xen

511 tracked vulnerabilities.

CVE-2017-12136 HIGH
Xen 4.6.x-4.9.x - DoS/Privilege Escalation
Aug 24, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-12135 HIGH
Xen - Denial of Service via Transitive Grants
Aug 24, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-12134 HIGH
Xen - Incorrect Block IO Merge Calculation Leading to Privilege Escalation
Aug 24, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-12855 MEDIUM
Xen 4.5-4.9 - Exposure of Sensitive Information via Grant Table Status Bits
Aug 15, 2017
CVSS 6.5
EPSS 0.00
CVE-2017-10923 MEDIUM
Xen through 4.8.x - Denial of Service via Invalid vCPU Array Index in SGI Handling
Jul 05, 2017
CVSS 6.5
EPSS 0.02
CVE-2017-10922 HIGH
Xen < 4.8.1 - Denial of Service via Grant-Table MMIO Region Grant References
Jul 05, 2017
CVSS 7.5
EPSS 0.02
CVE-2017-10921 CRITICAL
Xen < 4.8.1 - Memory Corruption via Grant-Table Mapping
Jul 05, 2017
CVSS 10.0
EPSS 0.03
CVE-2017-10920 CRITICAL
Xen < 4.8.1 - Memory Corruption and Privilege Escalation via Grant-Table Mapping
Jul 05, 2017
CVSS 10.0
EPSS 0.03
CVE-2017-10919 MEDIUM
Xen < 4.8.1 - Denial of Service via Virtual Interrupt Injection
Jul 05, 2017
CVSS 6.5
EPSS 0.02
CVE-2017-10918 CRITICAL
Xen < 4.8.1 - Privilege Escalation via P2M Memory Allocation
Jul 05, 2017
CVSS 10.0
EPSS 0.04
CVE-2017-10917 CRITICAL
Xen < 4.8.1 - Denial of Service via Unvalidated Event Channel Port Numbers
Jul 05, 2017
CVSS 9.1
EPSS 0.03
CVE-2017-10916 HIGH
Xen through 4.8.x - Information Exposure via vCPU Context-Switch and MPX/PKU Interaction
Jul 05, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-10915 CRITICAL
Xen < 4.8.1 - Race Condition in Shadow-Paging Feature
Jul 05, 2017
CVSS 9.0
EPSS 0.02
CVE-2017-10914 HIGH
Xen < 4.8.1 - Race Condition in Grant-Table Feature
Jul 05, 2017
CVSS 8.1
EPSS 0.02
CVE-2017-10913 CRITICAL
Xen < 4.8.1 - Information Disclosure and Privilege Escalation via Grant-Table Concurrent Unmap
Jul 05, 2017
CVSS 9.8
EPSS 0.03
CVE-2017-10912 CRITICAL
Xen < 4.8.1 - Privilege Escalation via Page Transfer Mishandling
Jul 05, 2017
CVSS 10.0
EPSS 0.03
CVE-2017-8905 HIGH
Xen through 4.6.x - Arbitrary Code Execution via Failsafe Callback Mishandling
May 11, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-8904 HIGH
Xen through 4.8.x - Arbitrary Code Execution via GNTTABOP_transfer Mishandling
May 11, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-8903 HIGH
Xen through 4.8.x - Arbitrary Code Execution via IRET Hypercall
May 11, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-7995 LOW
Xen < 4.2.5 - Information Disclosure via MMIO Range Access Permission Check
May 03, 2017
CVSS 3.8
EPSS 0.00
CVE-2017-7228 HIGH
Xen 4.4.x-4.8.x - Improper Validation of Array Index in XENMEM_exchange
Apr 04, 2017
CVSS 8.2
EPSS 0.02
CVE-2016-9818 MEDIUM
Xen through 4.7.x - Denial of Service via Asynchronous Abort Handling
Feb 27, 2017
CVSS 6.5
EPSS 0.00
CVE-2016-9817 MEDIUM
Xen through 4.7.x - Denial of Service via ARM Guest Abort Handling
Feb 27, 2017
CVSS 6.5
EPSS 0.00
CVE-2016-9816 MEDIUM
Xen through 4.7.x - Denial of Service via Asynchronous Abort at EL2
Feb 27, 2017
CVSS 6.5
EPSS 0.00
CVE-2016-9815 MEDIUM
Xen through 4.7.x - Denial of Service via Asynchronous Abort
Feb 27, 2017
CVSS 6.5
EPSS 0.00