Max CVSS 7.2 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2016-9381 6.9
Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability.
23-10-2020 - 16:29 23-01-2017 - 21:59
CVE-2016-9637 3.7
The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access.
08-02-2018 - 02:29 17-02-2017 - 02:59
CVE-2016-9932 2.1
CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix.
04-11-2017 - 01:29 26-01-2017 - 15:59
CVE-2016-10024 4.9
Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations.
04-11-2017 - 01:29 26-01-2017 - 15:59
CVE-2016-9818 4.9
Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP.
28-07-2017 - 01:29 27-02-2017 - 22:59
CVE-2016-9816 4.9
Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at EL2.
28-07-2017 - 01:29 27-02-2017 - 22:59
CVE-2016-9378 2.1
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging an incorrect choice for software
28-07-2017 - 01:29 22-02-2017 - 16:59
CVE-2016-9815 4.9
Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host panic) by sending an asynchronous abort.
28-07-2017 - 01:29 27-02-2017 - 22:59
CVE-2016-9817 4.9
Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort with the ESR_EL2.EA bit set.
28-07-2017 - 01:29 27-02-2017 - 22:59
CVE-2016-9384 2.1
Xen 4.7 allows local guest OS users to obtain sensitive host information by loading a 32-bit ELF symbol table.
28-07-2017 - 01:29 22-02-2017 - 16:59
CVE-2016-9377 2.1
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging IDT entry miscalculation.
28-07-2017 - 01:29 22-02-2017 - 16:59
CVE-2016-9386 4.6
The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values.
01-07-2017 - 01:30 23-01-2017 - 21:59
CVE-2016-9385 4.9
The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks.
01-07-2017 - 01:30 23-01-2017 - 21:59
CVE-2016-9383 7.2
Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emu
01-07-2017 - 01:30 23-01-2017 - 21:59
CVE-2016-9379 4.6
The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration
01-07-2017 - 01:30 23-01-2017 - 21:59
CVE-2016-9380 4.6
The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file.
01-07-2017 - 01:30 23-01-2017 - 21:59
CVE-2016-9382 4.6
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switchi
01-07-2017 - 01:30 23-01-2017 - 21:59
Back to Top Mark selected
Back to Top