Vulnerabilities > XEN

DATE CVE VULNERABILITY TITLE RISK
2018-08-17 CVE-2018-15470 Resource Exhaustion vulnerability in XEN
An issue was discovered in Xen through 4.11.x.
local
low complexity
xen CWE-400
6.5
6.5
2018-08-17 CVE-2018-15469 Resource Exhaustion vulnerability in multiple products
An issue was discovered in Xen through 4.11.x.
local
low complexity
xen debian CWE-400
6.5
6.5
2018-08-17 CVE-2018-15468 Incorrect Authorization vulnerability in XEN
An issue was discovered in Xen through 4.11.x.
local
low complexity
xen CWE-863
6.0
6.0
2018-07-28 CVE-2018-14678 Improper Initialization vulnerability in multiple products
An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x.
local
low complexity
linux xen debian canonical CWE-665
7.8
7.8
2018-07-27 CVE-2017-2620 Out-of-bounds Write vulnerability in multiple products
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue.
network
low complexity
qemu redhat citrix debian xen CWE-787
critical
 9.9
9.9
2018-07-03 CVE-2017-2615 Out-of-bounds Write vulnerability in multiple products
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue.
network
low complexity
qemu redhat citrix debian xen CWE-787
critical
 9.1
9.1
2018-07-02 CVE-2018-12893 An issue was discovered in Xen through 4.10.x.
local
low complexity
xen debian
6.5
6.5
2018-07-02 CVE-2018-12892 Information Exposure vulnerability in multiple products
An issue was discovered in Xen 4.7 through 4.10.x.
network
low complexity
debian xen CWE-200
critical
 9.9
9.9
2018-07-02 CVE-2018-12891 An issue was discovered in Xen through 4.10.x.
local
low complexity
debian xen
6.5
6.5
2018-05-10 CVE-2018-10982 An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET interrupt injection.
local
low complexity
xen debian
8.8
8.8