Xenserver

xenserver

Vendor: Citrix • 50 CVEs

CVEs (50)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-5572 1Citrix 1Xenserver May 13, 2026 Jan 30, 2017 N/A· v4 6.5 MEDIUM· v3 5.5 MEDIUM· v2 An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can corrupt the host database.
CVE-2016-10025 2Citrix Xen 2Xen Xenserver May 13, 2026 Jan 26, 2017 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointe...Show more VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check.Show less
CVE-2016-10024 2Citrix Xen 2Xen Xenserver May 13, 2026 Jan 26, 2017 N/A· v4 6.0 MEDIUM· v3 4.9 MEDIUM· v2 Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations.
CVE-2016-9386 2Citrix Xen 2Xen Xenserver May 13, 2026 Jan 23, 2017 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values.
CVE-2016-9385 2Citrix Xen 2Xen Xenserver May 13, 2026 Jan 23, 2017 N/A· v4 6.0 MEDIUM· v3 4.9 MEDIUM· v2 The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks.
CVE-2016-9383 2Citrix Xen 2Xen Xenserver May 13, 2026 Jan 23, 2017 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the...Show more Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions.Show less
CVE-2016-9382 2Citrix Xen 2Xen Xenserver May 13, 2026 Jan 23, 2017 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system t...Show more Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode.Show less
CVE-2016-9381 2Citrix Qemu 2Qemu Xenserver May 13, 2026 Jan 23, 2017 N/A· v4 7.5 HIGH· v3 6.9 MEDIUM· v2 Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability.
CVE-2016-9380 2Citrix Xen 2Xen Xenserver May 13, 2026 Jan 23, 2017 N/A· v4 7.5 HIGH· v3 4.6 MEDIUM· v2 The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader confi...Show more The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file.Show less
CVE-2016-9379 2Citrix Xen 2Xen Xenserver May 13, 2026 Jan 23, 2017 N/A· v4 7.9 HIGH· v3 4.6 MEDIUM· v2 The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in...Show more The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file.Show less
CVE-2016-6259 2Citrix Xen 2Xen Xenserver May 6, 2026 Aug 2, 2016 N/A· v4 6.2 MEDIUM· v3 4.9 MEDIUM· v2 Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hyperviso...Show more Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.Show less
CVE-2016-6258 2Citrix Xen 2Xen Xenserver May 6, 2026 Aug 2, 2016 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.
CVE-2016-5302 1Citrix 1Xenserver May 6, 2026 Jun 13, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging credentials for an Act...Show more Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging credentials for an Active Directory account.Show less
CVE-2016-3712 6Canonical CitrixDebian+3 more 11Debian Linux Enterprise Linux DesktopEnterprise Linux Server+8 more May 6, 2026 May 11, 2016 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.
CVE-2016-3710 7Canonical CitrixDebian+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Server+12 more May 6, 2026 May 11, 2016 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the ban...Show more The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.Show less
CVE-2015-8555 2Citrix Xen 2Xen Xenserver May 6, 2026 Apr 13, 2016 N/A· v4 8.6 HIGH· v3 5.0 MEDIUM· v2 Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive i...Show more Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors.Show less
CVE-2016-1571 2Citrix Xen 2Xen Xenserver May 6, 2026 Jan 22, 2016 N/A· v4 6.3 MEDIUM· v3 4.7 MEDIUM· v2 The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash)...Show more The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check.Show less
CVE-2015-4106 6Canonical CitrixDebian+3 more 8Debian Linux FedoraLinux Enterprise Desktop+5 more May 6, 2026 Jun 3, 2015 N/A· v4 N/A· v3 4.6 MEDIUM· v2 QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensiti...Show more QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.Show less
CVE-2014-4948 1Citrix 1Xenserver May 6, 2026 Jul 22, 2014 N/A· v4 N/A· v3 6.4 MEDIUM· v2 Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and earlier allows attackers to cause a denial of service and obtain sensitive information by modifying the guest virtual hard disk (VHD).
CVE-2014-4947 1Citrix 1Xenserver May 6, 2026 Jul 22, 2014 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in the HVM graphics console support in Citrix XenServer 6.2 Service Pack 1 and earlier has unspecified impact and attack vectors.

Previous 123 Next