Xenserver@6.0 Security Vulnerabilities and Issues — Xenserver@6.0 CVE List

Lucene search

CitrixXenserver6.0

8 matches found

CVE•added 2012/06/12 10:55 p.m.•122 views

CVE-2012-0217

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft...

7.2CVSS6.3AI score0.88861EPSS

CVE•added 2019/07/11 8:15 p.m.•105 views

CVE-2014-3798

The Windows Guest Tools in Citrix XenServer 6.2 SP1 and earlier allows remote attackers to cause a denial of service (guest OS crash) via a crafted Ethernet frame.

6.5CVSS6.3AI score0.04615EPSS

CVE•added 2020/01/23 10:15 p.m.•91 views

CVE-2012-4606

Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges.

7.8CVSS7.6AI score0.00044EPSS

CVE•added 2015/06/03 8:59 p.m.•85 views

CVE-2015-4106

QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.

4.6CVSS7.6AI score0.00085EPSS

CVE•added 2016/08/02 4:59 p.m.•75 views

CVE-2016-6258

The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.

8.8CVSS6.8AI score0.00112EPSS

CVE•added 2016/04/13 3:59 p.m.•65 views

CVE-2015-8555

Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors.

8.6CVSS7.4AI score0.00551EPSS

CVE•added 2016/08/02 4:59 p.m.•60 views

CVE-2016-6259

Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.

6.2CVSS6AI score0.00195EPSS

CVE•added 2012/11/23 8:55 p.m.•48 views

CVE-2012-3495

The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (in...

6.1CVSS6.3AI score0.00081EPSS