Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xenserver vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2017-10920
The grant-table feature in Xen up to and including 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain p...
Xen Xen
5
CVSSv2
CVE-2017-10922
The grant-table feature in Xen up to and including 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3.
Xen Xen
2.1
CVSSv2
CVE-2017-12855
Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some circumstances...
Xen Xen 4.8.0
Xen Xen 4.7.0
Xen Xen 4.5.3
Xen Xen 4.5.5
Xen Xen 4.7.2
Xen Xen 4.7.3
Xen Xen 4.6.0
Xen Xen 4.6.1
Xen Xen 4.7.1
Xen Xen 4.6.6
Xen Xen 4.6.3
Xen Xen 4.6.4
Xen Xen 4.5.0
Xen Xen 4.9.0
Xen Xen 4.8.1
Xen Xen 4.5.1
Xen Xen 4.5.2
Xen Xen 4.6.5
6.9
CVSSv2
CVE-2017-17566
An issue exists in Xen up to and including 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.
Xen Xen
10
CVSSv2
CVE-2017-10912
Xen up to and including 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217.
Xen Xen
7.5
CVSSv2
CVE-2017-10913
The grant-table feature in Xen up to and including 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend malicious users to obtain sensitive information or gain privileges, aka XSA-218 bug 1.
Xen Xen
6.8
CVSSv2
CVE-2017-10914
The grant-table feature in Xen up to and including 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2.
Xen Xen
6.8
CVSSv2
CVE-2017-10915
The shadow-paging feature in Xen up to and including 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.
Xen Xen
9.4
CVSSv2
CVE-2017-10917
Xen up to and including 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
Xen Xen
2.1
CVSSv2
CVE-2017-15589
An issue exists in Xen up to and including 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS (or an arbitrary guest OS) because intercepted I/O operations can cause a write of data from uninitialized hypervisor stack memory.
Xen Xen 4.9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »