xen

496 tracked vulnerabilities.

CVE-2020-29479 HIGH
Xen < 4.14.0 - Unauthenticated Missing Authorization in Ocaml xenstored
Dec 15, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-29571 MEDIUM
Xen 4.4.0-4.14.x - Denial of Service via FIFO Event Channel NULL Pointer Dereference
Dec 15, 2020
CVSS 6.2
EPSS 0.00
CVE-2020-29570 MEDIUM
Xen 4.4.0-4.13.x - Denial of Service via Per-vCPU Control Block Mapping
Dec 15, 2020
CVSS 6.2
EPSS 0.00
CVE-2020-29569 HIGH
Linux kernel <5.10.1 - Use After Free
Dec 15, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-29568 MEDIUM
Xen < 4.14.1 - Denial of Service via Unbounded Watch Event Queue
Dec 15, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-29567 MEDIUM
Xen < 4.14.0 - Denial of Service via IRQ Vector De-allocation
Dec 15, 2020
CVSS 6.2
EPSS 0.00
CVE-2020-29566 MEDIUM
Xen < 4.14.0 - Denial of Service via Recursive De-Schedule/Re-Schedule
Dec 15, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-29040 HIGH
Xen < 4.14.0 - Off-by-one Error in x86 HVM Guest Handling
Nov 24, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-28368 MEDIUM
Xen < 4.14.0 - Unauthenticated Sensitive Information Disclosure via Power Monitoring Side-Channel
Nov 10, 2020
CVSS 4.4
EPSS 0.00
CVE-2020-27674 MEDIUM
Xen < 4.14.0 - Unauthenticated Out-of-bounds Write via TLB Invalidation Mishandling
Oct 22, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-27673 MEDIUM
Xen < 4.14.0 - Denial of Service via High Event Rate to dom0
Oct 22, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-27672 HIGH
Xen 3.2.0-4.14.x - Use-After-Free via Superpage Race Condition
Oct 22, 2020
CVSS 7.0
EPSS 0.00
CVE-2020-27671 HIGH
Xen 4.2.0-4.14.x - Denial of Service and Privilege Escalation via IOMMU TLB Flush Mishandling
Oct 22, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-27670 HIGH
Xen <4.14.x - DoS/Privilege Escalation
Oct 22, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-25604 MEDIUM
Xen < 4.14.0 - Denial of Service via Timer Migration Race Condition
Sep 23, 2020
CVSS 4.7
EPSS 0.00
CVE-2020-25603 HIGH
Xen < 4.14.0 - Denial of Service via Missing Memory Barriers in Event Channel Access
Sep 23, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-25602 MEDIUM
Xen 4.11.0-4.13.x - Denial of Service via MSR_MISC_ENABLE MSR Access
Sep 23, 2020
CVSS 6.0
EPSS 0.00
CVE-2020-25601 MEDIUM
Xen < 4.14.0 - Denial of Service via Event Channel Reset
Sep 23, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-25600 MEDIUM
Xen 4.4.0-4.13.x - Out-of-bounds Write via Event Channel Allocation
Sep 23, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-25599 HIGH
Xen 4.5-4.14.x - Denial of Service and Privilege Escalation via evtchn_reset Race Condition
Sep 23, 2020
CVSS 7.0
EPSS 0.00
CVE-2020-25598 MEDIUM
Xen 4.12.0-4.13.9 - Denial of Service via RCU Reference Leak in XENMEM_acquire_resource
Sep 23, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-25597 MEDIUM
Xen 4.4.0-4.13.x - Denial of Service via Event Channel Reset
Sep 23, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-25596 MEDIUM
Xen 3.2.0-4.14.x - Denial of Service via SYSENTER Instruction Handling
Sep 23, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-25595 HIGH
Xen < 4.14.0 - Denial of Service via PCI Passthrough Register Handling
Sep 23, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-15852 HIGH
Linux Kernel 5.5-5.7.9 - Incorrect Default Permissions via TSS I/O Bitmap Mishandling
Jul 20, 2020
CVSS 7.8
EPSS 0.00
Products
xen 490 Xen 6 xapi 3 qemu 1 xen-unstable 1 xen_flask_module 1
Quick Filters
Critical CVEs With Exploits In CISA KEV