Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix xen vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2020-29040
An issue exists in Xen up to and including 4.14.x allowing x86 HVM guest OS users to cause a denial of service (stack corruption), cause a data leak, or possibly gain privileges because of an off-by-one error. NOTE: this issue is caused by an incorrect fix for CVE-2020-27671.
Xen Xen
6.9
CVSSv2
CVE-2017-17563
An issue exists in Xen up to and including 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode.
Xen Xen
6.9
CVSSv2
CVE-2017-17564
An issue exists in Xen up to and including 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode.
Xen Xen
5.6
CVSSv2
CVE-2021-28692
inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPU(s) issuing such commands. In the current implementation in Xen, asynchronous notification of the completion of such commands is not used. Instead,...
Xen Xen
4.9
CVSSv2
CVE-2017-15593
An issue exists in Xen up to and including 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled.
Xen Xen
4.6
CVSSv2
CVE-2017-15594
An issue exists in Xen up to and including 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging.
Xen Xen
7.2
CVSSv2
CVE-2017-7228
An issue (known as XSA-212) exists in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix introduced an insufficient check on XENMEM_exchange input, allowing the caller to drive hypervisor memory accesses outside of the guest provided input...
Xen Xen -
1 EDB exploit
1.5
CVSSv2
CVE-2016-7094
Buffer overflow in Xen 4.7.x and previous versions allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update.
Xen Xen
1 Article
10
CVSSv2
CVE-2017-10912
Xen up to and including 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217.
Xen Xen
6.8
CVSSv2
CVE-2017-10915
The shadow-paging feature in Xen up to and including 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.
Xen Xen
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »