xen
511 tracked vulnerabilities.
CVE-2023-34326
HIGH
Xen - Use-After-Free via Stale DMA Mappings
Jan 05, 2024
CVSS 7.8
EPSS 0.00
CVE-2023-34325
HIGH
Xen - Out-of-bounds Write in libfsimage
Jan 05, 2024
CVSS 7.8
EPSS 0.00
CVE-2023-34324
MEDIUM
Linux Kernel < 5.10 - Deadlock via Event Channel Closure
Jan 05, 2024
CVSS 4.9
EPSS 0.01
CVE-2023-34323
MEDIUM
Xen < 4.17.0 - Denial of Service via Quota Assertion Failure
Jan 05, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-34322
HIGH
xen 3.2.0-4.14.0 - Improper Check for Dropped Privileges in Shadow Paging Mode
Jan 05, 2024
CVSS 7.8
EPSS 0.00
CVE-2023-34321
LOW
Xen < 4.16 - Memory Corruption via Cache Helper Arithmetic Overflow
Jan 05, 2024
CVSS 3.3
EPSS 0.00
CVE-2023-34320
MEDIUM
ARM Cortex-A77 Firmware - Denial of Service via Improper Locking in PAR_EL1 Register Handling
Dec 08, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-4949
HIGH
GRUB < 0.97 - Memory Corruption via XFS File System Implementation
Nov 10, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-34319
HIGH
Xen >=3.2.0 and Linux Kernel 4.9.336-4.10 - Out-of-bounds Write in Netback Driver
Sep 22, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-20588
MEDIUM
Debian Linux < 10.0.10240.20345 - Divide By Zero
Aug 08, 2023
CVSS 5.5
EPSS 0.12
CVE-2023-20593
MEDIUM
Xen - Information Disclosure via Zen 2 CPU Microarchitectural Side Channel
Jul 24, 2023
CVSS 5.5
EPSS 0.06
CVE-2022-40982
MEDIUM
Intel(R) Processors - Info Disclosure
Aug 11, 2023
CVSS 6.5
EPSS 0.04
CVE-2022-4949
HIGH
AdSanity < 1.8.2 - Authenticated Arbitrary File Upload via ajax_upload Function
Jun 07, 2023
CVSS 8.8
EPSS 0.02
CVE-2022-42336
LOW
Mishandling of guest SSBD selection on AMD - Info Disclosure
May 17, 2023
CVSS 3.3
EPSS 0.00
CVE-2022-42335
HIGH
Xen - Unauthenticated Arbitrary Pointer Dereference in Shadow Paging
Apr 25, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-42334
MEDIUM
xen 4.11.0-4.16.x - Unbounded Resource Allocation in HVM Pinned Cache Attributes
Mar 21, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-42333
HIGH
Xen 4.11.0-4.16.x - Denial of Service via HVM Pinned Cache Attributes
Mar 21, 2023
CVSS 8.6
EPSS 0.01
CVE-2022-42332
HIGH
Xen >= 3.2.0 - Use-After-Free in Shadow Mode Log-Dirty Tracking
Mar 21, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-42331
MEDIUM
Xen 4.5.0-4.16.x - Speculative Execution Vulnerability in 32-bit SYSCALL Path
Mar 21, 2023
CVSS 5.5
EPSS 0.00
CVE-2022-42330
HIGH
Xen - Denial of Service via XS_RELEASE Xenstore Operation
Jan 26, 2023
CVSS 7.5
EPSS 0.01
CVE-2022-23824
MEDIUM
Xen - Information Disclosure via IBPB Branch Prediction
Nov 09, 2022
CVSS 5.5
EPSS 0.01
CVE-2022-42327
HIGH
Xen - Unintended Memory Sharing Between Guests via xAPIC Page Access
Nov 01, 2022
CVSS 7.1
EPSS 0.00
CVE-2022-42326
MEDIUM
Xen >=4.9.0 - Use-After-Free in Xenstore Node Transaction Handling
Nov 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-42325
MEDIUM
Xen >= 4.9.0 - Use-After-Free in Xenstore Node Transaction Handling
Nov 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-42324
MEDIUM
Xen - Denial of Service via Oxenstored 32->31 Bit Integer Truncation
Nov 01, 2022
CVSS 5.5
EPSS 0.00