Skip to main content
CVE-2012-5525 MEDIUM POC This Month

The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.

Denial Of Service Xen
NVD
CVSS 2.0
4.7
EPSS
6.9%
CVE-2012-5513 MEDIUM This Month

The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain. Rated medium severity (CVSS 6.9). No vendor patch available.

Denial Of Service Xen
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2012-3277 MEDIUM This Month

HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Openvms
NVD
CVSS 2.0
5.0
EPSS
1.4%
CVE-2012-5515 MEDIUM This Month

The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Xen
NVD
CVSS 2.0
4.7
EPSS
0.1%
CVE-2012-5511 MEDIUM This Month

Stack-based buffer overflow in the dirty video RAM tracking functionality in Xen 3.4 through 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) via a large bitmap image. Rated medium severity (CVSS 4.7). No vendor patch available.

Buffer Overflow Denial Of Service Xen
NVD
CVSS 2.0
4.7
EPSS
0.1%
CVE-2012-5510 MEDIUM This Month

Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Xen
NVD
CVSS 2.0
4.7
EPSS
0.1%
CVE-2012-6333 MEDIUM This Month

Multiple HVM control operations in Xen 3.4 through 4.2 allow local HVM guest OS administrators to cause a denial of service (physical CPU consumption) via a large input. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Xen
NVD
CVSS 2.0
4.7
EPSS
0.1%
CVE-2012-5514 MEDIUM This Month

The guest_physmap_mark_populate_on_demand function in Xen 4.2 and earlier does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Xen
NVD
CVSS 2.0
4.7
EPSS
0.1%
CVE-2012-5966 MEDIUM This Month

The restricted telnet shell on the D-Link DSL2730U router allows remote authenticated users to bypass intended command restrictions via shell metacharacters that follow a whitelisted command. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation D-Link Dsl 2730U
NVD
CVSS 2.0
4.0
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy