Lucene search
K

36 matches found

NVD
NVD
added 7 hours ago4 views

CVE-2026-23561

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS
Exploits0References1
NVD
NVD
added 7 hours ago4 views

CVE-2026-23562

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS
Exploits0References1
NVD
NVD
added 7 hours ago4 views

CVE-2026-23560

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS
Exploits0References1
NVD
NVD
added 7 hours ago4 views

CVE-2026-23559

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS
Exploits0References1
Cvelist
Cvelist
added 8 hours ago5 views

CVE-2026-42486 Multiple RBAC issues in XAPI

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS
Exploits0References1
EUVD
EUVD
added 8 hours ago4 views

EUVD-2026-42608

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.2AI score
Exploits0References1
Cvelist
Cvelist
added 8 hours ago5 views

CVE-2026-23562 Multiple RBAC issues in XAPI

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS
Exploits0References1
CVE
CVE
added 8 hours ago18 views

CVE-2026-23562

The CVE-2026-23562 entry concerns RBAC mis-configuration in XAPI. The advisory notes that the PCI passthrough configuration was normally restricted to pool-admin, but one API did not enforce this check, allowing a vm-admin to access unintended host hardware. This is described alongside related RB...

9.4CVSS7.2AI score
Exploits0References1
EUVD
EUVD
added 8 hours ago4 views

EUVD-2026-42607

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.2AI score
Exploits0References1
Cvelist
Cvelist
added 8 hours ago4 views

CVE-2026-23561 Multiple RBAC issues in XAPI

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS
Exploits0References1
CVE
CVE
added 8 hours ago29 views

CVE-2026-23561

CVE-2026-23561 is part of a set of RBAC-related issues in XAPI (XenServer/XCP-ng) where certain administrator roles (vm-admin, etc.) can improperly modify RBAC-protected settings. Specifically, this CVE allows a vm-admin to set VM.other_config:storage_driver_domain and mark a VM as the storage do...

9.4CVSS7.3AI score
Exploits0References1
EUVD
EUVD
added 8 hours ago4 views

EUVD-2026-42604

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.3AI score
Exploits0References1
CVE
CVE
added 8 hours ago14 views

CVE-2026-23560

Summary: The CVE-2026-23560 issue is described in multiple sources as a RBAC-related vulnerability in XAPI for XenServer/XCP-ng where a vm-admin can modify VM.other-config:is_system_domain to mark a VM as a system domain. This can cause system domains to be ignored or hidden during certain host/p...

9.4CVSS7.3AI score
Exploits0References1
Cvelist
Cvelist
added 8 hours ago5 views

CVE-2026-23560 Multiple RBAC issues in XAPI

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS
Exploits0References1
CVE
CVE
added 8 hours ago18 views

CVE-2026-23559

CVE-2026-23559 (and related RBAC issues 23560–23562, 42486) affect XAPI in XenServer/XCP-ng where a vm-admin can abuse RBAC to gain higher privileges, including arbitrary read/modify of dom0 files via VBD.other_config, alter system-domain status, disrupt PBD/storage-domain mappings, and potential...

9.4CVSS7.3AI score
Exploits0References1
Cvelist
Cvelist
added 8 hours ago3 views

CVE-2026-23559 Multiple RBAC issues in XAPI

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS
Exploits0References1
EUVD
EUVD
added 8 hours ago5 views

EUVD-2026-42602

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.3AI score
Exploits0References1
Xen Project
Xen Project
added 2026/04/28 6:5 p.m.12 views

Multiple RBAC issues in XAPI

ISSUE DESCRIPTION XAPI can configure different users with different roles, using Role Based Access Control. For more details, see: https://docs.xenserver.com/en-us/xencenter/current-release/rbac-overview.htmlrbac-roles The pool-admin role is fully privileged. Notably, users with this role can als...

9.4CVSS5.4AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-1907

Malware in sbrugna...

6.5CVSS6.6AI score0.01036EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.18 views

RHEL 7 : ovirt-engine-backend (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ovirt-engine: connection does not validate certificate attributes. CVE-2014-3706 - Red Hat Enterprise...

6.5CVSS7.3AI score0.01244EPSS
Exploits0References3
Rows per page
Query Builder