Search Results (103 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-4700 1 Citrix 1 Xendesktop 2025-04-12 N/A
Citrix XenDesktop 7.x, 5.x, and 4.x, when pooled random desktop groups is enabled and ShutdownDesktopsAfterUse is disabled, allows local guest users to gain access to another user's desktop via unspecified vectors.
CVE-2014-4948 1 Citrix 1 Xenserver 2025-04-12 N/A
Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and earlier allows attackers to cause a denial of service and obtain sensitive information by modifying the guest virtual hard disk (VHD).
CVE-2015-4106 6 Canonical, Citrix, Debian and 3 more 8 Ubuntu Linux, Xenserver, Debian Linux and 5 more 2025-04-12 N/A
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.
CVE-2016-6493 1 Citrix 2 Xenapp, Xendesktop 2025-04-12 N/A
Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigation via vectors related to memory permission.
CVE-2016-4810 1 Citrix 2 Xenapp, Xendesktop 2025-04-12 N/A
Citrix Studio before 7.6.1000, Citrix XenDesktop 7.x before 7.6 LTSR Cumulative Update 1 (CU1), and Citrix XenApp 7.5 and 7.6 allow attackers to set Access Policy rules on the XenDesktop Delivery Controller via unspecified vectors.
CVE-2012-3516 2 Citrix, Xen 2 Xenserver, Xen 2025-04-11 N/A
The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hypervisor memory location.
CVE-2011-1898 2 Citrix, Redhat 3 Xen, Enterprise Linux, Rhel Eus 2025-04-11 N/A
Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt injection registers."
CVE-2012-3494 2 Citrix, Xen 2 Xenserver, Xen 2025-04-11 N/A
The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service (host crash) by writing to the reserved bits of the DR7 debug control register.
CVE-2011-1583 2 Citrix, Redhat 2 Xen, Enterprise Linux 2025-04-11 N/A
Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields.
CVE-2012-3495 2 Citrix, Xen 2 Xenserver, Xen 2025-04-11 N/A
The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (invalid memory write and host crash) and possibly gain privileges via unspecified vectors.
CVE-2012-3498 2 Citrix, Xen 2 Xenserver, Xen 2025-04-11 N/A
PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map->index.
CVE-2012-0217 9 Citrix, Freebsd, Illumos and 6 more 13 Xenserver, Freebsd, Illumos and 10 more 2025-04-11 N/A
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
CVE-2011-3262 2 Citrix, Redhat 2 Xen, Enterprise Linux 2025-04-11 N/A
tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in the decompression loop."
CVE-2012-3496 2 Citrix, Xen 2 Xenserver, Xen 2025-04-11 N/A
XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_demand.
CVE-2013-6077 1 Citrix 1 Xendesktop 2025-04-11 N/A
Citrix XenDesktop 7.0, when upgraded from XenDesktop 5.x, does not properly enforce policy rule permissions, which allows remote attackers to bypass intended restrictions.
CVE-2014-1663 1 Citrix 2 Xenmobile Device Manager, Xenmobile Device Manager Mdm 2025-04-11 N/A
Unspecified vulnerability in Citrix XenMobile Device Manager server (formerly Zenprise Device Manager server) 8.5, 8.6, and MDM 8.0.1 allows remote attackers to obtain sensitive information via unknown vectors.
CVE-2010-4255 2 Citrix, Redhat 2 Xen, Enterprise Linux 2025-04-11 N/A
The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access.
CVE-2010-4247 3 Citrix, Linux, Redhat 3 Xen, Linux Kernel, Enterprise Linux 2025-04-11 N/A
The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information.
CVE-2010-2619 1 Citrix 1 Xenserver 2025-04-11 N/A
Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger "incorrectly set flags."
CVE-2012-5512 1 Citrix 1 Xenserver 2025-04-11 N/A
Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors.