Lucene search

K

12 matches found

CVE
CVE
added 2016/05/11 9:59 p.m.133 views

CVE-2016-3710

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.

8.8CVSS8.7AI score0.00086EPSS
CVE
CVE
added 2012/06/12 10:55 p.m.122 views

CVE-2012-0217

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft...

7.2CVSS6.3AI score0.88861EPSS
CVE
CVE
added 2016/05/11 9:59 p.m.98 views

CVE-2016-3712

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.

5.5CVSS6.4AI score0.00138EPSS
CVE
CVE
added 2016/01/22 3:59 p.m.89 views

CVE-2016-1571

The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a ...

6.3CVSS6.1AI score0.00297EPSS
CVE
CVE
added 2012/11/23 8:55 p.m.59 views

CVE-2012-3494

The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service (host crash) by writing to the reserved bits of the DR7 debug control register.

2.1CVSS6.1AI score0.00112EPSS
CVE
CVE
added 2012/11/23 8:55 p.m.57 views

CVE-2012-3498

PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map->index.

5.6CVSS5.9AI score0.00068EPSS
CVE
CVE
added 2016/06/13 2:59 p.m.56 views

CVE-2016-5302

Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging credentials for an Active Directory account.

9.8CVSS9.4AI score0.01036EPSS
CVE
CVE
added 2012/11/23 8:55 p.m.55 views

CVE-2012-3496

XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_demand.

4.7CVSS6AI score0.00093EPSS
CVE
CVE
added 2012/11/23 8:55 p.m.48 views

CVE-2012-3495

The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (in...

6.1CVSS6.3AI score0.00081EPSS
CVE
CVE
added 2010/07/02 8:30 p.m.43 views

CVE-2010-2619

Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger "incorrectly set flags."

1.9CVSS6.5AI score0.00094EPSS
CVE
CVE
added 2012/11/23 8:55 p.m.41 views

CVE-2012-3516

The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hyperv...

6.9CVSS6.8AI score0.00081EPSS
CVE
CVE
added 2010/02/12 10:30 p.m.40 views

CVE-2010-0633

Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, allows local users to bypass authentication and execute unspecified Xen API (XAPI) calls via unknown vectors.

4.6CVSS6.9AI score0.00066EPSS