xen

496 tracked vulnerabilities.

CVE-2021-28699 MEDIUM
inadequate grant-v2 status frames array bounds check - Info Disclosure
Aug 27, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-28698 MEDIUM
Xen >= 3.2.0 - Denial of Service via Grant Table Handling Infinite Loop
Aug 27, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-28697 HIGH
Xen 4.0.0-4.14.x - Race Condition in Grant Table v2 Status Page De-allocation
Aug 27, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-28696 MEDIUM
Xen - Incorrect Authorization in IOMMU Page Mapping
Aug 27, 2021
CVSS 6.8
EPSS 0.00
CVE-2021-28695 MEDIUM
IOMMU page mapping issues on x86 - Info Disclosure
Aug 27, 2021
CVSS 6.8
EPSS 0.00
CVE-2021-28694 MEDIUM
IOMMU page mapping issues on x86 - Info Disclosure
Aug 27, 2021
CVSS 6.8
EPSS 0.00
CVE-2021-28693 MEDIUM
Xen 4.12.0-4.14.99 - Unprotected User Data Exposure via Boot Module Scrubbing Failure
Jun 30, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-28692 HIGH
Xen >=3.2.0 - Improper Privilege Management in IOMMU Timeout Handling
Jun 30, 2021
CVSS 7.1
EPSS 0.00
CVE-2021-28690 MEDIUM
Xen 4.12-4.14 - TSX Async Abort Protections Not Restored After S3
Jun 29, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-28689 MEDIUM
Xen < 4.12.0 - Information Disclosure via Speculative Execution in 32-bit PV Guests
Jun 11, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-28687 MEDIUM
Xen 4.12-4.14.99 - Denial of Service via Uninitialized libxl__domain_suspend_state
Jun 11, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-26314 MEDIUM
Xen - Observable Timing Discrepancy via Floating Point Value Injection
Jun 09, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-26313 MEDIUM
Xen - Observable Timing Discrepancy via Speculative Code Store Bypass
Jun 09, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-28039 MEDIUM
Linux Kernel 5.9.0-5.11.3 - Denial of Service via Guest Physical Address Misuse
Mar 05, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-27379 HIGH
Xen 3.2.0-4.11.x - Unintended DMA Access via IOMMU Update Mismanagement
Feb 18, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-26933 MEDIUM
Xen 4.9-4.14.x - Information Exposure via Cache Bypass Timing
Feb 17, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-3308 MEDIUM
Xen 4.12.3-4.12.4 4.13.1-4.14.x - Denial of Service via PCI Passthrough IDT Vector Exhaustion
Jan 26, 2021
CVSS 5.5
EPSS 0.00
CVE-2020-29487 HIGH
Xen XAPI <2020-12-15 - Info Disclosure
Dec 15, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-29486 MEDIUM
Xen < 4.14.0 - Denial of Service via Xenstore Node Ownership Quota Manipulation
Dec 15, 2020
CVSS 6.0
EPSS 0.00
CVE-2020-29485 MEDIUM
Xen 4.6-4.14.x - Denial of Service via XS_RESET_WATCHES Memory Leak
Dec 15, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-29484 MEDIUM
Xen < 4.14.0 - Denial of Service via Xenstore Watch Payload Length Overflow
Dec 15, 2020
CVSS 6.0
EPSS 0.00
CVE-2020-29483 MEDIUM
Xen < 4.14.0 - Use-After-Free in Xenstored via Guest Protocol Violation
Dec 15, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-29482 MEDIUM
Xen < 4.14.0 - Denial of Service via Xenstore Path Length Limit Bypass
Dec 15, 2020
CVSS 6.0
EPSS 0.00
CVE-2020-29481 HIGH
Xen < 4.14.0 - Improper Privilege Management via Xenstore Node Access Rights
Dec 15, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-29480 LOW
Xen < 4.14.0 - Missing Authorization in Xenstore Watch Events
Dec 15, 2020
CVSS 2.3
EPSS 0.00
Products
xen 490 Xen 6 xapi 3 qemu 1 xen-unstable 1 xen_flask_module 1
Quick Filters
Critical CVEs With Exploits In CISA KEV