cbcvebase.

Xensource Inc Xen vulnerabilities

6 known vulnerabilities affecting xensource_inc/xen.

Total CVEs
6
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM5LOW1

Vulnerabilities

Page 1 of 1
CVE-2007-4993P4MEDIUMCVSS 6.9PoCv3.0.32007-09-27
CVE-2007-4993 [MEDIUM] CWE-20 CVE-2007-4993: pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements.
nvd
CVE-2007-3919P4MEDIUMCVSS 6.0v3.0.3_0_1v3.0.3_0_32007-10-28
CVE-2007-3919 [MEDIUM] CWE-59 CVE-2007-3919: (1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files (1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
nvd
CVE-2008-1619P4MEDIUMCVSS 4.3v5.12008-04-02
CVE-2008-1619 [MEDIUM] CVE-2008-1619: The ssm_i emulation in Xen 5.1 on IA64 architectures allows attackers to cause a denial of service ( The ssm_i emulation in Xen 5.1 on IA64 architectures allows attackers to cause a denial of service (dom0 panic) via certain traffic, as demonstrated using an FTP stress test tool.
nvd
CVE-2007-5907P4MEDIUMCVSS 4.7v3.1.12007-11-09
CVE-2007-5907 [MEDIUM] CWE-264 CVE-2007-5907: Xen 3.1.1 does not prevent modification of the CR4 TSC from applications, which allows pv guests to Xen 3.1.1 does not prevent modification of the CR4 TSC from applications, which allows pv guests to cause a denial of service (crash).
nvd
CVE-2007-5906P4MEDIUMCVSS 4.7v3.1.12007-11-09
CVE-2007-5906 [MEDIUM] CVE-2007-5906: Xen 3.1.1 allows virtual guest system users to cause a denial of service (hypervisor crash) by using Xen 3.1.1 allows virtual guest system users to cause a denial of service (hypervisor crash) by using a debug register (DR7) to set certain breakpoints.
nvd
CVE-2007-6207P4LOWCVSS 2.1≤ 3.1.12007-12-04
CVE-2007-6207 [LOW] CWE-20 CVE-2007-6207: Xen 3.x, possibly before 3.1.2, when running on IA64 systems, does not check the RID value for mov_t Xen 3.x, possibly before 3.1.2, when running on IA64 systems, does not check the RID value for mov_to_rr, which allows a VTi domain to read memory of other domains.
nvd
Xensource Inc Xen vulnerabilities | cvebase