Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix xen vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-15589
An issue exists in Xen up to and including 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS (or an arbitrary guest OS) because intercepted I/O operations can cause a write of data from uninitialized hypervisor stack memory.
Xen Xen 4.9.0
8.8
CVSSv3
CVE-2017-15590
An issue exists in Xen up to and including 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because MSI mapping was mishandled.
Xen Xen 4.9.0
6.5
CVSSv3
CVE-2020-25597
An issue exists in Xen up to and including 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen assumes that an event channel, once valid, will not become invalid over the life...
Xen Xen
Fedoraproject Fedora 31
7.2
CVSSv3
CVE-2019-19577
An issue exists in Xen up to and including 4.12.x allowing x86 AMD HVM guest OS users to cause a denial of service or possibly gain privileges by triggering data-structure access during pagetable-height updates. When running on AMD systems with an IOMMU, Xen attempted to dynamica...
Xen Xen
Fedoraproject Fedora 31
6.6
CVSSv3
CVE-2019-19580
An issue exists in Xen up to and including 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations, because of an incomplete fix for CVE-2019-18421. XSA-299 addressed several critical issues in ...
Xen Xen
Fedoraproject Fedora 31
5.5
CVSSv3
CVE-2020-11740
An issue exists in xenoprof in Xen up to and including 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. ...
Xen Xen 4.13.0
Xen Xen
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
8.8
CVSSv3
CVE-2020-11741
An issue exists in xenoprof in Xen up to and including 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled...
Xen Xen
Xen Xen 4.13.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 10.0
Opensuse Leap 15.1
6.5
CVSSv3
CVE-2018-7540
An issue exists in Xen up to and including 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing.
Xen Xen
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2018-7541
An issue exists in Xen up to and including 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.
Xen Xen
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2018-19967
An issue exists in Xen up to and including 4.11.x on Intel x86 platforms allowing guest OS users to cause a denial of service (host OS hang) because Xen does not work around Intel's mishandling of certain HLE transactions associated with the KACQUIRE instruction prefix.
Xen Xen
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »