Shodan
Vulnerabilities
Vulnerable Software
Citrix:  Security Vulnerabilities
CVE-2016-9381
Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-01-23
CVE-2016-9382
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode.
CVSS Score
7.8
EPSS Score
0.004
Published
2017-01-23
CVE-2016-9383
Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-01-23
CVE-2016-9385
The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks.
CVSS Score
6.0
EPSS Score
0.004
Published
2017-01-23
CVE-2016-9386
The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values.
CVSS Score
7.8
EPSS Score
0.004
Published
2017-01-23
CVE-2016-9679
Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code by overwriting a function pointer.
CVSS Score
9.8
EPSS Score
0.032
Published
2017-01-18
CVE-2016-9680
Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive information from kernel memory via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.019
Published
2017-01-18
CVE-2016-9676
Buffer overflow in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.041
Published
2017-01-18
CVE-2016-9677
Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive kernel address information via unspecified vectors.
CVSS Score
5.3
EPSS Score
0.015
Published
2017-01-18
CVE-2016-9678
Use-after-free vulnerability in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.031
Published
2017-01-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved