Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.0.1 vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv2
CVE-2012-5510
Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service (hypervisor crash) via unspecified vectors.
Xen Xen 4.1.2
Xen Xen 4.0.4
Xen Xen 4.2.0
Xen Xen 4.1.3
Xen Xen 4.0.3
Xen Xen 4.0.2
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 4.0.1
Xen Xen 4.0.0
4.7
CVSSv2
CVE-2012-5514
The guest_physmap_mark_populate_on_demand function in Xen 4.2 and previous versions does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vectors.
Xen Xen
Xen Xen 4.0.2
Xen Xen 4.0.1
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 3.0.4
Xen Xen 3.0.3
Xen Xen 4.0.4
Xen Xen 4.0.3
Xen Xen 3.4.2
Xen Xen 3.4.0
Xen Xen 3.2.0
Xen Xen 3.1.4
Xen Xen 3.1.3
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 4.0.0
Xen Xen 3.4.3
Xen Xen 3.3.2
Xen Xen 3.2.3
Xen Xen 3.0.2
Xen Xen 4.1.3
4.7
CVSSv2
CVE-2012-5515
The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and previous versions allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value.
Xen Xen 4.1.2
Xen Xen 4.0.4
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 3.2.0
Xen Xen 3.1.4
Xen Xen 4.1.0
Xen Xen 4.1.3
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 3.2.2
Xen Xen 3.2.1
Xen Xen 4.0.3
Xen Xen 4.0.2
Xen Xen 3.4.0
Xen Xen 3.3.0
Xen Xen 3.1.3
Xen Xen 3.0.4
Xen Xen
Xen Xen 4.1.1
Xen Xen 4.0.1
Xen Xen 4.0.0
4.7
CVSSv2
CVE-2012-3496
XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and previous versions, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_de...
Xen Xen 4.0.0
Xen Xen 4.1.0
Xen Xen 4.2.0
Citrix Xenserver
4.6
CVSSv2
CVE-2011-3131
Xen 4.1.1 and previous versions allows local guest OS kernels with control of a PCI[E] device to cause a denial of service (CPU consumption and host hang) via many crafted DMA requests that are denied by the IOMMU, which triggers a livelock.
Xen Xen
4.6
CVSSv2
CVE-2012-4411
The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-0998.
Xen Xen 4.0.0
Xen Xen 4.2.0
Xen Xen 4.1.0
4.4
CVSSv2
CVE-2013-1920
Xen 4.2.x, 4.1.x, and previous versions, when the hypervisor is running "under memory pressure" and the Xen Security Module (XSM) is enabled, uses the wrong ordering of operations when extending the per-domain event channel tracking table, which causes a use-after-free ...
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 3.3.1
Xen Xen 3.2.3
Xen Xen 3.1.3
Xen Xen 3.0.2
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.0.3
Xen Xen 4.0.2
Xen Xen 3.2.2
Xen Xen 3.1.4
Xen Xen 4.1.4
Xen Xen 4.1.3
Xen Xen 4.0.1
Xen Xen 4.0.0
Xen Xen 3.2.0
Xen Xen 3.0.4
Xen Xen 3.4.2
Xen Xen 3.4.0
Xen Xen 3.4.4
Xen Xen 3.4.1
4.3
CVSSv2
CVE-2013-2076
Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determine portions of the state of floating point instructions of other domains, which c...
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.0.3
Xen Xen 4.2.2
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.1.5
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 4.1.3
Xen Xen 4.1.4
2.1
CVSSv2
CVE-2015-7972
The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x up to and including 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allows local HVM g...
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.4.1
Xen Xen 4.5.0
Xen Xen 3.4.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.3.4
Xen Xen 4.4.0
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.2.3
Xen Xen 4.3.0
2.1
CVSSv2
CVE-2015-7971
Xen 3.2.x up to and including 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, which are not properl...
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.3.2
Xen Xen 4.3.4
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.4.0
Xen Xen 4.4.1
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.2.2
Xen Xen 3.4.2
Xen Xen 3.4.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »