CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

OSV•added 2018/05/10 10:29 p.m.•2 views

UBUNTU-CVE-2018-10981

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service host OS infinite loop in situations where a QEMU device model attempts to make invalid transitions between states of a request...

6.5CVSS6.9AI score0.00442EPSS

Exploits0References4

OSV•added 2018/04/27 3:29 p.m.•1 views

UBUNTU-CVE-2018-10471

An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service out-of-bounds zero write and hypervisor crash via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754...

6.5CVSS6.9AI score0.00425EPSS

Exploits0References3

OSV•added 2017/07/05 1:29 a.m.•4 views

UBUNTU-CVE-2017-10913

The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1...

9.8CVSS7.3AI score0.02838EPSS

Exploits0References3

OSV•added 2017/07/05 1:29 a.m.•2 views

UBUNTU-CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

7.5CVSS6.9AI score0.01349EPSS

Exploits0References3

OSV•added 2017/02/22 4:59 p.m.•2 views

UBUNTU-CVE-2016-9378

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service guest crash by leveraging an incorrect choice for software interrupt delivery...

5.5CVSS6.8AI score0.00341EPSS

Exploits0References3

OSV•added 2015/12/17 12:0 a.m.•1 views

UBUNTU-CVE-2015-8551

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service NULL pointer dereference and host OS crash by leveraging a system with access to a...

6CVSS6.8AI score0.00451EPSS

Exploits0References11

OSV•added 2015/10/01 8:59 p.m.•1 views

UBUNTU-CVE-2015-7311

libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image...

3.6CVSS7.2AI score0.00417EPSS

Exploits0References3

OSV•added 2015/06/03 12:0 a.m.•3 views

UBUNTU-CVE-2015-4103

Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service host interrupt handling confusion via vectors related to qemu and accessing spanning multiple fields...

4.9CVSS7.2AI score0.0045EPSS

Exploits0References4

OSV•added 2015/06/03 12:0 a.m.•0 views

UBUNTU-CVE-2015-4105

Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service host disk consumption via certain invalid operations...

4.9CVSS7.2AI score0.00478EPSS

Exploits0References4

OSV•added 2014/05/02 2:55 p.m.•1 views

UBUNTU-CVE-2014-3125

Xen 4.4.x, when running on an ARM system, does not properly context switch the CNTKCTLEL1 register, which allows local guest users to modify the hardware timers and cause a denial of service crash via unspecified vectors...

6.2CVSS5.8AI score0.00629EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by