Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xenserver vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv2
CVE-2017-15593
An issue exists in Xen up to and including 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled.
Xen Xen
4.6
CVSSv2
CVE-2017-15594
An issue exists in Xen up to and including 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging.
Xen Xen
7.2
CVSSv2
CVE-2017-8903
Xen up to and including 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213.
Xen Xen 4.8.1
Xen Xen 4.8.0
1 Github repository
6.8
CVSSv2
CVE-2017-8904
Xen up to and including 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214.
Xen Xen 4.8.1
Xen Xen 4.8.0
1 Github repository
7.2
CVSSv2
CVE-2017-14316
A parameter verification issue exists in Xen up to and including 4.9.x. The function `alloc_heap_pages` allows callers to specify the first NUMA node that should be used for allocations through the `memflags` parameter; the node is extracted using the `MEMF_get_node` macro. While...
Xen Xen
4.9
CVSSv2
CVE-2017-14318
An issue exists in Xen 4.5.x up to and including 4.9.x. The function `__gnttab_cache_flush` handles GNTTABOP_cache_flush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table i...
Xen Xen 4.5.0
Xen Xen 4.6.3
Xen Xen 4.6.4
Xen Xen 4.8.0
Xen Xen 4.8.1
Xen Xen 4.6.0
Xen Xen 4.6.1
Xen Xen 4.7.2
Xen Xen 4.7.3
Xen Xen 4.5.3
Xen Xen 4.5.5
Xen Xen 4.7.0
Xen Xen 4.7.1
Xen Xen 4.5.1
Xen Xen 4.5.2
Xen Xen 4.6.5
Xen Xen 4.6.6
Xen Xen 4.9.0
10
CVSSv2
CVE-2017-10912
Xen up to and including 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217.
Xen Xen
6.8
CVSSv2
CVE-2017-10914
The grant-table feature in Xen up to and including 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2.
Xen Xen
10
CVSSv2
CVE-2017-10921
The grant-table feature in Xen up to and including 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS a...
Xen Xen
7.5
CVSSv2
CVE-2017-10913
The grant-table feature in Xen up to and including 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend malicious users to obtain sensitive information or gain privileges, aka XSA-218 bug 1.
Xen Xen
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »