Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:xen:xen:4.11.0:*:*:*:*:*:arm:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2016-9380 |
The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file. Published: January 23, 2017; 4:59:02 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 4.6 MEDIUM |
CVE-2016-9379 |
The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file. Published: January 23, 2017; 4:59:02 PM -0500 |
V4.0:(not available) V3.0: 7.9 HIGH V2.0: 4.6 MEDIUM |
CVE-2014-3672 |
The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr. Published: May 25, 2016; 11:59:00 AM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 2.1 LOW |
CVE-2007-5730 |
Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the individual net socket listen vulnerability. Published: October 30, 2007; 6:46:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |