Lucene search
K

18 matches found

CVE
CVE
added 2026/06/18 1:46 p.m.46 views

CVE-2026-42487

CVE-2026-42487 concerns the Xen hypervisor’s handling of x86 HVM I/O port list traversal. The root cause stated in the sources is that traversal of the linked list used for guest I/O port accesses requires synchronization with updates to the translation/mapping (XEN_DOMCTL_ioport_mapping), but th...

7.9CVSS5.2AI score0.00095EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-6188

Malware in sbrugna...

4.7CVSS6.1AI score0.00395EPSS
Exploits0References14
OSV
OSV
added 2025/07/03 1:59 p.m.7 views

CLSA-2025-1751551161 Update of grub2

Improve Xen detection so we don't set GRUBENABLEBLSCFG=false for HVM domU guests - Debrand for Cloudlinux...

5.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-49101

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xen: delay xenhvminittimeops if kdump is boot on vcpu=32 The schedclock can be used very ear...

7.2AI score
Exploits0References1
Cvelist
Cvelist
added 2025/02/26 1:54 a.m.11 views

CVE-2022-49101

...

Exploits0
SUSE CVE
SUSE CVE
added 2024/01/31 2:55 a.m.3 views

SUSE CVE-2023-46840

Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen...

4.1CVSS7.2AI score0.00264EPSS
Exploits0References5
OSV
OSV
added 2022/03/10 5:44 p.m.7 views

AZL-8965 CVE-2021-4095 affecting package kernel for versions less than 5.15.37.1-2

A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVMXENHVMSETATTR ioctl. This fl...

5.5CVSS7.3AI score0.00387EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2021/02/19 12:0 a.m.43 views

Debian DLA-2560-1 : qemu security update

Several vulnerabilities were discovered in QEMU, a fast processor emulator notably used in KVM and Xen HVM virtualization. An attacker could trigger a denial of service DoS, information leak, and possibly execute arbitrary code with the privileges of the QEMU process on the host. CVE-2020-15469 A...

7.5CVSS7.4AI score0.0183EPSS
Exploits3References11
Cvelist
Cvelist
added 2021/01/26 7:58 p.m.27 views

CVE-2021-3308

An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors...

5.9AI score0.00417EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/06/18 12:0 a.m.255 views

SUSE SLES12 Security Update : qemu (SUSE-SU-2020:1538-1)

This update for qemu fixes the following issues : Security issues fixed : CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code bsc1166240. CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation bsc1146873. CVE-2020-1983: Fixed a use-after-free in the ipreass...

7.8CVSS6.4AI score0.04027EPSS
Exploits1References23
Tenable Nessus
Tenable Nessus
added 2019/09/23 12:0 a.m.45 views

Debian DLA-1927-1 : qemu security update

Several vulnerabilities were found in QEMU, a fast processor emulator notably used in KVM and Xen HVM virtualization. CVE-2016-5126 Heap-based buffer overflow in the iscsiaioioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service QEMU process crash or...

8.8CVSS7.5AI score0.16658EPSS
Exploits4References10
OPENSUSE Linux
OPENSUSE Linux
added 2018/04/13 12:9 a.m.82 views

Security update for libvirt (important)

This update for libvirt and virt-manager fixes the following issues: Security issues fixed: - CVE-2017-5715: Fixes for speculative side channel attacks aka "SpectreAttack" var2 bsc1079869. - CVE-2018-6764: Fixed guest executable code injection via libnssdns.so loaded by libvirtlxc before init...

4.7CVSS0.1AI score0.74041EPSS
Exploits8References10
Tenable Nessus
Tenable Nessus
added 2018/04/12 12:0 a.m.44 views

SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2018:0920-1) (Spectre)

This update for libvirt and virt-manager fixes the following issues: Security issues fixed : - CVE-2017-5715: Fixes for speculative side channel attacks aka 'SpectreAttack' var2 bsc1079869. - CVE-2018-6764: Fixed guest executable code injection via libnssdns.so loaded by libvirtlxc before init...

7.8CVSS7.1AI score0.74041EPSS
Exploits8References17
OSV
OSV
added 2014/10/02 2:55 p.m.2 views

DEBIAN-CVE-2014-7188

The hvmmsrreadintercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service host crash or read data from the hypervisor or other guests via unspecified vectors...

8.3CVSS8.7AI score0.00858EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2014/10/02 2:0 p.m.34 views

CVE-2014-7155

The x86emulate function in arch/x86/x86emulate/x86emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service guest crash or gain guest kernel mode privileges via vectors involving an 1 HLT, 2 LGDT, 3 LIDT, or 4...

5.8CVSS5.9AI score0.00968EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/05/26 12:0 a.m.38 views

Fedora 20 : libvirt-1.1.3.5-2.fc20 (2014-6586)

Fix xen hvm VNC port bz 1094262 - CVE-2014-0179: Unsafe XML parsing bz 1094792, bz 1088290 - Fix failure to start xen instances rackspace in particular bz 1098376 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...

1.9CVSS6.9AI score0.0056EPSS
Exploits0References3
myhack58
myhack58
added 2013/06/21 12:0 a.m.45 views

The United States VPS management system SolusVM 1.13.03 SQL injection vulnerability with exp-a vulnerability warning-the black bar safety net

SolusVM software is a powerful graphical user interface for VPS management system that can simultaneously manage three kinds of Virtualization Technology: OpenVZ ,Xen Paravirtualization and Xen HVM in. The use of this software open us VPS customer, will feel he is very safe and convenient. Poor...

1.2AI score
Exploits0
OpenVAS
OpenVAS
added 2011/01/31 12:0 a.m.31 views

CentOS Update for kernel CESA-2010:0936 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.8CVSS5.5AI score0.05542EPSS
Exploits0References2
Rows per page
Query Builder