Lucene search
K

56 matches found

NVD
NVD
added 2026/02/18 9:16 p.m.10 views

CVE-2026-0665

An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial of service or potential memory corruption...

6.5CVSS0.00143EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.15 views

PT-2026-4318

Name of the Vulnerable Software and Affected Versions QEMU affected versions not specified Description An error in QEMU’s KVM Xen guest support allows a malicious guest to cause out-of-bounds heap accesses within the QEMU process. This is triggered through the emulated Xen physdev hypercall...

6.5CVSS5.5AI score0.00165EPSS
Exploits0References58
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2013-4257

Malware in sbrugna...

2.7CVSS8.5AI score0.00585EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2015-5173

Malware in sbrugna...

7.2CVSS8.5AI score0.00426EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-3470

Malware in sbrugna...

7.2CVSS8.2AI score0.00528EPSS
Exploits0References53
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2018-12892

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an...

9.9CVSS6.9AI score0.02554EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:36 a.m.4 views

SUSE CVE-2013-4375

The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service domain grant reference consumption via unspecified vectors...

2.7CVSS6.3AI score0.00585EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:20 a.m.6 views

SUSE CVE-2015-2756

QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service non-maskable interrupt and host crash by disabling the 1 memory or 2 I/O decoding for a PCI Express device and then accessing...

4.9CVSS6.5AI score0.0045EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:14 a.m.9 views

SUSE CVE-2015-7311

libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image...

3.6CVSS6.5AI score0.00417EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.3 views

SUSE CVE-2016-9381

Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability...

7.5CVSS9AI score0.00295EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2023/02/15 4:26 a.m.7 views

SUSE CVE-2018-12892

An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...

5.5CVSS6.7AI score0.02554EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2015:1384-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.8AI score0.13288EPSS
Exploits0References5
NVD
NVD
added 2018/07/02 5:29 p.m.20 views

CVE-2018-12892

An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...

9.9CVSS9.3AI score0.02554EPSS
Exploits0References6
Prion
Prion
added 2018/07/02 5:29 p.m.23 views

Design/Logic Flaw

An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...

6.5CVSS9.1AI score0.02554EPSS
Exploits0References6Affected Software2
OSV
OSV
added 2018/07/02 5:29 p.m.6 views

UBUNTU-CVE-2018-12892

An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...

9.9CVSS7.1AI score0.02554EPSS
Exploits0References3
OSV
OSV
added 2018/07/02 5:29 p.m.3 views

DEBIAN-CVE-2018-12892

An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...

9.9CVSS9AI score0.02554EPSS
Exploits0References1
OSV
OSV
added 2018/07/02 5:29 p.m.5 views

ALPINE-CVE-2018-12892

An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...

9.9CVSS6.7AI score0.02554EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/07/02 5:0 p.m.31 views

CVE-2018-12892

An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...

6.4AI score0.02554EPSS
Exploits0References6
Xen Project
Xen Project
added 2018/06/27 9:0 p.m.541 views

libxl fails to honour readonly flag on HVM emulated SCSI disks

ISSUE DESCRIPTION libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. IMPACT Malicious guest administrators or in some situations users may be able to write to supposedly read-only disk images. VULNERABLE...

9.9CVSS1.1AI score0.02554EPSS
Exploits0
Xen Project
Xen Project
added 2018/04/25 12:0 p.m.559 views

Information leak via crafted user-supplied CDROM

ISSUE DESCRIPTION QEMU handles many different file formats for virtual disks e.g., raw, qcow2, vhd, &c. Some of these formats are "snapshots" that specify "patches" to an alternate disk image, whose filename is included in the snapshot file. When qemu is given a disk but the type is not specified...

5.6CVSS1.6AI score0.00373EPSS
Exploits0
Rows per page
Query Builder