Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2021/06/11 3:15 p.m.1 views

ALPINE-CVE-2021-28687

HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline, but not all of...

5.5CVSS7AI score0.00045EPSS
Exploits0References1
NVD
NVDadded 2018/07/02 5:29 p.m.17 views

CVE-2018-12892

An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...

9.9CVSS9.3AI score0.02771EPSS
Exploits0References6
FreeBSD
FreeBSDadded 2015/03/31 12:0 a.m.30 views

xen-kernel and xen-tools -- Long latency MMIO mapping operations are not preemptible

The Xen Project reports: The XENDOMCTLmemorymapping hypercall allows long running operations without implementing preemption. This hypercall is used by the device model as part of the emulation associated with configuration of PCI devices passed through to HVM guests and is therefore indirectly...

4.9CVSS6.6AI score0.00122EPSS
Exploits0References1
Xen Project
Xen Projectadded 2014/06/17 11:44 a.m.21 views

unexpected pitfall in xenaccess API

ISSUE DESCRIPTION A test/example program, for exercising the Xen memaccess API, does not take all necessary precautions against hostile guest behaviour. As a result, software developers using it as an example or template might have written and deployed vulnerable code. See the patch for technical...

1.1AI score
Exploits0
Xen Project
Xen Projectadded 2014/02/12 12:0 p.m.70 views

use-after-free in xc_cpupool_getinfo() under memory pressure

ISSUE DESCRIPTION If xccpumapalloc fails then xccpupoolgetinfo will free and incorrectly return the then-free pointer to the result structure. IMPACT An attacker may be able to cause a multi-threaded toolstack using this function to race against itself leading to heap corruption and a potential...

4.6CVSS5.2AI score0.00083EPSS
Exploits0
Xen Project
Xen Projectadded 2013/10/10 12:0 p.m.79 views

misplaced free in ocaml xc_vcpu_getaffinity stub

ISSUE DESCRIPTION The ocaml binding for the xcvcpugetaffinity function incorrectly frees a pointer before using it and subsequently freeing it again afterwards. The code therefore contains a use-after-free and double-free flaws. IMPACT An attacker may be able to cause a multithreaded toolstack...

4.6CVSS0.8AI score0.00086EPSS
Exploits0
Rows per page
Query Builder