|
224751
|
6.5 |
MEDIUM
Local
|
xen
debian
|
xen
debian_linux
|
An issue was discovered in Xen 4.8.x through 4.11.x allowing x86 PV guest OS users to cause a denial of service because mishandling of failed IOMMU operations causes a bug check during the cleanup of…
|
NVD-CWE-noinfo
|
CVE-2019-17345
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224752
|
6.5 |
MEDIUM
Local
|
xen
debian
|
xen
debian_linux
|
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service by leveraging a long-running operation that exists to support restartability of PTE updates.
|
CWE-662
Improper Synchronization
|
CVE-2019-17344
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224753
|
6.8 |
MEDIUM
Physics
|
xen
debian
|
xen
debian_linux
|
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains.
|
CWE-667
Improper Locking
|
CVE-2019-17343
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224754
|
7.0 |
HIGH
Local
|
xen
debian
|
xen
debian_linux
|
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a race condition that arose when XENMEM_exchange was introdu…
|
CWE-362
Race Condition
|
CVE-2019-17342
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224755
|
7.8 |
HIGH
Local
|
xen
debian
|
xen
debian_linux
|
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a page-writability race condition during addition of a passe…
|
CWE-362
Race Condition
|
CVE-2019-17341
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224756
|
8.8 |
HIGH
Local
|
xen
debian
|
xen
debian_linux
|
An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-table transfer requests are mishandled.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2019-17340
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224757
|
6.5 |
MEDIUM
Local
|
xen
linux
|
xen
linux_kernel
|
An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-17351
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224758
|
5.5 |
MEDIUM
Local
|
xen
debian
|
xen
debian_linux
|
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a compare-and-exchange operation.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2019-17350
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224759
|
7.2 |
HIGH
Network
|
sugarcrm
|
sugarcrm
|
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Configurator module by an Admin user.
|
CWE-22
Path Traversal
|
CVE-2019-17314
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224760
|
8.8 |
HIGH
Network
|
sugarcrm
|
sugarcrm
|
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Studio module by a Developer user.
|
CWE-22
Path Traversal
|
CVE-2019-17313
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
