Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.5.3 vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2016-3955
The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel prior to 4.5.3 allows remote malicious users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Linux Linux Kernel
Debian Debian Linux 8.0
1 Github repository
605
VMScore
CVE-2016-4962
The libxl device-handling in Xen 4.6.x and previous versions allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore.
Oracle Vm Server 3.4
Oracle Vm Server 3.3
Xen Xen 4.4.4
Xen Xen 4.5.3
Xen Xen 4.5.2
Xen Xen 4.4.0
Xen Xen 4.4.3
Xen Xen 4.3.2
Xen Xen 4.3.1
Xen Xen 4.6.1
Xen Xen 4.6.0
Xen Xen 4.4.2
Xen Xen 4.4.1
Xen Xen 4.3.0
Xen Xen 4.5.1
Xen Xen 4.5.0
Xen Xen 4.3.4
Xen Xen 4.3.3
445
VMScore
CVE-2017-10916
The vCPU context-switch implementation in Xen up to and including 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220.
Xen Xen 4.6.0
Xen Xen 4.6.1
Xen Xen 4.5.3
Xen Xen 4.5.5
Xen Xen 4.8.1
Xen Xen 4.5.0
Xen Xen 4.6.2
Xen Xen 4.6.4
Xen Xen 4.6.5
Xen Xen 4.5.1
Xen Xen 4.5.2
Xen Xen 4.7.1
Xen Xen 4.8.0
445
VMScore
CVE-2015-8555
Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and previous versions do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vect...
Citrix Xenserver 6.0
Xen Xen 4.4.3
Xen Xen 4.4.2
Xen Xen 4.6.0
Xen Xen 4.3.4
Xen Xen 4.3.3
Xen Xen 4.4.1
Xen Xen 4.4.0
Xen Xen 4.3.2
Xen Xen 4.3.1
Xen Xen 4.5.3
Xen Xen 4.5.2
Xen Xen 4.3.0
Xen Xen 4.4.4
Xen Xen 4.5.1
Xen Xen 4.5.0
Xen Xen 4.6.1
436
VMScore
CVE-2017-15596
An issue exists in Xen 4.4.x up to and including 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physmap error.
Xen Xen 4.4.0
Xen Xen 4.4.1
Xen Xen 4.4.4
Xen Xen 4.5.0
Xen Xen 4.5.1
Xen Xen 4.5.2
Xen Xen 4.6.0
Xen Xen 4.7.0
Xen Xen 4.7.2
Xen Xen 4.7.3
Xen Xen 4.8.0
Xen Xen 4.9.0
Xen Xen 4.4.2
Xen Xen 4.5.5
Xen Xen 4.6.2
Xen Xen 4.6.3
Xen Xen 4.8.2
Xen Xen 4.4.3
Xen Xen 4.6.4
Xen Xen 4.6.5
Xen Xen 4.6.6
Xen Xen 4.7.1
436
VMScore
CVE-2017-15591
An issue exists in Xen 4.5.x up to and including 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unmap implementation.
Xen Xen 4.6.1
Xen Xen 4.6.3
Xen Xen 4.7.3
Xen Xen 4.8.0
Xen Xen 4.5.2
Xen Xen 4.5.3
Xen Xen 4.6.6
Xen Xen 4.7.0
Xen Xen 4.5.0
Xen Xen 4.5.1
Xen Xen 4.6.4
Xen Xen 4.6.5
Xen Xen 4.8.1
Xen Xen 4.9.0
Xen Xen 4.5.5
Xen Xen 4.6.0
Xen Xen 4.7.1
Xen Xen 4.7.2
436
VMScore
CVE-2017-14431
Memory leak in Xen 3.3 up to and including 4.8.x allows guest OS users to cause a denial of service (ARM or x86 AMD host OS memory consumption) by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207.
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.2.5
Xen Xen 4.3.0
Xen Xen 4.4.1
Xen Xen 4.4.2
Xen Xen 4.5.5
Xen Xen 4.6.0
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.1.6
Xen Xen 4.1.6.1
Xen Xen 4.3.1
Xen Xen 4.3.2
Xen Xen 4.4.3
436
VMScore
CVE-2017-14318
An issue exists in Xen 4.5.x up to and including 4.9.x. The function `__gnttab_cache_flush` handles GNTTABOP_cache_flush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table i...
Xen Xen 4.5.0
Xen Xen 4.6.3
Xen Xen 4.6.4
Xen Xen 4.8.0
Xen Xen 4.8.1
Xen Xen 4.6.0
Xen Xen 4.6.1
Xen Xen 4.7.2
Xen Xen 4.7.3
Xen Xen 4.5.3
Xen Xen 4.5.5
Xen Xen 4.7.0
Xen Xen 4.7.1
Xen Xen 4.5.1
Xen Xen 4.5.2
Xen Xen 4.6.5
Xen Xen 4.6.6
Xen Xen 4.9.0
436
VMScore
CVE-2016-6259
Xen 4.5.x up to and including 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.
Xen Xen 4.7.0
Xen Xen 4.6.3
Xen Xen 4.5.0
Xen Xen 4.5.1
Xen Xen 4.6.1
Xen Xen 4.5.3
Xen Xen 4.6.0
Xen Xen 4.5.2
Citrix Xenserver 6.2.0
Citrix Xenserver 7.0
Citrix Xenserver 6.5.0
Citrix Xenserver 6.0.2
Citrix Xenserver 6.0
Citrix Xenserver 6.1
418
VMScore
CVE-2016-5242
The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x up to and including 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS crash) by creating concurrent domains and holding references to them,...
Xen Xen 4.5.3
Xen Xen 4.5.2
Xen Xen 4.4.0
Xen Xen 4.5.1
Xen Xen 4.5.0
Xen Xen 4.4.4
Xen Xen 4.4.3
Xen Xen 4.4.2
Xen Xen 4.6.1
Xen Xen 4.6.0
Xen Xen 4.4.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »