xen

496 tracked vulnerabilities.

CVE-2017-15591 MEDIUM
Xen 4.5.x-4.9.x - Denial of Service via DMOP Map/Unmap Implementation
Oct 18, 2017
CVSS 6.5
EPSS 0.00
CVE-2017-15590 HIGH
Xen through 4.9.x - Denial of Service or Privilege Escalation via MSI Mapping Mishandling
Oct 18, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-15589 MEDIUM
Xen through 4.9.x - Unauthenticated Exposure of Sensitive Information via Intercepted I/O Operations
Oct 18, 2017
CVSS 6.5
EPSS 0.00
CVE-2017-15588 HIGH
Xen through 4.9.x - Race Condition Leading to Arbitrary Code Execution via Stale TLB Entry
Oct 18, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-14431 MEDIUM
Xen 3.3-4.8.x - Denial of Service via Memory Leak in Guest Reboot Handling
Sep 13, 2017
CVSS 5.5
EPSS 0.00
CVE-2017-14319 HIGH
Xen < 4.9.0 - Grant Unmapping Page Table Desynchronization
Sep 12, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-14318 MEDIUM
Xen 4.5.x-4.9.x - Privilege Escalation
Sep 12, 2017
CVSS 6.5
EPSS 0.00
CVE-2017-14317 MEDIUM
Xen < 4.9.0 - Denial of Service via cxenstored Double-Free Race Condition
Sep 12, 2017
CVSS 5.6
EPSS 0.00
CVE-2017-14316 HIGH
Xen < 4.9.0 - Out-of-bounds Read via MEMF_get_node Parameter
Sep 12, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-12137 HIGH
Xen - Privilege Escalation via map_grant_ref in arch/x86/mm.c
Aug 24, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-12136 HIGH
Xen 4.6.x-4.9.x - DoS/Privilege Escalation
Aug 24, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-12135 HIGH
Xen - Denial of Service via Transitive Grants
Aug 24, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-12134 HIGH
Xen - Incorrect Block IO Merge Calculation Leading to Privilege Escalation
Aug 24, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-12855 MEDIUM
Xen 4.5-4.9 - Exposure of Sensitive Information via Grant Table Status Bits
Aug 15, 2017
CVSS 6.5
EPSS 0.00
CVE-2017-10923 MEDIUM
Xen through 4.8.x - Denial of Service via Invalid vCPU Array Index in SGI Handling
Jul 05, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-10922 HIGH
Xen < 4.8.1 - Denial of Service via Grant-Table MMIO Region Grant References
Jul 05, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-10921 CRITICAL
Xen < 4.8.1 - Memory Corruption via Grant-Table Mapping
Jul 05, 2017
CVSS 10.0
EPSS 0.01
CVE-2017-10920 CRITICAL
Xen < 4.8.1 - Memory Corruption and Privilege Escalation via Grant-Table Mapping
Jul 05, 2017
CVSS 10.0
EPSS 0.01
CVE-2017-10919 MEDIUM
Xen < 4.8.1 - Denial of Service via Virtual Interrupt Injection
Jul 05, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-10918 CRITICAL
Xen < 4.8.1 - Privilege Escalation via P2M Memory Allocation
Jul 05, 2017
CVSS 10.0
EPSS 0.02
CVE-2017-10917 CRITICAL
Xen < 4.8.1 - Denial of Service via Unvalidated Event Channel Port Numbers
Jul 05, 2017
CVSS 9.1
EPSS 0.01
CVE-2017-10916 HIGH
Xen through 4.8.x - Information Exposure via vCPU Context-Switch and MPX/PKU Interaction
Jul 05, 2017
CVSS 7.5
EPSS 0.00
CVE-2017-10915 CRITICAL
Xen < 4.8.1 - Race Condition in Shadow-Paging Feature
Jul 05, 2017
CVSS 9.0
EPSS 0.00
CVE-2017-10914 HIGH
Xen < 4.8.1 - Race Condition in Grant-Table Feature
Jul 05, 2017
CVSS 8.1
EPSS 0.01
CVE-2017-10913 CRITICAL
Xen < 4.8.1 - Information Disclosure and Privilege Escalation via Grant-Table Concurrent Unmap
Jul 05, 2017
CVSS 9.8
EPSS 0.01
Products
xen 490 Xen 6 xapi 3 qemu 1 xen-unstable 1 xen_flask_module 1
Quick Filters
Critical CVEs With Exploits In CISA KEV