Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix xenserver vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2017-12135
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
Xen Xen
Citrix Xenserver 7.1
Citrix Xenserver 7.2
Citrix Xenserver 6.0.2
Citrix Xenserver 7.0
Citrix Xenserver 6.2.0
Citrix Xenserver 6.5
Debian Debian Linux 9.0
Debian Debian Linux 8.0
4.6
CVSSv2
CVE-2017-7980
Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and previous versions allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation...
Qemu Qemu
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 17.04
Debian Debian Linux 8.0
Redhat Openstack 6.0
Redhat Openstack 7.0
Redhat Openstack 8
Redhat Openstack 10
Redhat Openstack 9
Redhat Openstack 5.0
Redhat Virtualization 3.0
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
4.6
CVSSv2
CVE-2016-10013
Xen up to and including 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation.
Xen Xen
4.6
CVSSv2
CVE-2015-4106
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact vi...
Qemu Qemu
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Desktop 12
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 12
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Software Development Kit 12
Citrix Xenserver 6.0
Citrix Xenserver 6.0.2
Citrix Xenserver 6.1.0
Citrix Xenserver 6.2.0
Citrix Xenserver 6.5
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
4.6
CVSSv2
CVE-2010-0633
Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and previous versions, and 5.5, allows local users to bypass authentication and execute unspecified Xen API (XAPI) calls via unknown vectors.
Citrix Xenserver
Citrix Xenserver 5.5
4.3
CVSSv2
CVE-2009-3757
Multiple cross-site scripting (XSS) vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allow remote malicious users to inject arbitrary web script or HTML via the (1) username parameter to config/edituser.php; (2) location, (3) sessionid, and (4) ...
Citrix Xencenterweb
1 EDB exploit
4.3
CVSSv2
CVE-2008-3253
Cross-site scripting (XSS) vulnerability in the XenAPI HTTP interfaces in Citrix XenServer Express, Standard, and Enterprise Edition 4.1.0; Citrix XenServer Dell Edition (Express and Enterprise) 4.1.0; and HP integrated Citrix XenServer (Select and Enterprise) 4.1.0 allows remote...
Citrix Xenserver 4.1.0
4
CVSSv2
CVE-2017-5573
An issue exists in Linux Foundation xapi in Citrix XenServer up to and including 7.0. An authenticated read-only administrator can cancel tasks of other administrators.
Citrix Xenserver 6.5
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
Citrix Xenserver 7.0
3.2
CVSSv2
CVE-2012-5512
Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors.
Citrix Xenserver 4.1.0
2.1
CVSSv2
CVE-2021-28688
The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of clean...
Linux Linux Kernel
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »