|
253231
|
6.5 |
MEDIUM
Network
|
3cx
|
3cx
|
In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInf…
|
CWE-22
Path Traversal
|
CVE-2017-15359
|
2024-11-21 12:14 |
2017-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253232
|
6.0 |
MEDIUM
Local
|
xen
|
xen
|
An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physma…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-15596
|
2024-11-21 12:14 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253233
|
8.8 |
HIGH
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-15595
|
2024-11-21 12:14 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253234
|
8.8 |
HIGH
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotpl…
|
NVD-CWE-noinfo
|
CVE-2017-15594
|
2024-11-21 12:14 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253235
|
6.5 |
MEDIUM
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-15593
|
2024-11-21 12:14 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253236
|
8.8 |
HIGH
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishan…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2017-15592
|
2024-11-21 12:14 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253237
|
6.5 |
MEDIUM
Local
|
xen
|
xen
|
An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of…
|
CWE-20
Improper Input Validation
|
CVE-2017-15591
|
2024-11-21 12:14 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253238
|
8.8 |
HIGH
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because MSI mapping was mishandled.
|
NVD-CWE-noinfo
|
CVE-2017-15590
|
2024-11-21 12:14 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253239
|
6.5 |
MEDIUM
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS (or an arbitrary guest OS) because intercepted I/O operations can cause a…
|
CWE-200
Information Exposure
|
CVE-2017-15589
|
2024-11-21 12:14 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253240
|
7.8 |
HIGH
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry.
|
CWE-362
Race Condition
|
CVE-2017-15588
|
2024-11-21 12:14 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
