Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix xenserver 7.0 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-5572
An issue exists in Linux Foundation xapi in Citrix XenServer up to and including 7.0. An authenticated read-only administrator can corrupt the host database.
Citrix Xenserver 7.0
Citrix Xenserver 6.5
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
4.9
CVSSv3
CVE-2017-5573
An issue exists in Linux Foundation xapi in Citrix XenServer up to and including 7.0. An authenticated read-only administrator can cancel tasks of other administrators.
Citrix Xenserver 7.0
Citrix Xenserver 6.5
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
8.8
CVSSv3
CVE-2017-12134
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block ...
Xen Xen
Citrix Xenserver 7.0
Citrix Xenserver 7.1
Citrix Xenserver 6.5
Citrix Xenserver 6.0.2
Citrix Xenserver 7.2
Citrix Xenserver 6.2.0
6
CVSSv3
CVE-2016-10024
Xen up to and including 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations.
Xen Xen
Citrix Xenserver 7.0
Citrix Xenserver 6.5
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
7.8
CVSSv3
CVE-2018-19962
An issue exists in Xen up to and including 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.
Xen Xen
Debian Debian Linux 9.0
Citrix Xenserver 7.0
Citrix Xenserver 7.5
Citrix Xenserver 7.6
Citrix Xenserver 7.1
7.8
CVSSv3
CVE-2018-19961
An issue exists in Xen up to and including 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.
Xen Xen
Debian Debian Linux 9.0
Citrix Xenserver 7.0
Citrix Xenserver 7.5
Citrix Xenserver 7.6
Citrix Xenserver 7.1
5.6
CVSSv3
CVE-2018-19965
An issue exists in Xen up to and including 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-575...
Xen Xen
Citrix Xenserver 7.0
Citrix Xenserver 7.5
Citrix Xenserver 7.6
Citrix Xenserver 7.1
Debian Debian Linux 9.0
2 Github repositories
8.8
CVSSv3
CVE-2017-12135
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
Xen Xen
Citrix Xenserver 7.0
Citrix Xenserver 7.1
Citrix Xenserver 6.5
Citrix Xenserver 6.0.2
Citrix Xenserver 7.2
Citrix Xenserver 6.2.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2017-12137
arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
Xen Xen
Citrix Xenserver 7.0
Citrix Xenserver 7.1
Citrix Xenserver 6.5
Citrix Xenserver 6.0.2
Citrix Xenserver 7.2
Citrix Xenserver 6.2.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.2
CVSSv3
CVE-2016-6259
Xen 4.5.x up to and including 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.
Xen Xen 4.6.0
Xen Xen 4.7.0
Xen Xen 4.6.3
Xen Xen 4.5.2
Xen Xen 4.6.1
Xen Xen 4.5.3
Xen Xen 4.5.1
Xen Xen 4.5.0
Citrix Xenserver 6.5.0
Citrix Xenserver 7.0
Citrix Xenserver 6.0.2
Citrix Xenserver 6.0
Citrix Xenserver 6.2.0
Citrix Xenserver 6.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XPath injection
cross-site request forgery
CVE-2024-53505
CVE-2024-53768
CVE-2024-53743
HTML injection
CVE-2024-49039
CVE-2024-53786
CVE-2014-2120
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »