Vulnerabilities > XEN > XEN > 4.9.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-27 | CVE-2021-28697 | Race Condition vulnerability in multiple products grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. | 7.8 |
| 2021-08-27 | CVE-2021-28698 | Infinite Loop vulnerability in multiple products long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. | 5.5 |
| 2021-06-30 | CVE-2021-28692 | Improper Privilege Management vulnerability in XEN inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPU(s) issuing such commands. | 5.6 |
| 2021-02-17 | CVE-2021-26933 | An issue was discovered in Xen 4.9 through 4.14.x. | 5.5 |
| 2020-12-15 | CVE-2020-29486 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.0 |
| 2020-12-15 | CVE-2020-29485 | Memory Leak vulnerability in multiple products An issue was discovered in Xen 4.6 through 4.14.x. | 5.5 |
| 2020-12-15 | CVE-2020-29484 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.0 |
| 2020-12-15 | CVE-2020-29483 | Use After Free vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.5 |
| 2020-12-15 | CVE-2020-29482 | Untrusted Search Path vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.0 |
| 2020-12-15 | CVE-2020-29481 | Improper Privilege Management vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 8.8 |