Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xenserver vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2017-12135
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
Xen Xen
Citrix Xenserver 7.1
Citrix Xenserver 7.2
Citrix Xenserver 6.0.2
Citrix Xenserver 7.0
Citrix Xenserver 6.2.0
Citrix Xenserver 6.5
Debian Debian Linux 9.0
Debian Debian Linux 8.0
7.2
CVSSv2
CVE-2017-12134
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block ...
Xen Xen
Citrix Xenserver 7.0
Citrix Xenserver 6.5
Citrix Xenserver 7.1
Citrix Xenserver 6.2.0
Citrix Xenserver 7.2
Citrix Xenserver 6.0.2
6.9
CVSSv2
CVE-2017-12136
Race condition in the grant table code in Xen 4.6.x up to and including 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling.
Xen Xen 4.9.0
Xen Xen 4.6.0
Xen Xen 4.6.4
Xen Xen 4.6.5
Xen Xen 4.6.6
Xen Xen 4.7.0
Xen Xen 4.6.3
Xen Xen 4.7.1
Xen Xen 4.7.3
Xen Xen 4.8.1
Xen Xen 4.6.1
Xen Xen 4.7.2
Xen Xen 4.8.0
Citrix Xenserver 6.2.0
Citrix Xenserver 6.5
Citrix Xenserver 7.0
Citrix Xenserver 7.1
Citrix Xenserver 6.0.2
Citrix Xenserver 7.2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.2
CVSSv2
CVE-2017-12137
arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
Xen Xen
Citrix Xenserver 6.0.2
Citrix Xenserver 7.2
Citrix Xenserver 6.2.0
Citrix Xenserver 7.0
Citrix Xenserver 6.5
Citrix Xenserver 7.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
2.1
CVSSv2
CVE-2017-12855
Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some circumstances...
Xen Xen 4.8.0
Xen Xen 4.7.0
Xen Xen 4.5.3
Xen Xen 4.5.5
Xen Xen 4.7.2
Xen Xen 4.7.3
Xen Xen 4.6.0
Xen Xen 4.6.1
Xen Xen 4.7.1
Xen Xen 4.6.6
Xen Xen 4.6.3
Xen Xen 4.6.4
Xen Xen 4.5.0
Xen Xen 4.9.0
Xen Xen 4.8.1
Xen Xen 4.5.1
Xen Xen 4.5.2
Xen Xen 4.6.5
7.5
CVSSv2
CVE-2015-7705
The rate limiting feature in NTP 4.x prior to 4.2.8p4 and 4.3.x prior to 4.3.77 allows remote malicious users to have unspecified impact via a large number of crafted requests.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
Citrix Xenserver 6.5
Citrix Xenserver 7.0
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
4.6
CVSSv2
CVE-2017-7980
Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and previous versions allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation...
Qemu Qemu
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 17.04
Debian Debian Linux 8.0
Redhat Openstack 6.0
Redhat Openstack 7.0
Redhat Openstack 8
Redhat Openstack 10
Redhat Openstack 9
Redhat Openstack 5.0
Redhat Virtualization 3.0
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
10
CVSSv2
CVE-2017-10912
Xen up to and including 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217.
Xen Xen
6.8
CVSSv2
CVE-2017-10914
The grant-table feature in Xen up to and including 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2.
Xen Xen
9.4
CVSSv2
CVE-2017-10917
Xen up to and including 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
Xen Xen
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »