xen

511 tracked vulnerabilities.

CVE-2025-58144 HIGH
Xen 4.12.0-4.16.x - NULL Pointer Dereference in Page Mapping
Sep 11, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-58143 CRITICAL
Xen 4.13.0-4.16.x - Race Condition in Viridian Reference TSC Page Mapping
Sep 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-58142 CRITICAL
Xen 4.13.0-4.16.x - NULL Pointer Dereference in Viridian Guest Memory Handling
Sep 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-27466 CRITICAL
Xen 4.13.0-4.16.x - NULL Pointer Dereference in Viridian Guest Memory Handling
Sep 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-1713 HIGH
Xen >=4.0.0 - Deadlock via Legacy PCI Device Interrupt Remapping
Jul 17, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-27465 MEDIUM
Xen >= 4.9.0 - Denial of Service via Exception Handling in Replayed Instruction Emulation
Jul 16, 2025
CVSS 4.3
EPSS 0.01
CVE-2024-31144 LOW
Xapi 1.249.0-1.249.36 - Unauthenticated Metadata Backup Manipulation via VDI UUID Sorting
Feb 14, 2025
CVSS 3.8
EPSS 0.00
CVE-2024-2201 MEDIUM
Linux Kernel < unknown - Info Disclosure
Dec 19, 2024
CVSS 4.7
EPSS 0.09
CVE-2024-45819 MEDIUM
Xen >= 4.8.0 - Information Exposure via Uninitialized Memory in PVH Guest ACPI Table Construction
Dec 19, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-45818 MEDIUM
Xen 4.6.0-4.19.x - Denial of Service via VGA Memory Access Deadlock
Dec 19, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-45817 HIGH
Xen >= 4.5.0 - Denial of Service via APIC Error Interrupt Deadlock
Sep 25, 2024
CVSS 7.3
EPSS 0.01
CVE-2024-31146 HIGH
Xen - Uncontrolled Resource Consumption via Shared Device Resources
Sep 25, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-31145 HIGH
Xen >=4.0.0 - Uncontrolled Resource Consumption in PCI Device Memory Mapping
Sep 25, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-31143 HIGH
Xen >=4.4.0 - Use-After-Free in PCI MSI Multiple Message Error Handling
Jul 18, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-31142 HIGH
Xen < 4.15.6 - Protection Mechanism Failure in XSA-407 and XSA-434 Mitigation
May 16, 2024
CVSS 7.5
EPSS 0.17
CVE-2024-2193 MEDIUM
CPU <Speculative Execution - Info Disclosure
Mar 15, 2024
CVSS 5.7
EPSS 0.01
CVE-2023-46842 MEDIUM
Xen >= 3.2.0 - Denial of Service via Hypercall Continuation Type Confusion
May 16, 2024
CVSS 6.5
EPSS 0.09
CVE-2023-46841 MEDIUM
Recent x86 CPUs - Info Disclosure
Mar 20, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-46840 MEDIUM
Xen >= 4.17 - Always-Incorrect Control Flow Implementation
Mar 20, 2024
CVSS 4.1
EPSS 0.00
CVE-2023-46839 MEDIUM
Xen - Unauthenticated PCI Device Assignment Flaw via Phantom Function Context Setup Failure
Mar 20, 2024
CVSS 5.3
EPSS 0.01
CVE-2023-46837 LOW
Xen < 4.16 - Memory Corruption via Cache Cleaning Helper Arithmetic Overflow
Jan 05, 2024
CVSS 3.3
EPSS 0.00
CVE-2023-46836 MEDIUM
Xen - Branch Type Confusion and Speculative Return Stack Overflow via IRQ Race Condition
Jan 05, 2024
CVSS 4.7
EPSS 0.00
CVE-2023-46835 MEDIUM
Quarantine Page Tables - Info Disclosure
Jan 05, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-34328 MEDIUM
Xen 4.5.0-4.13.x - Denial of Service via Debug State Handling
Jan 05, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-34327 MEDIUM
Xen >=4.5.0 - Denial of Service via Debug State Handling
Jan 05, 2024
CVSS 5.5
EPSS 0.00