Vulnerabilities > XEN > XEN > 4.9.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-22 | CVE-2020-27670 | Insufficient Verification of Data Authenticity vulnerability in multiple products An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated. | 7.8 |
| 2020-09-23 | CVE-2020-25604 | Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 4.7 |
| 2020-09-23 | CVE-2020-25603 | Always-Incorrect Control Flow Implementation vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 7.8 |
| 2020-09-23 | CVE-2020-25601 | An issue was discovered in Xen through 4.14.x. | 5.5 |
| 2020-09-23 | CVE-2020-25600 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 5.5 |
| 2020-09-23 | CVE-2020-25599 | Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 7.0 |
| 2020-09-23 | CVE-2020-25597 | Improper Handling of Exceptional Conditions vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.5 |
| 2020-09-23 | CVE-2020-25596 | Injection vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 5.5 |
| 2020-09-23 | CVE-2020-25595 | Improper Privilege Management vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 7.8 |
| 2020-07-20 | CVE-2020-15852 | Incorrect Default Permissions vulnerability in multiple products An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. | 7.8 |