Lucene search
K

24 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-17340

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-table transfer requests...

8.8CVSS6.8AI score0.00353EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 6:29 p.m.10 views

CVE-2021-28705

issues with partially successful P2M updates on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have...

7.8CVSS6.5AI score0.00338EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:26 a.m.3 views

SUSE CVE-2018-12891

An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions...

2.5CVSS6.7AI score0.00435EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2023/02/15 4:21 a.m.6 views

SUSE CVE-2018-19964

An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service host OS hang because the p2m lock remains unavailable indefinitely in certain error conditions...

5.6CVSS6.5AI score0.00357EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:7 a.m.3 views

SUSE CVE-2019-17340

An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-table transfer requests are mishandled...

7CVSS7.2AI score0.00353EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:7 a.m.1 views

SUSE CVE-2019-17347

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux and possibly other guest kernels...

7.8CVSS7.3AI score0.00352EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.2 views

SUSE CVE-2019-19582

An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service infinite loop because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track certain state. Iteration over all bits involves functions which...

6.5CVSS6.8AI score0.00378EPSS
Exploits0References8
Xen Project
Xen Project
added 2022/04/05 12:0 p.m.60 views

race in VT-d domain ID cleanup

ISSUE DESCRIPTION Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The cleaning up of the housekeeping...

7CVSS0.6AI score0.00248EPSS
Exploits0Affected Software1
OSV
OSV
added 2022/01/25 2:15 p.m.22 views

CVE-2022-23035

Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests involves an iterative operation in particular when cleaning up after the guest's use of the device. In the case where an interrupt is not quiescent yet at the time...

4.6CVSS7AI score
Exploits0References5
NVD
NVD
added 2021/11/24 2:15 a.m.22 views

CVE-2021-28705

issues with partially successful P2M updates on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have...

7.8CVSS0.00333EPSS
Exploits0References5
OSV
OSV
added 2021/11/24 2:15 a.m.1 views

UBUNTU-CVE-2021-28705

issues with partially successful P2M updates on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have...

7.8CVSS7.2AI score0.00333EPSS
Exploits0References3
OSV
OSV
added 2021/11/24 2:15 a.m.1 views

UBUNTU-CVE-2021-28709

issues with partially successful P2M updates on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have...

7.8CVSS7.2AI score0.00338EPSS
Exploits0References3
OSV
OSV
added 2021/11/24 1:15 a.m.2 views

DEBIAN-CVE-2021-28708

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

8.8CVSS8AI score0.00328EPSS
Exploits0References1
OSV
OSV
added 2021/11/24 1:15 a.m.25 views

CVE-2021-28707

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

8.8CVSS6.6AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2020/12/02 6:15 p.m.21 views

CVE-2020-29040

An off-by-one flaw was found in one of the two patches for CVE-2020-27671 XSA-346. This flaw allows malicious x86 HVM and PVH guests to cause host data corruption and data leaks, resulting in a denial of service or potential privilege escalation. The highest threat from this vulnerability is to...

8.8CVSS2.6AI score0.00373EPSS
Exploits0References4
OSV
OSV
added 2019/12/11 6:16 p.m.4 views

ALPINE-CVE-2019-19582

An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service infinite loop because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track certain state. Iteration over all bits involves functions which...

6.5CVSS6.6AI score0.00378EPSS
Exploits0References1
OSV
OSV
added 2019/10/31 2:15 p.m.1 views

UBUNTU-CVE-2019-18420

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOPinitialise hypercall. hypercallcreatecontinuation is a variadic function which uses a printf-like format string to interpret its parameters. Error handling for a bad format...

6.5CVSS6.6AI score0.02522EPSS
Exploits0References5
OSV
OSV
added 2017/10/18 8:29 a.m.2 views

UBUNTU-CVE-2017-15590

An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service hypervisor crash or possibly gain privileges because MSI mapping was mishandled...

8.8CVSS7.3AI score0.0041EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/10/09 12:0 a.m.36 views

Debian DLA-1128-1 : qemu-kvm security update

Multiple vulnerabilities were discovered in qemu-kvm, a full virtualization solution for Linux hosts on x86 hardware with x86 guests based on the Quick EmulatorQemu. CVE-2017-14167 Incorrect validation of multiboot headers could result in the execution of arbitrary code. CVE-2017-15038 When using...

8.8CVSS6.8AI score0.00603EPSS
Exploits0References4
Debian
Debian
added 2017/10/08 4:45 p.m.45 views

[SECURITY] [DLA 1128-1] qemu-kvm security update

Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u24 CVE ID : CVE-2017-14167 CVE-2017-15038 Multiple vulnerabilities were discovered in qemu-kvm, a full virtualization solution for Linux hosts on x86 hardware with x86 guests based on the Quick EmulatorQemu. CVE-2017-14167 Incorrect validation of...

8.8CVSS7AI score0.00603EPSS
Exploits0
Rows per page
Query Builder