Vulnerabilities > XEN > XEN > 4.6.0

DATE CVE VULNERABILITY TITLE RISK
2021-06-30 CVE-2021-28692 Improper Privilege Management vulnerability in XEN
inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPU(s) issuing such commands.
local
low complexity
xen CWE-269
5.6
5.6
2021-02-18 CVE-2021-27379 An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges.
local
xen debian
5.9
5.9
2020-12-15 CVE-2020-29486 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in Xen through 4.14.x.
local
low complexity
xen debian fedoraproject CWE-770
6.0
6.0
2020-12-15 CVE-2020-29485 Memory Leak vulnerability in multiple products
An issue was discovered in Xen 4.6 through 4.14.x.
local
low complexity
xen debian fedoraproject CWE-401
5.5
5.5
2020-12-15 CVE-2020-29484 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in Xen through 4.14.x.
local
low complexity
xen debian fedoraproject CWE-476
6.0
6.0
2020-12-15 CVE-2020-29483 Use After Free vulnerability in multiple products
An issue was discovered in Xen through 4.14.x.
local
low complexity
xen debian fedoraproject CWE-416
6.5
6.5
2020-12-15 CVE-2020-29482 Untrusted Search Path vulnerability in multiple products
An issue was discovered in Xen through 4.14.x.
local
low complexity
xen debian fedoraproject CWE-426
6.0
6.0
2020-12-15 CVE-2020-29481 Improper Privilege Management vulnerability in multiple products
An issue was discovered in Xen through 4.14.x.
local
low complexity
xen debian fedoraproject CWE-269
8.8
8.8
2020-12-15 CVE-2020-29480 Missing Authorization vulnerability in multiple products
An issue was discovered in Xen through 4.14.x.
local
low complexity
xen debian fedoraproject CWE-862
2.3
2.3
2020-12-15 CVE-2020-29479 Missing Authorization vulnerability in multiple products
An issue was discovered in Xen through 4.14.x.
local
low complexity
xen debian fedoraproject CWE-862
8.8
8.8