Vulnerabilities > XEN > XEN > 3.4.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-15 | CVE-2020-29479 | Missing Authorization vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 8.8 |
| 2020-12-15 | CVE-2020-29569 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. | 8.8 |
| 2020-12-15 | CVE-2020-29568 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 4.9 |
| 2020-11-24 | CVE-2020-29040 | Off-by-one Error vulnerability in XEN An issue was discovered in Xen through 4.14.x allowing x86 HVM guest OS users to cause a denial of service (stack corruption), cause a data leak, or possibly gain privileges because of an off-by-one error. | 4.6 |
| 2020-11-10 | CVE-2020-28368 | Missing Authorization vulnerability in multiple products Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. | 4.4 |
| 2020-10-22 | CVE-2020-27673 | An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. | 5.5 |
| 2020-09-23 | CVE-2020-25604 | Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 4.7 |
| 2020-09-23 | CVE-2020-25603 | Always-Incorrect Control Flow Implementation vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 7.8 |
| 2020-09-23 | CVE-2020-25601 | An issue was discovered in Xen through 4.14.x. | 5.5 |
| 2020-09-23 | CVE-2020-25596 | Injection vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 5.5 |