Citrix: >> Xenserver >> 6.1.0 Security Vulnerabilities
The Windows Guest Tools in Citrix XenServer 6.2 SP1 and earlier allows remote attackers to cause a denial of service (guest OS crash) via a crafted Ethernet frame.
CVSS Score
6.5
EPSS Score
0.046
Published
2019-07-11
Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging credentials for an Active Directory account.
CVSS Score
9.8
EPSS Score
0.01
Published
2016-06-13
Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.
CVSS Score
5.5
EPSS Score
0.001
Published
2016-05-11
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
CVSS Score
8.8
EPSS Score
0.002
Published
2016-05-11
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.
CVSS Score
4.6
EPSS Score
0.001
Published
2015-06-03