Vulnerabilities > XEN > XEN > 4.12.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-30 | CVE-2021-28692 | Improper Privilege Management vulnerability in XEN inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPU(s) issuing such commands. | 5.6 |
| 2021-06-30 | CVE-2021-28693 | Unspecified vulnerability in XEN xen/arm: Boot modules are not scrubbed The bootloader will load boot modules (e.g. | 2.1 |
| 2021-06-29 | CVE-2021-28690 | Unspecified vulnerability in XEN x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. | 4.0 |
| 2021-06-11 | CVE-2021-28687 | Missing Initialization of Resource vulnerability in XEN HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. | 4.9 |
| 2021-06-11 | CVE-2021-28689 | Improper Cross-boundary Removal of Sensitive Data vulnerability in XEN x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. | 5.5 |
| 2021-02-17 | CVE-2021-26933 | An issue was discovered in Xen 4.9 through 4.14.x. | 5.5 |
| 2020-12-15 | CVE-2020-29486 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.0 |
| 2020-12-15 | CVE-2020-29485 | Memory Leak vulnerability in multiple products An issue was discovered in Xen 4.6 through 4.14.x. | 5.5 |
| 2020-12-15 | CVE-2020-29484 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.0 |
| 2020-12-15 | CVE-2020-29483 | Use After Free vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.5 |