Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-3385

Malware in sbrugna...

2.9CVSS8.2AI score0.00793EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2023/02/15 5:29 a.m.5 views

SUSE CVE-2014-2599

The HVMOPsetmemaccess HVM control operations in Xen 4.1.x for 32-bit and 4.1.x through 4.4.x for 64-bit allow local guest administrators to cause a denial of service CPU consumption by leveraging access to certain service domains for HVM guests and a large input...

4.9CVSS6.3AI score0.00399EPSS
Exploits0References8
OSV
OSV
added 2015/05/12 9:54 p.m.10 views

SUSE-SU-2015:0923-1 Security update for xen

XEN was updated to fix two security issues and bugs. Security issues fixed: CVE-2015-3340: Xen did not initialize certain fields, which allowed certain remote service domains to obtain sensitive information from memory via a 1 XENDOMCTLgettscinfo or 2 XENSYSCTLgetdomaininfolist request...

7.7CVSS9.1AI score0.15275EPSS
Exploits1References9
OSV
OSV
added 2015/04/28 2:59 p.m.7 views

CVE-2015-3340

Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a 1 XENDOMCTLgettscinfo or 2 XENSYSCTLgetdomaininfolist request...

9AI score
Exploits0References12
Prion
Prion
added 2015/04/28 2:59 p.m.24 views

Cross site request forgery (csrf)

Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a 1 XENDOMCTLgettscinfo or 2 XENSYSCTLgetdomaininfolist request...

2.9CVSS6.4AI score0.00793EPSS
Exploits0References11Affected Software9
UbuntuCve
UbuntuCve
added 2015/04/28 2:59 p.m.23 views

CVE-2015-3340

Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a 1 XENDOMCTLgettscinfo or 2 XENSYSCTLgetdomaininfolist request...

2.9CVSS7.2AI score0.00793EPSS
Exploits0References2
Cvelist
Cvelist
added 2015/04/28 2:0 p.m.21 views

CVE-2015-3340

Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a 1 XENDOMCTLgettscinfo or 2 XENSYSCTLgetdomaininfolist request...

6.5AI score0.00793EPSS
Exploits0References11
Xen Project
Xen Project
added 2015/04/20 5:10 p.m.67 views

Information leak through XEN_DOMCTL_gettscinfo

ISSUE DESCRIPTION The handler for XENDOMCTLgettscinfo failed to initialize a padding field subsequently copied to guest memory. A similar bug existed in XENSYSCTLgetdomaininfolist, which is addressed by the patches provided here even though that operation was declared by XSA-77 not to provide...

2.9CVSS9AI score0.00793EPSS
Exploits0Affected Software1
Xen Project
Xen Project
added 2014/11/18 12:0 p.m.55 views

Insufficient restrictions on certain MMU update hypercalls

ISSUE DESCRIPTION MMU update operations targeting page tables are intended to be used on PV guests only. The lack of a respective check made it possible for such operations to access certain function pointers which remain NULL when the target guest is using Hardware Assisted Paging HAP. IMPACT...

5.4CVSS9AI score0.02221EPSS
Exploits0Affected Software1
Xen Project
Xen Project
added 2014/06/03 12:0 p.m.70 views

Vulnerabilities in HVM MSI injection

ISSUE DESCRIPTION The implementation of the HVM control operation HVMOPinjectmsi, while checking whether a particular IRQ was already set up in the necessary way, fails to properly check all respective conditions. In particular it doesn't check the returned pointer for being non-NULL before de-...

5.5CVSS6.4AI score0.00719EPSS
Exploits0Affected Software1
NVD
NVD
added 2014/03/28 3:55 p.m.24 views

CVE-2014-2599

The HVMOPsetmemaccess HVM control operations in Xen 4.1.x for 32-bit and 4.1.x through 4.4.x for 64-bit allow local guest administrators to cause a denial of service CPU consumption by leveraging access to certain service domains for HVM guests and a large input...

4.9CVSS6.1AI score0.00399EPSS
Exploits0References8
OSV
OSV
added 2014/03/28 3:55 p.m.1 views

DEBIAN-CVE-2014-2599

The HVMOPsetmemaccess HVM control operations in Xen 4.1.x for 32-bit and 4.1.x through 4.4.x for 64-bit allow local guest administrators to cause a denial of service CPU consumption by leveraging access to certain service domains for HVM guests and a large input...

4.9CVSS6.2AI score0.00399EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2014/03/28 3:55 p.m.3 views

CVE-2014-2599

The HVMOPsetmemaccess HVM control operations in Xen 4.1.x for 32-bit and 4.1.x through 4.4.x for 64-bit allow local guest administrators to cause a denial of service CPU consumption by leveraging access to certain service domains for HVM guests and a large input...

4.9CVSS5.5AI score0.00399EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2014/03/28 3:55 p.m.22 views

CVE-2014-2599

The HVMOPsetmemaccess HVM control operations in Xen 4.1.x for 32-bit and 4.1.x through 4.4.x for 64-bit allow local guest administrators to cause a denial of service CPU consumption by leveraging access to certain service domains for HVM guests and a large input...

4.9CVSS5.9AI score0.00399EPSS
Exploits0References5
Cvelist
Cvelist
added 2014/03/28 3:0 p.m.26 views

CVE-2014-2599

The HVMOPsetmemaccess HVM control operations in Xen 4.1.x for 32-bit and 4.1.x through 4.4.x for 64-bit allow local guest administrators to cause a denial of service CPU consumption by leveraging access to certain service domains for HVM guests and a large input...

5.9AI score0.00399EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2014/03/28 3:0 p.m.38 views

CVE-2014-2599

The HVMOPsetmemaccess HVM control operations in Xen 4.1.x for 32-bit and 4.1.x through 4.4.x for 64-bit allow local guest administrators to cause a denial of service CPU consumption by leveraging access to certain service domains for HVM guests and a large input...

4.9CVSS4.7AI score0.00399EPSS
Exploits0
Rows per page
Query Builder