CVE-2026-42486
- EPSS -
- Veröffentlicht 09.07.2026 15:16:34
- Zuletzt bearbeitet 09.07.2026 16:33:55
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] XAPI can configure different users with different roles, using Role Based Access Control. For more details, see: http...
CVE-2026-23562
- EPSS -
- Veröffentlicht 09.07.2026 15:15:24
- Zuletzt bearbeitet 09.07.2026 16:33:55
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] XAPI can configure different users with different roles, using Role Based Access Control. For more details, see: http...
CVE-2026-23561
- EPSS -
- Veröffentlicht 09.07.2026 15:13:22
- Zuletzt bearbeitet 09.07.2026 16:33:55
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] XAPI can configure different users with different roles, using Role Based Access Control. For more details, see: http...
CVE-2026-23560
- EPSS -
- Veröffentlicht 09.07.2026 15:12:00
- Zuletzt bearbeitet 09.07.2026 16:33:55
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] XAPI can configure different users with different roles, using Role Based Access Control. For more details, see: http...
CVE-2026-23559
- EPSS -
- Veröffentlicht 09.07.2026 15:09:51
- Zuletzt bearbeitet 09.07.2026 16:33:55
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] XAPI can configure different users with different roles, using Role Based Access Control. For more details, see: h...
CVE-2025-58146
- EPSS -
- Veröffentlicht 09.07.2026 14:42:22
- Zuletzt bearbeitet 09.07.2026 16:33:55
There are multiple issues. 1. Updates to the XAPI database sanitise input strings, but try generating the notification using the unsanitised input. This causes the database's event thread to terminate and cease further processing. 2....
CVE-2024-31144
- EPSS 0.2%
- Veröffentlicht 14.02.2025 21:15:15
- Zuletzt bearbeitet 08.01.2026 14:44:12
For a brief summary of Xapi terminology, see: https://xapi-project.github.io/xen-api/overview.html#object-model-overview Xapi contains functionality to backup and restore metadata about Virtual Machines and Storage Repositories (SRs). The meta...
CVE-2022-33749
- EPSS 0.88%
- Veröffentlicht 11.10.2022 13:15:10
- Zuletzt bearbeitet 21.11.2024 07:08:27
XAPI open file limit DoS It is possible for an unauthenticated client on the network to cause XAPI to hit its file-descriptor limit. This causes XAPI to be unable to accept new requests for other (trusted) clients, and blocks XAPI from carrying out a...
CVE-2020-29487
- EPSS 1.43%
- Veröffentlicht 15.12.2020 18:15:15
- Zuletzt bearbeitet 21.11.2024 05:24:05
An issue was discovered in Xen XAPI before 2020-12-15. Certain xenstore keys provide feedback from the guest, and are therefore watched by toolstack. Specifically, keys are watched by xenopsd, and data are forwarded via RPC through message-switch to ...