CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5661 – Potential Denial of Service affecting XenServer and Citrix Hypervisor
https://notcve.org/view.php?id=CVE-2024-5661
13 Jun 2024 — An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which may allow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive. Se ha identificado un problema tanto en XenServer 8 como en Citrix Hypervisor 8.2 CU1 LTSR que puede permitir que un administrador malintencionado de una máquina virtual invitada haga que el host se vuelva lento o no responda. • https://support.citrix.com/article/CTX677100/xenserver-and-citrix-hypervisor-security-update-for-cve20245661 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-19961 – Debian Security Advisory 4369-1
https://notcve.org/view.php?id=CVE-2018-19961
08 Dec 2018 — An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes. Se ha descubierto un problema en Xen hasta las versiones 4.11.x en plataformas AMD x86, que podría permitir que usuarios invitados del sistema operativo obtengan privilegios del host del sistema operativo. Esto se debe a que los vaciados TLB no siempre ocurren tras cambios en el mapeo de IOMMU. Multiple vulnerabil... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html • CWE-459: Incomplete Cleanup •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-19962 – Debian Security Advisory 4369-1
https://notcve.org/view.php?id=CVE-2018-19962
08 Dec 2018 — An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones. Se ha descubierto un problema en Xen hasta las versiones 4.11.x en plataformas AMD x86, que podría permitir que usuarios invitados del sistema operativo obtengan privilegios del host del sistema operativo. Esto se debe a que los mapeos de IOMMU pequeños se combinan de forma insegura con mapeos más grandes. Multipl... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.6EPSS: 0%CPEs: 6EXPL: 0CVE-2018-19965 – Debian Security Advisory 4369-1
https://notcve.org/view.php?id=CVE-2018-19965
08 Dec 2018 — An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation. Se ha descubierto un problema en Xen 4.11.x que permite que usuarios PV invitados del sistema operativo de 64 bits provoquen una denegación de servicio (cierre inesperado del sistema operativo del host) debi... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html •
CVSS: 5.5EPSS: 0%CPEs: 32EXPL: 0CVE-2016-3712 – qemu-kvm: Out-of-bounds read when creating weird vga screen surface
https://notcve.org/view.php?id=CVE-2016-3712
10 May 2016 — Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode. Desbordamiento de entero en el módulo VGA en QEMU permite a usuarios de SO invitado locales provocar una denegación de servicio (lectura fuera de límites y caída de proceso QEMU) editando registros VGA en modo VBE. An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU's VGA emulator set certain VGA r... • http://rhn.redhat.com/errata/RHSA-2016-2585.html • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 47EXPL: 0CVE-2016-3710 – qemu: incorrect banked access bounds checking in vga module
https://notcve.org/view.php?id=CVE-2016-3710
09 May 2016 — The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue. El módulo VGA en QEMU lleva a cabo incorrectamente comprobaciones de límites sobre acceso almacenado a la memoria de vídeo, lo que permite a administradores locales de SO invitado ejecutar código arbitrario sobre el anfitrión cambiando los modos de ac... • http://rhn.redhat.com/errata/RHSA-2016-0724.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 52%CPEs: 58EXPL: 0CVE-2015-7704 – ntp: disabling synchronization via crafted KoD packet
https://notcve.org/view.php?id=CVE-2015-7704
21 Oct 2015 — The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. El cliente ntpd en NTP 4.x en versiones anteriores a 4.2.8p4, y 4.3.x en versiones anteriores a 4.3.77 permite que atacantes remotos provoquen una denegación de servicio empleando una serie de mensajes "KOD" manipulados. It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use thi... • http://bugs.ntp.org/show_bug.cgi?id=2901 • CWE-20: Improper Input Validation •