Vulnerabilities > XEN > XEN > 4.9.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-17 | CVE-2018-15469 | Resource Exhaustion vulnerability in multiple products An issue was discovered in Xen through 4.11.x. | 4.9 |
2018-08-17 | CVE-2018-15468 | Incorrect Authorization vulnerability in XEN An issue was discovered in Xen through 4.11.x. | 4.9 |
2018-07-28 | CVE-2018-14678 | Improper Initialization vulnerability in multiple products An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. | 7.8 |
2018-07-02 | CVE-2018-12892 | Information Exposure vulnerability in multiple products An issue was discovered in Xen 4.7 through 4.10.x. | 6.5 |
2018-07-02 | CVE-2018-12891 | An issue was discovered in Xen through 4.10.x. | 4.9 |
2018-05-10 | CVE-2018-10981 | Infinite Loop vulnerability in multiple products An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request. | 4.9 |
2018-04-27 | CVE-2018-10471 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754. | 4.9 |
2018-02-27 | CVE-2018-7542 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC. | 4.9 |
2018-02-27 | CVE-2018-7541 | An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1. | 6.1 |
2018-02-27 | CVE-2018-7540 | Resource Exhaustion vulnerability in multiple products An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing. | 4.9 |