Skip to main content

Xenserver

42 CVEs product

Monthly

CVE-2024-5661 MEDIUM This Month

An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which may allow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Citrix Xenserver Hypervisor
NVD
CVSS 3.1
6.0
EPSS
0.2%
CVE-2018-19965 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the. Rated medium severity (CVSS 5.6).

Denial Of Service Canonical Xen Xenserver Debian Linux
NVD
CVSS 3.0
5.6
EPSS
0.4%
CVE-2018-19962 HIGH PATCH This Week

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones. Rated high severity (CVSS 7.8). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Amd Information Disclosure Xen Debian Linux Xenserver
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-19961 HIGH PATCH This Week

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes. Rated high severity (CVSS 7.8).

Amd Information Disclosure Xen Debian Linux Xenserver
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-14007 CRITICAL Act Now

Citrix XenServer 7.1 and newer allows Directory Traversal. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Path Traversal Xenserver
NVD
CVSS 3.0
9.8
EPSS
56.1%
CVE-2018-3665 MEDIUM This Month

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a. Rated medium severity (CVSS 5.6). No vendor patch available.

Intel Information Disclosure Core I3 Core I5 Core I7 +11
NVD
CVSS 3.1
5.6
EPSS
0.6%
CVE-2018-8897 HIGH POC PATCH THREAT Act Now

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Privilege Escalation Linux Race Condition Intel +12
NVD GitHub Exploit-DB
CVSS 3.0
7.8
EPSS
18.7%
CVE-2017-12137 HIGH PATCH This Week

arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Xen Xenserver Debian Linux
NVD
CVSS 3.0
8.8
EPSS
0.0%
CVE-2017-12136 HIGH PATCH This Week

Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the. Rated high severity (CVSS 7.8).

Denial Of Service Race Condition Xen Xenserver Debian Linux
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-12135 HIGH PATCH This Week

Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen Xenserver Debian Linux
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-12134 HIGH PATCH This Week

The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information,. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen Xenserver
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2015-7705 CRITICAL Emergency

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 31.0% and no vendor patch available.

Information Disclosure Ntp Oncommand Performance Manager Oncommand Unified Manager Clustered Data Ontap +4
NVD
CVSS 3.1
9.8
EPSS
31.0%
CVE-2015-7704 HIGH Act Now

The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.9% and no vendor patch available.

Denial Of Service Ntp Debian Linux Oncommand Performance Manager Oncommand Unified Manager +10
NVD
CVSS 3.1
7.5
EPSS
13.9%
CVE-2016-9637 HIGH This Week

The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via. Rated high severity (CVSS 7.5). No vendor patch available.

Privilege Escalation Xenserver
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2017-5573 MEDIUM This Month

An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Information Disclosure Xenserver
NVD VulDB
CVSS 3.0
4.9
EPSS
0.4%
CVE-2017-5572 MEDIUM This Month

An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Privilege Escalation Xenserver
NVD VulDB
CVSS 3.0
6.5
EPSS
0.4%
CVE-2016-10025 MEDIUM PATCH This Month

VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Amd Xen Xenserver
NVD VulDB
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-10024 MEDIUM PATCH This Month

Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Xen Xenserver
NVD VulDB
CVSS 3.0
6.0
EPSS
0.1%
CVE-2016-9386 HIGH PATCH This Week

The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected". Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Xenserver Xen
NVD VulDB
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-9385 MEDIUM PATCH This Month

The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Canonical Xen Xenserver
NVD VulDB
CVSS 3.0
6.0
EPSS
0.1%
CVE-2016-9383 HIGH PATCH This Week

Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service RCE Xen Xenserver
NVD VulDB
CVSS 3.0
8.8
EPSS
0.1%
CVE-2016-9382 HIGH PATCH This Week

Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Privilege Escalation Xen Xenserver
NVD VulDB
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-9381 HIGH This Week

Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability. Rated high severity (CVSS 7.5). No vendor patch available.

Race Condition Information Disclosure Qemu Xenserver
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2016-9380 HIGH PATCH This Week

The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in. Rated high severity (CVSS 7.5).

Information Disclosure Xen Xenserver
NVD VulDB
CVSS 3.0
7.5
EPSS
0.1%
CVE-2016-9379 HIGH PATCH This Week

The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes. Rated high severity (CVSS 7.9), this vulnerability is low attack complexity.

Information Disclosure Xen Xenserver
NVD VulDB
CVSS 3.0
7.9
EPSS
0.1%
CVE-2016-6259 MEDIUM PATCH This Month

Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Xen Xenserver
NVD
CVSS 3.0
6.2
EPSS
0.3%
CVE-2016-6258 HIGH PATCH This Week

The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Authentication Bypass Xen Xenserver
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2016-5302 CRITICAL Act Now

Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Authentication Bypass Xenserver
NVD
CVSS 3.0
9.8
EPSS
1.2%
CVE-2016-3712 MEDIUM PATCH This Month

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Buffer Overflow Vm Server Qemu +9
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2016-3710 HIGH PATCH This Week

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Buffer Overflow Debian Linux Helion Openstack Ubuntu Linux +12
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2015-8555 HIGH PATCH This Week

Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Xenserver Xen
NVD
CVSS 3.0
8.6
EPSS
0.6%
CVE-2016-1571 MEDIUM This Month

The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Canonical Denial Of Service Xenserver Xen
NVD
CVSS 3.0
6.3
EPSS
0.3%
CVE-2015-4106 MEDIUM This Month

QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Authentication Bypass Qemu Debian Linux Fedora +5
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2014-4948 MEDIUM This Month

Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and earlier allows attackers to cause a denial of service and obtain sensitive information by modifying the guest virtual hard disk. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Citrix Xenserver
NVD
CVSS 2.0
6.4
EPSS
0.5%
CVE-2014-4947 CRITICAL Act Now

Buffer overflow in the HVM graphics console support in Citrix XenServer 6.2 Service Pack 1 and earlier has unspecified impact and attack vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Buffer Overflow Xenserver
NVD
CVSS 2.0
10.0
EPSS
0.7%
CVE-2012-5512 LOW PATCH Monitor

Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity.

Denial Of Service Xenserver
NVD
CVSS 2.0
3.2
EPSS
0.1%
CVE-2012-3516 MEDIUM PATCH This Month

The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and. Rated medium severity (CVSS 6.9).

Privilege Escalation Denial Of Service Citrix Xenserver Xen
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2012-3498 MEDIUM This Month

PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory. Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. No vendor patch available.

Citrix Denial Of Service Xenserver Xen
NVD
CVSS 2.0
5.6
EPSS
0.1%
CVE-2012-3496 MEDIUM PATCH This Month

XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG. Rated medium severity (CVSS 4.7).

Citrix Denial Of Service Xenserver Xen
NVD
CVSS 2.0
4.7
EPSS
0.1%
CVE-2012-3495 MEDIUM This Month

The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Citrix Denial Of Service Xenserver Xen
NVD
CVSS 2.0
6.1
EPSS
0.1%
CVE-2012-3494 LOW PATCH Monitor

The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Citrix Xenserver Xen
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2012-0217 HIGH POC THREAT Act Now

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 88.0%.

Citrix Intel Buffer Overflow Oracle Canonical +12
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
88.0%
Threat
5.6
EPSS 0% CVSS 6.0
MEDIUM This Month

An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which may allow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Citrix Xenserver +1
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the. Rated medium severity (CVSS 5.6).

Denial Of Service Canonical Xen +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones. Rated high severity (CVSS 7.8). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Amd Information Disclosure Xen +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes. Rated high severity (CVSS 7.8).

Amd Information Disclosure Xen +2
NVD
EPSS 56% CVSS 9.8
CRITICAL Act Now

Citrix XenServer 7.1 and newer allows Directory Traversal. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Path Traversal Xenserver
NVD
EPSS 1% CVSS 5.6
MEDIUM This Month

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a. Rated medium severity (CVSS 5.6). No vendor patch available.

Intel Information Disclosure Core I3 +13
NVD
EPSS 19% CVSS 7.8
HIGH POC PATCH THREAT Act Now

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Privilege Escalation Linux +14
NVD GitHub Exploit-DB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Xen Xenserver +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the. Rated high severity (CVSS 7.8).

Denial Of Service Race Condition Xen +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen Xenserver +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information,. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen Xenserver
NVD
EPSS 31% CVSS 9.8
CRITICAL Emergency

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 31.0% and no vendor patch available.

Information Disclosure Ntp Oncommand Performance Manager +6
NVD
EPSS 14% CVSS 7.5
HIGH Act Now

The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.9% and no vendor patch available.

Denial Of Service Ntp Debian Linux +12
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via. Rated high severity (CVSS 7.5). No vendor patch available.

Privilege Escalation Xenserver
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Information Disclosure Xenserver
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Privilege Escalation Xenserver
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Amd +2
NVD VulDB
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Xen Xenserver
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected". Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Xenserver Xen
NVD VulDB
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Canonical Xen +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service RCE Xen +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Privilege Escalation Xen +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability. Rated high severity (CVSS 7.5). No vendor patch available.

Race Condition Information Disclosure Qemu +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in. Rated high severity (CVSS 7.5).

Information Disclosure Xen Xenserver
NVD VulDB
EPSS 0% CVSS 7.9
HIGH PATCH This Week

The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes. Rated high severity (CVSS 7.9), this vulnerability is low attack complexity.

Information Disclosure Xen Xenserver
NVD VulDB
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Xen Xenserver
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Authentication Bypass Xen Xenserver
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Authentication Bypass Xenserver
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Buffer Overflow +11
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Buffer Overflow Debian Linux +14
NVD
EPSS 1% CVSS 8.6
HIGH PATCH This Week

Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Xenserver Xen
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Canonical Denial Of Service Xenserver +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Authentication Bypass Qemu +7
NVD
EPSS 1% CVSS 6.4
MEDIUM This Month

Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and earlier allows attackers to cause a denial of service and obtain sensitive information by modifying the guest virtual hard disk. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Citrix Xenserver
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Buffer overflow in the HVM graphics console support in Citrix XenServer 6.2 Service Pack 1 and earlier has unspecified impact and attack vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Buffer Overflow Xenserver
NVD
EPSS 0% CVSS 3.2
LOW PATCH Monitor

Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity.

Denial Of Service Xenserver
NVD
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and. Rated medium severity (CVSS 6.9).

Privilege Escalation Denial Of Service Citrix +2
NVD
EPSS 0% CVSS 5.6
MEDIUM This Month

PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory. Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. No vendor patch available.

Citrix Denial Of Service Xenserver +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG. Rated medium severity (CVSS 4.7).

Citrix Denial Of Service Xenserver +1
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Citrix Denial Of Service Xenserver +1
NVD
EPSS 0% CVSS 2.1
LOW PATCH Monitor

The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Citrix +2
NVD
EPSS 88% 5.6 CVSS 7.2
HIGH POC THREAT Act Now

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 88.0%.

Citrix Intel Buffer Overflow +14
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy