xen

496 tracked vulnerabilities.

CVE-2024-2193 MEDIUM
CPU <Speculative Execution - Info Disclosure
Mar 15, 2024
CVSS 5.7
EPSS 0.01
CVE-2023-46842 MEDIUM
Xen >= 3.2.0 - Denial of Service via Hypercall Continuation Type Confusion
May 16, 2024
CVSS 6.5
EPSS 0.02
CVE-2023-46841 MEDIUM
Recent x86 CPUs - Info Disclosure
Mar 20, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-46840 MEDIUM
Xen >= 4.17 - Always-Incorrect Control Flow Implementation
Mar 20, 2024
CVSS 4.1
EPSS 0.00
CVE-2023-46839 MEDIUM
Xen - Unauthenticated PCI Device Assignment Flaw via Phantom Function Context Setup Failure
Mar 20, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-46837 LOW
Xen < 4.16 - Memory Corruption via Cache Cleaning Helper Arithmetic Overflow
Jan 05, 2024
CVSS 3.3
EPSS 0.00
CVE-2023-46836 MEDIUM
Xen - Branch Type Confusion and Speculative Return Stack Overflow via IRQ Race Condition
Jan 05, 2024
CVSS 4.7
EPSS 0.00
CVE-2023-46835 MEDIUM
Quarantine Page Tables - Info Disclosure
Jan 05, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-34328 MEDIUM
Xen 4.5.0-4.13.x - Denial of Service via Debug State Handling
Jan 05, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-34327 MEDIUM
Xen >=4.5.0 - Denial of Service via Debug State Handling
Jan 05, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-34326 HIGH
Xen - Use-After-Free via Stale DMA Mappings
Jan 05, 2024
CVSS 7.8
EPSS 0.00
CVE-2023-34325 HIGH
Xen - Out-of-bounds Write in libfsimage
Jan 05, 2024
CVSS 7.8
EPSS 0.00
CVE-2023-34324 MEDIUM
Linux Kernel < 5.10 - Deadlock via Event Channel Closure
Jan 05, 2024
CVSS 4.9
EPSS 0.00
CVE-2023-34323 MEDIUM
Xen < 4.17.0 - Denial of Service via Quota Assertion Failure
Jan 05, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-34322 HIGH
xen 3.2.0-4.14.0 - Improper Check for Dropped Privileges in Shadow Paging Mode
Jan 05, 2024
CVSS 7.8
EPSS 0.00
CVE-2023-34321 LOW
Xen < 4.16 - Memory Corruption via Cache Helper Arithmetic Overflow
Jan 05, 2024
CVSS 3.3
EPSS 0.00
CVE-2023-34320 MEDIUM
ARM Cortex-A77 Firmware - Denial of Service via Improper Locking in PAR_EL1 Register Handling
Dec 08, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-4949 HIGH
GRUB < 0.97 - Memory Corruption via XFS File System Implementation
Nov 10, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-34319 HIGH
Xen >=3.2.0 and Linux Kernel 4.9.336-4.10 - Out-of-bounds Write in Netback Driver
Sep 22, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-20588 MEDIUM
Debian Linux < 10.0.10240.20345 - Divide By Zero
Aug 08, 2023
CVSS 5.5
EPSS 0.07
CVE-2023-20593 MEDIUM
Xen - Information Disclosure via Zen 2 CPU Microarchitectural Side Channel
Jul 24, 2023
CVSS 5.5
EPSS 0.08
CVE-2022-40982 MEDIUM
Intel(R) Processors - Info Disclosure
Aug 11, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-4949 HIGH
AdSanity < 1.8.2 - Authenticated Arbitrary File Upload via ajax_upload Function
Jun 07, 2023
CVSS 8.8
EPSS 0.09
CVE-2022-42336 LOW
Mishandling of guest SSBD selection on AMD - Info Disclosure
May 17, 2023
CVSS 3.3
EPSS 0.00
CVE-2022-42335 HIGH
Xen - Unauthenticated Arbitrary Pointer Dereference in Shadow Paging
Apr 25, 2023
CVSS 7.8
EPSS 0.00
Products
xen 490 Xen 6 xapi 3 qemu 1 xen-unstable 1 xen_flask_module 1
Quick Filters
Critical CVEs With Exploits In CISA KEV