xen
511 tracked vulnerabilities.
CVE-2017-12136
HIGH
Xen 4.6.x-4.9.x - DoS/Privilege Escalation
Aug 24, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-12135
HIGH
Xen - Denial of Service via Transitive Grants
Aug 24, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-12134
HIGH
Xen - Incorrect Block IO Merge Calculation Leading to Privilege Escalation
Aug 24, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-12855
MEDIUM
Xen 4.5-4.9 - Exposure of Sensitive Information via Grant Table Status Bits
Aug 15, 2017
CVSS 6.5
EPSS 0.00
CVE-2017-10923
MEDIUM
Xen through 4.8.x - Denial of Service via Invalid vCPU Array Index in SGI Handling
Jul 05, 2017
CVSS 6.5
EPSS 0.02
CVE-2017-10922
HIGH
Xen < 4.8.1 - Denial of Service via Grant-Table MMIO Region Grant References
Jul 05, 2017
CVSS 7.5
EPSS 0.02
CVE-2017-10921
CRITICAL
Xen < 4.8.1 - Memory Corruption via Grant-Table Mapping
Jul 05, 2017
CVSS 10.0
EPSS 0.03
CVE-2017-10920
CRITICAL
Xen < 4.8.1 - Memory Corruption and Privilege Escalation via Grant-Table Mapping
Jul 05, 2017
CVSS 10.0
EPSS 0.03
CVE-2017-10919
MEDIUM
Xen < 4.8.1 - Denial of Service via Virtual Interrupt Injection
Jul 05, 2017
CVSS 6.5
EPSS 0.02
CVE-2017-10918
CRITICAL
Xen < 4.8.1 - Privilege Escalation via P2M Memory Allocation
Jul 05, 2017
CVSS 10.0
EPSS 0.04
CVE-2017-10917
CRITICAL
Xen < 4.8.1 - Denial of Service via Unvalidated Event Channel Port Numbers
Jul 05, 2017
CVSS 9.1
EPSS 0.03
CVE-2017-10916
HIGH
Xen through 4.8.x - Information Exposure via vCPU Context-Switch and MPX/PKU Interaction
Jul 05, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-10915
CRITICAL
Xen < 4.8.1 - Race Condition in Shadow-Paging Feature
Jul 05, 2017
CVSS 9.0
EPSS 0.02
CVE-2017-10914
HIGH
Xen < 4.8.1 - Race Condition in Grant-Table Feature
Jul 05, 2017
CVSS 8.1
EPSS 0.02
CVE-2017-10913
CRITICAL
Xen < 4.8.1 - Information Disclosure and Privilege Escalation via Grant-Table Concurrent Unmap
Jul 05, 2017
CVSS 9.8
EPSS 0.03
CVE-2017-10912
CRITICAL
Xen < 4.8.1 - Privilege Escalation via Page Transfer Mishandling
Jul 05, 2017
CVSS 10.0
EPSS 0.03
CVE-2017-8905
HIGH
Xen through 4.6.x - Arbitrary Code Execution via Failsafe Callback Mishandling
May 11, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-8904
HIGH
Xen through 4.8.x - Arbitrary Code Execution via GNTTABOP_transfer Mishandling
May 11, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-8903
HIGH
Xen through 4.8.x - Arbitrary Code Execution via IRET Hypercall
May 11, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-7995
LOW
Xen < 4.2.5 - Information Disclosure via MMIO Range Access Permission Check
May 03, 2017
CVSS 3.8
EPSS 0.00
CVE-2017-7228
HIGH
Xen 4.4.x-4.8.x - Improper Validation of Array Index in XENMEM_exchange
Apr 04, 2017
CVSS 8.2
EPSS 0.02
CVE-2016-9818
MEDIUM
Xen through 4.7.x - Denial of Service via Asynchronous Abort Handling
Feb 27, 2017
CVSS 6.5
EPSS 0.00
CVE-2016-9817
MEDIUM
Xen through 4.7.x - Denial of Service via ARM Guest Abort Handling
Feb 27, 2017
CVSS 6.5
EPSS 0.00
CVE-2016-9816
MEDIUM
Xen through 4.7.x - Denial of Service via Asynchronous Abort at EL2
Feb 27, 2017
CVSS 6.5
EPSS 0.00
CVE-2016-9815
MEDIUM
Xen through 4.7.x - Denial of Service via Asynchronous Abort
Feb 27, 2017
CVSS 6.5
EPSS 0.00