Lucene search
K

862 matches found

OSV
OSV
added 6 days ago3 views

ALPINE-CVE-2026-42486

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7AI score0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-42486 Multiple RBAC issues in XAPI

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS0.0014EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-42604

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.3AI score0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-23560 Multiple RBAC issues in XAPI

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS0.0014EPSS
Exploits0References1
CVE
CVE
added 6 days ago27 views

CVE-2026-23560

Summary: The CVE-2026-23560 issue is described in multiple sources as a RBAC-related vulnerability in XAPI for XenServer/XCP-ng where a vm-admin can modify VM.other-config:is_system_domain to mark a VM as a system domain. This can cause system domains to be ignored or hidden during certain host/p...

9.4CVSS7.3AI score0.0014EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42603

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.3AI score0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago30 views

CVE-2026-23559 Multiple RBAC issues in XAPI

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS0.00134EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42602

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.3AI score0.00134EPSS
Exploits0References1
CVE
CVE
added 6 days ago21 views

CVE-2026-23559

CVE-2026-23559 (and related RBAC issues 23560–23562, 42486) affect XAPI in XenServer/XCP-ng where a vm-admin can abuse RBAC to gain higher privileges, including arbitrary read/modify of dom0 files via VBD.other_config, alter system-domain status, disrupt PBD/storage-domain mappings, and potential...

9.4CVSS7.3AI score0.00134EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.11 views

SUSE SLES15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2026:2613-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2613-1 advisory. This update for xen fixes the following issues - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264066. - CVE-2026-42487:...

8.1CVSS5.9AI score0.00353EPSS
Exploits0References15
CVE
CVE
added 2026/06/18 1:46 p.m.52 views

CVE-2026-42487

CVE-2026-42487 concerns the Xen hypervisor’s handling of x86 HVM I/O port list traversal. The root cause stated in the sources is that traversal of the linked list used for guest I/O port accesses requires synchronization with updates to the translation/mapping (XEN_DOMCTL_ioport_mapping), but th...

7.9CVSS5.2AI score0.00095EPSS
Exploits0References3
OSV
OSV
added 2026/06/10 7:39 a.m.7 views

SUSE-SU-2026:2328-1 Security update for xen

This update for xen fixes the following issues: - CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. - CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. - CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse bsc1266953...

8.1CVSS5.4AI score0.00353EPSS
Exploits0References8
OSV
OSV
added 2026/06/05 10:43 a.m.8 views

MINI-4V25-HVM2-HP78

Bulletin has no description...

7.5CVSS5.1AI score0.00159EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.6 views

PT-2026-27499

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Xen privcmd driver allows user space processes to issue arbitrary hypercalls. Normally, access is limited to root and the hypervisor denies hypercalls affecting other domains. Howeve...

8.2CVSS6AI score0.00154EPSS
Exploits0References294
Xen Project
Xen Project
added 2025/10/24 12:14 p.m.12 views

Incorrect removal of permissions on PCI device unplug

ISSUE DESCRIPTION When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the...

7.5CVSS6.8AI score0.00396EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-10191

Malware in sbrugna...

7.5CVSS8AI score0.00295EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-7754

Malware in sbrugna...

6.8CVSS6.9AI score0.00279EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-7552

Malware in sbrugna...

8.8CVSS8.6AI score0.00364EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-26642

Malware in sbrugna...

5.5CVSS5.3AI score0.00417EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-2166

Malware in sbrugna...

5.7CVSS6AI score0.00621EPSS
Exploits0References8
Rows per page
Query Builder