMScore
CVE-2014-6268
The evtchn_fifo_set_pending function in Xen 4.4.x allows local guest users to cause a denial of service (host crash) via vectors involving an uninitialized FIFO-based event channel control block when (1) binding or (2) moving an event to a different VCPU.
Xen Xen 4.4.0
Xen Xen 4.4.1
436
VMScore
CVE-2014-8867
The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and previous versions lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) via unspeci...
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux Desktop 5.0
Xen Xen 3.2.1
Xen Xen 3.2.2
Xen Xen 3.2.3
Xen Xen
Xen Xen 4.4.1
Xen Xen 4.4.0
Debian Debian Linux 7.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
436
VMScore
CVE-2014-1896
The (1) do_send and (2) do_recv functions in io.c in libvchan in Xen 4.2.x, 4.3.x, and 4.4-RC series allows local guests to cause a denial of service or possibly gain privileges via crafted xenstore ring indexes, which triggers a "read or write past the end of the ring."...
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.4.0
Xen Xen 4.2.0
Xen Xen 4.3.1
Xen Xen 4.2.1
436
VMScore
CVE-2014-2599
The HVMOP_set_mem_access HVM control operations in Xen 4.1.x for 32-bit and 4.1.x up to and including 4.4.x for 64-bit allow local guest administrators to cause a denial of service (CPU consumption) by leveraging access to certain service domains for HVM guests and a large input.
Xen Xen 4.3.2
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 4.1.4
Xen Xen 4.1.3
Xen Xen 4.1.6.1
Xen Xen 4.3.1
Xen Xen 4.2.1
Xen Xen 4.4.0
418
VMScore
CVE-2016-5242
The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x up to and including 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS crash) by creating concurrent domains and holding references to them,...
Xen Xen 4.6.0
Xen Xen 4.5.2
Xen Xen 4.4.2
Xen Xen 4.4.4
Xen Xen 4.4.3
Xen Xen 4.4.0
Xen Xen 4.6.1
Xen Xen 4.5.3
Xen Xen 4.5.1
Xen Xen 4.4.1
Xen Xen 4.5.0
418
VMScore
CVE-2016-1571
The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x up to and including 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID...
Citrix Xenserver
Xen Xen 4.3.2
Xen Xen 4.6.0
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.3
Xen Xen 3.4.0
Xen Xen 4.3.0
Xen Xen 3.3.2
Xen Xen 4.1.2
Xen Xen 4.5.2
Xen Xen 4.4.2
Xen Xen 3.4.4
Xen Xen 4.4.3
Xen Xen 4.4.0
Xen Xen 4.1.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 3.4.3
Xen Xen 4.1.6
Xen Xen 4.2.5
418
VMScore
CVE-2015-8340
The memory_exchange function in common/memory.c in Xen 3.2.x up to and including 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service (deadlock or host crash) via unspecified vectors, related to XENMEM_exchange error handli...
Xen Xen 3.2.0
Xen Xen 4.3.2
Xen Xen 4.6.0
Xen Xen 4.1.5
Xen Xen 3.2.1
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.3
Xen Xen 3.4.0
Xen Xen 4.3.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 3.3.2
Xen Xen 4.1.2
Xen Xen 3.2.2
Xen Xen 4.5.2
Xen Xen 4.4.2
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.4.3
Xen Xen 4.1.1
Xen Xen 4.2.0
418
VMScore
CVE-2015-8339
The memory_exchange function in common/memory.c in Xen 3.2.x up to and including 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain teardown.
Xen Xen 3.2.0
Xen Xen 4.3.2
Xen Xen 4.6.0
Xen Xen 4.1.5
Xen Xen 3.2.1
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.3
Xen Xen 3.4.0
Xen Xen 4.3.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 3.3.2
Xen Xen 4.1.2
Xen Xen 3.2.2
Xen Xen 4.5.2
Xen Xen 4.4.2
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.4.3
Xen Xen 4.1.1
Xen Xen 4.2.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »