xen
511 tracked vulnerabilities.
CVE-2025-58144
HIGH
Xen 4.12.0-4.16.x - NULL Pointer Dereference in Page Mapping
Sep 11, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-58143
CRITICAL
Xen 4.13.0-4.16.x - Race Condition in Viridian Reference TSC Page Mapping
Sep 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-58142
CRITICAL
Xen 4.13.0-4.16.x - NULL Pointer Dereference in Viridian Guest Memory Handling
Sep 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-27466
CRITICAL
Xen 4.13.0-4.16.x - NULL Pointer Dereference in Viridian Guest Memory Handling
Sep 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-1713
HIGH
Xen >=4.0.0 - Deadlock via Legacy PCI Device Interrupt Remapping
Jul 17, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-27465
MEDIUM
Xen >= 4.9.0 - Denial of Service via Exception Handling in Replayed Instruction Emulation
Jul 16, 2025
CVSS 4.3
EPSS 0.01
CVE-2024-31144
LOW
Xapi 1.249.0-1.249.36 - Unauthenticated Metadata Backup Manipulation via VDI UUID Sorting
Feb 14, 2025
CVSS 3.8
EPSS 0.00
CVE-2024-2201
MEDIUM
Linux Kernel < unknown - Info Disclosure
Dec 19, 2024
CVSS 4.7
EPSS 0.09
CVE-2024-45819
MEDIUM
Xen >= 4.8.0 - Information Exposure via Uninitialized Memory in PVH Guest ACPI Table Construction
Dec 19, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-45818
MEDIUM
Xen 4.6.0-4.19.x - Denial of Service via VGA Memory Access Deadlock
Dec 19, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-45817
HIGH
Xen >= 4.5.0 - Denial of Service via APIC Error Interrupt Deadlock
Sep 25, 2024
CVSS 7.3
EPSS 0.01
CVE-2024-31146
HIGH
Xen - Uncontrolled Resource Consumption via Shared Device Resources
Sep 25, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-31145
HIGH
Xen >=4.0.0 - Uncontrolled Resource Consumption in PCI Device Memory Mapping
Sep 25, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-31143
HIGH
Xen >=4.4.0 - Use-After-Free in PCI MSI Multiple Message Error Handling
Jul 18, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-31142
HIGH
Xen < 4.15.6 - Protection Mechanism Failure in XSA-407 and XSA-434 Mitigation
May 16, 2024
CVSS 7.5
EPSS 0.17
CVE-2024-2193
MEDIUM
CPU <Speculative Execution - Info Disclosure
Mar 15, 2024
CVSS 5.7
EPSS 0.01
CVE-2023-46842
MEDIUM
Xen >= 3.2.0 - Denial of Service via Hypercall Continuation Type Confusion
May 16, 2024
CVSS 6.5
EPSS 0.09
CVE-2023-46841
MEDIUM
Recent x86 CPUs - Info Disclosure
Mar 20, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-46840
MEDIUM
Xen >= 4.17 - Always-Incorrect Control Flow Implementation
Mar 20, 2024
CVSS 4.1
EPSS 0.00
CVE-2023-46839
MEDIUM
Xen - Unauthenticated PCI Device Assignment Flaw via Phantom Function Context Setup Failure
Mar 20, 2024
CVSS 5.3
EPSS 0.01
CVE-2023-46837
LOW
Xen < 4.16 - Memory Corruption via Cache Cleaning Helper Arithmetic Overflow
Jan 05, 2024
CVSS 3.3
EPSS 0.00
CVE-2023-46836
MEDIUM
Xen - Branch Type Confusion and Speculative Return Stack Overflow via IRQ Race Condition
Jan 05, 2024
CVSS 4.7
EPSS 0.00
CVE-2023-46835
MEDIUM
Quarantine Page Tables - Info Disclosure
Jan 05, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-34328
MEDIUM
Xen 4.5.0-4.13.x - Denial of Service via Debug State Handling
Jan 05, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-34327
MEDIUM
Xen >=4.5.0 - Denial of Service via Debug State Handling
Jan 05, 2024
CVSS 5.5
EPSS 0.00