Page 4 of 18 results (0.006 seconds)

CVSS: 1.9EPSS: 0%CPEs: 2EXPL: 0

Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger "incorrectly set flags." Citrix XenServer v5.0 Update 2 y anteriores, y v5.5 Update 1 y anteriores, cuando se utiliza un kernel pvops, permite causar una denegación de servicio a los usuarios invitados en el host a través de vectores no especificados que se generan "banderas con valores incorrectos". • http://secunia.com/advisories/40282 http://support.citrix.com/article/CTX125319 http://www.securitytracker.com/id?1024157 http://www.vupen.com/english/advisories/2010/1613 •

CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0

Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, allows local users to bypass authentication and execute unspecified Xen API (XAPI) calls via unknown vectors. Vulnerabilidad sin especificar en Citrix XenServer v5.0 Update 3 y anteriores, y v5.5, permite a usuarios locales evitar la autenticación y ejecutar llamadas API (XAPI) sin especificar a través de vectores desconocidos. • http://secunia.com/advisories/38431 http://support.citrix.com/article/CTX123193 http://support.citrix.com/article/CTX123456 http://support.citrix.com/article/CTX123460 http://www.securityfocus.com/bid/38052 http://www.securitytracker.com/id?1023530 http://www.vupen.com/english/advisories/2010/0290 •

CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0

Cross-site scripting (XSS) vulnerability in the XenAPI HTTP interfaces in Citrix XenServer Express, Standard, and Enterprise Edition 4.1.0; Citrix XenServer Dell Edition (Express and Enterprise) 4.1.0; and HP integrated Citrix XenServer (Select and Enterprise) 4.1.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de comandos en sitios cruzados en las interfaces XenAPI HTTP en Citrix XenServer Express, Standard, y Enterprise Edition 4.1.0; Citrix XenServer Dell Edition (Express y Enterprise) 4.1.0; y HP integrated Citrix XenServer (Select y Enterprise) 4.1.0, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://secunia.com/advisories/31133 http://support.citrix.com/article/CTX117814 http://www.securityfocus.com/bid/30265 http://www.securitytracker.com/id?1020515 http://www.vupen.com/english/advisories/2008/2117/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43857 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •