|
256631
|
7.8 |
HIGH
Local
|
radare
|
radare2
|
The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecifie…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-10929
|
2024-11-21 12:06 |
2017-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256632
|
8.8 |
HIGH
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-10928
|
2024-11-21 12:06 |
2017-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256633
|
6.5 |
MEDIUM
Network
|
xen
|
xen
|
Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-225.
|
CWE-20
Improper Input Validation
|
CVE-2017-10923
|
2024-11-21 12:06 |
2017-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256634
|
7.5 |
HIGH
Network
|
xen
|
xen
|
The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-10922
|
2024-11-21 12:06 |
2017-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256635
|
10.0 |
CRITICAL
Network
|
xen
|
xen
|
The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (coun…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-10921
|
2024-11-21 12:06 |
2017-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256636
|
10.0 |
CRITICAL
Network
|
xen
|
xen
|
The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a deni…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-10920
|
2024-11-21 12:06 |
2017-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256637
|
6.5 |
MEDIUM
Network
|
xen
|
xen
|
Xen through 4.8.x mishandles virtual interrupt injection, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-223.
|
NVD-CWE-noinfo
|
CVE-2017-10919
|
2024-11-21 12:06 |
2017-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256638
|
10.0 |
CRITICAL
Network
|
xen
|
xen
|
Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222.
|
CWE-20
Improper Input Validation
|
CVE-2017-10918
|
2024-11-21 12:06 |
2017-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256639
|
9.1 |
CRITICAL
Network
|
xen
|
xen
|
Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly o…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-10917
|
2024-11-21 12:06 |
2017-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256640
|
7.5 |
HIGH
Network
|
xen
|
xen
|
The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS user…
|
CWE-200
Information Exposure
|
CVE-2017-10916
|
2024-11-21 12:06 |
2017-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
