Lucene search
K

141 matches found

Xen Project
Xen Project
added 2026/04/28 12:0 p.m.9 views

Xenstored DoS via XS_RESET_WATCHES command

ISSUE DESCRIPTION Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with NDEBUG defined nothing bad will happen, as assert is doing nothing in this case. Note that the default is not to define...

6.5CVSS5.3AI score0.00158EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-5405

Malware in sbrugna...

6.9CVSS8.5AI score0.00406EPSS
Exploits4References28
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-4251

Malware in sbrugna...

1.9CVSS6AI score0.00343EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2013-0197

Malware in sbrugna...

1.9CVSS6AI score0.00372EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-5044

Malware in sbrugna...

4.7CVSS9.1AI score0.00428EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-2150

Malware in sbrugna...

6.9CVSS6.1AI score0.00375EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-3450

Malware in sbrugna...

2.1CVSS8.5AI score0.00437EPSS
Exploits0References28
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-1916

Malware in sbrugna...

3.3CVSS8.5AI score0.00344EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2013-2194

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflows in the Elf parser libelf in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified...

6.9CVSS5.9AI score0.00375EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2012-4544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk 1 before or 2 after decompression, which allows local guest...

2.1CVSS7.3AI score0.0042EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.3 views

SUSE CVE-2013-0152

Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a denial of service host memory consumption by performing nested virtualization in a way that triggers errors that are not properly handled...

4.7CVSS6.3AI score0.00373EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:30 a.m.6 views

SUSE CVE-2014-1895

Off-by-one error in the flasksecurityavccachestats function in xsm/flask/flaskop.c in Xen 4.2.x and 4.3.x, when the maximum number of physical CPUs are in use, allows local users to cause a denial of service host crash or obtain sensitive information from hypervisor memory by leveraging a...

5.8CVSS6.1AI score0.00525EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2015/10/30 10:34 a.m.27 views

CVE-2012-3497

1 TMEMCSAVEGETCLIENTWEIGHT, 2 TMEMCSAVEGETCLIENTCAP, 3 TMEMCSAVEGETCLIENTFLAGS and 4 TMEMCSAVEEND in the Transcendent Memory TMEM in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service NULL pointer dereference or memory corruption and host crash or possibly have other...

6.9CVSS7.6AI score0.00396EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2015/10/30 9:21 a.m.24 views

CVE-2012-6031

The dotmemget function in the Transcendent Memory TMEM in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service CPU hang and host crash via unspecified vectors related to a spinlock being held in the "badcopy error path." NOTE: this issue was originally published as part o...

6.9CVSS6.5AI score0.00396EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2015/10/30 9:18 a.m.28 views

CVE-2012-6035

The dotmemdestroypool function in the Transcendent Memory TMEM in Xen 4.0, 4.1, and 4.2 does not properly validate pool ids, which allows local guest OS users to cause a denial of service memory corruption and host crash or execute arbitrary code via unspecified vectors. NOTE: this issue was...

6.9CVSS8.1AI score0.0042EPSS
Exploits0References2
Xen Project
Xen Project
added 2015/06/11 12:0 p.m.47 views

GNTTABOP_swap_grant_ref operation misbehavior

ISSUE DESCRIPTION With the introduction of version 2 grant table operations, a version check became necessary for most grant table related hypercalls. The GNTTABOPswapgrantref call was lacking such a check. As a result, the subsequent code behaved as if version 2 was in use, when a guest issued...

4.9CVSS8.8AI score0.00439EPSS
Exploits0Affected Software1
NVD
NVD
added 2015/01/07 7:59 p.m.18 views

CVE-2015-0361

Use-after-free vulnerability in Xen 4.2.x, 4.3.x, and 4.4.x allows remote domains to cause a denial of service system crash via a crafted hypercall during HVM guest teardown...

7.8CVSS8.1AI score0.02513EPSS
Exploits0References8
CVE
CVE
added 2015/01/07 7:0 p.m.63 views

CVE-2015-0361

CVE-2015-0361 : Use-after-free in Xen 4.2.x/4.3.x/4.4.x allows remote domains to crash the system via a crafted hypercall during HVM guest teardown. The initial description does not provide exploit details beyond this, and no remediation or affected patch version is stated in the provided documen...

7.8CVSS5.2AI score0.02513EPSS
Exploits0References8Affected Software1
Xen Project
Xen Project
added 2014/12/08 12:0 p.m.74 views

p2m lock starvation

ISSUE DESCRIPTION The current read/write lock implementation is read-biased, which allows a consistent stream of readers to starve writers indefinitely. There are certain rwlocks where guests are capable of applying arbitrary read pressure. IMPACT A malicious guest administrator can deny service ...

4.7CVSS8.9AI score0.00398EPSS
Exploits0Affected Software1
NVD
NVD
added 2014/08/22 2:55 p.m.22 views

CVE-2014-5146

Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging HAP, are not preemptible, which allows local HVM guest to cause a denial of service vcpu consumption by invoking these operations, which process every page assigned to ...

4.7CVSS8.1AI score0.00428EPSS
Exploits0References9
Rows per page
Query Builder