Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.0.0 vulnerabilities and exploits
(subscribe to this query)
6.9
CVSSv2
CVE-2011-1583
Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompre...
Citrix Xen 3.2.0
Citrix Xen 3.3.0
Citrix Xen 4.0.0
Citrix Xen 4.1.0
7.4
CVSSv2
CVE-2011-1898
Xen 4.1 prior to 4.1.1 and 4.0 prior to 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt injection registers.&q...
Citrix Xen 4.0.0
Citrix Xen 4.0.1
Citrix Xen 4.1.0
1.2
CVSSv2
CVE-2013-1442
Xen 4.0 up to and including 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows loca...
Xen Xen 4.0.0
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 4.1.5
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.2.1
Xen Xen 4.2.2
7.4
CVSSv2
CVE-2013-2072
Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service (memory corruption and xend toolstack crash) and possibly gain privileges vi...
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.2.2
Debian Debian Linux 7.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.0.0
Xen Xen 4.0.1
5.5
CVSSv2
CVE-2011-1166
Xen, possibly prior to 4.0.2, allows local 64-bit PV guests to cause a denial of service (host crash) by specifying user mode execution without user-mode pagetables.
Xen Xen 3.1.4
Xen Xen 3.2.1
Xen Xen 3.3.2
Xen Xen 3.4.1
Xen Xen 3.2.2
Xen Xen 3.2.3
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 3.0.2
Xen Xen 3.0.3
Xen Xen 3.0.4
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen
Xen Xen 3.1.3
Xen Xen 3.2.0
Xen Xen 3.4.0
Xen Xen 3.4.2
4.9
CVSSv2
CVE-2010-2070
arch/ia64/xen/faults.c in Xen 3.4 and 4.0 in Linux kernel 2.6.18, and possibly other kernel versions, when running on IA-64 architectures, allows local users to cause a denial of service and "turn on BE by modifying the user mask of the PSR," as demonstrated via exploit...
Xensource Xen 4.0.0
Xensource Xen 3.4.0
5.2
CVSSv2
CVE-2014-1892
Xen 3.3 up to and including 4.1, when XSM is enabled, allows local users to cause a denial of service via vectors related to a "large memory allocation," a different vulnerability than CVE-2014-1891, CVE-2014-1893, and CVE-2014-1894.
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.5
Xen Xen 4.1.6.1
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.1.3
Xen Xen 4.1.4
2.1
CVSSv2
CVE-2015-1563
The ARM GIC distributor virtualization in Xen 4.4.x and 4.5.x allows local guests to cause a denial of service by causing a large number messages to be logged.
Xen Xen 4.4.1
Xen Xen 4.0.1
Xen Xen 4.1.3
Xen Xen 4.1.5
Xen Xen 4.3.1
Xen Xen 4.5.0
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.4.0
Xen Xen 4.0.0
Xen Xen 4.0.2
Xen Xen 4.1.2
Xen Xen 4.1.4
Xen Xen 4.1.6.1
Xen Xen 4.3.0
Fedoraproject Fedora 21
5.2
CVSSv2
CVE-2014-1893
Multiple integer overflows in the (1) FLASK_GETBOOL and (2) FLASK_SETBOOL suboperations in the flask hypercall in Xen 4.1.x, 3.3.x, 3.2.x, and previous versions, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unspecified vectors, a diffe...
Xen Xen 3.2.2
Xen Xen 3.2.3
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.1.3
5.2
CVSSv2
CVE-2013-4553
The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x up to and including 4.3.x (possibly 4.3.1) does not always obtain the page_alloc_lock and mm_rwlock in the same order, which allows local guest administrators to cause a denial of service (host deadlock).
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.1.6.1
Xen Xen 4.0.0
Xen Xen 3.4.2
Xen Xen 3.4.3
Xen Xen 4.2.3
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 3.4.4
Xen Xen 4.3.0
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.0.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »