Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.1.1 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2014-1950
Use-after-free vulnerability in the xc_cpupool_getinfo function in Xen 4.1.x up to and including 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xc_cpumap_alloc function, which allows local users with access to management functions to cause ...
Xen Xen 4.1.5
Xen Xen 4.1.6.1
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.2.1
4.6
CVSSv2
CVE-2011-3131
Xen 4.1.1 and previous versions allows local guest OS kernels with control of a PCI[E] device to cause a denial of service (CPU consumption and host hang) via many crafted DMA requests that are denied by the IOMMU, which triggers a livelock.
Xen Xen
4.4
CVSSv2
CVE-2013-1920
Xen 4.2.x, 4.1.x, and previous versions, when the hypervisor is running "under memory pressure" and the Xen Security Module (XSM) is enabled, uses the wrong ordering of operations when extending the per-domain event channel tracking table, which causes a use-after-free ...
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 3.3.1
Xen Xen 3.2.3
Xen Xen 3.1.3
Xen Xen 3.0.2
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.0.3
Xen Xen 4.0.2
Xen Xen 3.2.2
Xen Xen 3.1.4
Xen Xen 4.1.4
Xen Xen 4.1.3
Xen Xen 4.0.1
Xen Xen 4.0.0
Xen Xen 3.2.0
Xen Xen 3.0.4
Xen Xen 3.4.2
Xen Xen 3.4.0
Xen Xen 3.4.4
Xen Xen 3.4.1
4.3
CVSSv2
CVE-2013-2076
Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determine portions of the state of floating point instructions of other domains, which c...
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.0.3
Xen Xen 4.2.2
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.1.5
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 4.1.3
Xen Xen 4.1.4
4.3
CVSSv2
CVE-2013-0215
oxenstored in Xen 4.1.x, Xen 4.2.x, and xen-unstable does not properly consider the state of the Xenstore ring during read operations, which allows guest OS users to cause a denial of service (daemon crash and host-control outage, or memory consumption) or obtain sensitive contro...
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.2.0
Xen Xen 4.2.1
3.6
CVSSv2
CVE-2015-7311
libxl in Xen 4.1.x up to and including 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image.
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.2.5
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.5.0
Xen Xen 4.5.1
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.3.4
Xen Xen 4.4.0
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.3.2
Xen Xen 4.3.3
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.2.3
Xen Xen 4.2.4
Xen Xen 4.4.1
3.3
CVSSv2
CVE-2014-7156
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x up to and including 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of service (guest crash) v...
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.4.1
Xen Xen 3.3.0
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.4.0
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.2
Xen Xen 4.2.3
2.7
CVSSv2
CVE-2012-2625
The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service (memory consumption) via a large (1) bzip2 or (2) lzma compressed kernel image.
Xen Xen 4.2.0
Xen Xen-unstable
Xen Xen 4.1.0
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 4.1.3
2.1
CVSSv2
CVE-2015-7972
The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x up to and including 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allows local HVM g...
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.4.1
Xen Xen 4.5.0
Xen Xen 3.4.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.3.4
Xen Xen 4.4.0
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.2.3
Xen Xen 4.3.0
2.1
CVSSv2
CVE-2015-7971
Xen 3.2.x up to and including 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, which are not properl...
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.3.2
Xen Xen 4.3.4
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.4.0
Xen Xen 4.4.1
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.2.2
Xen Xen 3.4.2
Xen Xen 3.4.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »