xen

511 tracked vulnerabilities.

CVE-2021-28687 MEDIUM
Xen 4.12-4.14.99 - Denial of Service via Uninitialized libxl__domain_suspend_state
Jun 11, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-26314 MEDIUM
Xen - Observable Timing Discrepancy via Floating Point Value Injection
Jun 09, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-26313 MEDIUM
Xen - Observable Timing Discrepancy via Speculative Code Store Bypass
Jun 09, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-28039 MEDIUM
Linux Kernel 5.9.0-5.11.3 - Denial of Service via Guest Physical Address Misuse
Mar 05, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-27379 HIGH
Xen 3.2.0-4.11.x - Unintended DMA Access via IOMMU Update Mismanagement
Feb 18, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-26933 MEDIUM
Xen 4.9-4.14.x - Information Exposure via Cache Bypass Timing
Feb 17, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-3308 MEDIUM
Xen 4.12.3-4.12.4 4.13.1-4.14.x - Denial of Service via PCI Passthrough IDT Vector Exhaustion
Jan 26, 2021
CVSS 5.5
EPSS 0.00
CVE-2020-29487 HIGH
Xen XAPI <2020-12-15 - Info Disclosure
Dec 15, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-29486 MEDIUM
Xen < 4.14.0 - Denial of Service via Xenstore Node Ownership Quota Manipulation
Dec 15, 2020
CVSS 6.0
EPSS 0.00
CVE-2020-29485 MEDIUM
Xen 4.6-4.14.x - Denial of Service via XS_RESET_WATCHES Memory Leak
Dec 15, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-29484 MEDIUM
Xen < 4.14.0 - Denial of Service via Xenstore Watch Payload Length Overflow
Dec 15, 2020
CVSS 6.0
EPSS 0.00
CVE-2020-29483 MEDIUM
Xen < 4.14.0 - Use-After-Free in Xenstored via Guest Protocol Violation
Dec 15, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-29482 MEDIUM
Xen < 4.14.0 - Denial of Service via Xenstore Path Length Limit Bypass
Dec 15, 2020
CVSS 6.0
EPSS 0.00
CVE-2020-29481 HIGH
Xen < 4.14.0 - Improper Privilege Management via Xenstore Node Access Rights
Dec 15, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-29480 LOW
Xen < 4.14.0 - Missing Authorization in Xenstore Watch Events
Dec 15, 2020
CVSS 2.3
EPSS 0.00
CVE-2020-29479 HIGH
Xen < 4.14.0 - Unauthenticated Missing Authorization in Ocaml xenstored
Dec 15, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-29571 MEDIUM
Xen 4.4.0-4.14.x - Denial of Service via FIFO Event Channel NULL Pointer Dereference
Dec 15, 2020
CVSS 6.2
EPSS 0.00
CVE-2020-29570 MEDIUM
Xen 4.4.0-4.13.x - Denial of Service via Per-vCPU Control Block Mapping
Dec 15, 2020
CVSS 6.2
EPSS 0.00
CVE-2020-29569 HIGH
Linux kernel <5.10.1 - Use After Free
Dec 15, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-29568 MEDIUM
Xen < 4.14.1 - Denial of Service via Unbounded Watch Event Queue
Dec 15, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-29567 MEDIUM
Xen < 4.14.0 - Denial of Service via IRQ Vector De-allocation
Dec 15, 2020
CVSS 6.2
EPSS 0.00
CVE-2020-29566 MEDIUM
Xen < 4.14.0 - Denial of Service via Recursive De-Schedule/Re-Schedule
Dec 15, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-29040 HIGH
Xen < 4.14.0 - Off-by-one Error in x86 HVM Guest Handling
Nov 24, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-28368 MEDIUM
Xen < 4.14.0 - Unauthenticated Sensitive Information Disclosure via Power Monitoring Side-Channel
Nov 10, 2020
CVSS 4.4
EPSS 0.00
CVE-2020-27674 MEDIUM
Xen < 4.14.0 - Unauthenticated Out-of-bounds Write via TLB Invalidation Mishandling
Oct 22, 2020
CVSS 5.3
EPSS 0.00