Xenserver Security Vulnerabilities and Issues — Xenserver CVE List

Lucene search

CitrixXenserver

9 matches found

CVE•added 2018/05/08 6:29 p.m.•440 views

CVE-2018-8897

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated...

7.8CVSS6.8AI score0.21337EPSS

CVE•added 2018/06/21 8:29 p.m.•321 views

CVE-2018-3665

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

5.6CVSS6AI score0.01319EPSS

CVE•added 2018/12/08 4:29 a.m.•178 views

CVE-2018-19965

An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitiga...

5.6CVSS6AI score0.92531EPSS

CVE•added 2018/12/08 4:29 a.m.•169 views

CVE-2018-19962

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.

7.8CVSS6.8AI score0.00105EPSS

CVE•added 2018/12/08 4:29 a.m.•168 views

CVE-2018-19961

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.

7.8CVSS6.8AI score0.00108EPSS

CVE•added 2018/07/27 7:29 p.m.•165 views

CVE-2017-2620

Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially...

9.9CVSS7.9AI score0.02502EPSS

CVE•added 2018/07/03 1:29 a.m.•135 views

CVE-2017-2615

Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or poten...

9.1CVSS7.7AI score0.01049EPSS

CVE•added 2018/07/27 9:29 p.m.•131 views

CVE-2016-9603

A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw ...

9.9CVSS8AI score0.01523EPSS

CVE•added 2018/08/15 6:29 p.m.•66 views

CVE-2018-14007

Citrix XenServer 7.1 and newer allows Directory Traversal.

10CVSS9.4AI score0.04529EPSS