Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Xen Number Of NVD 431 CRITICAL 12 HIGH 133 MEDIUM 238 LOW 48
URL https://xenproject.org/
Explanation Since 2010, the Xen community has been developing and maintaining Xen as free software under the GPLv2 license. Xen is available for IA-32, x64, IA-64, and ARM architectures. Xen is available for IA-32, x64, IA-64, and ARM architectures.

In a Xen system, the Xen hypervisor is the core software that runs at the lowest privilege level [2]. The Xen hypervisor hierarchy supports one or more guest operating systems and performs scheduling for the physical CPU. the physical CPU. The first guest OS is referred to in Xen jargon as "domain 0" (dom0). It is, by default, automatically executed when the hypervisor boots, and has special administrative privileges and direct access to all physical hardware. The system administrator can log in to any additional guest OS through dom0. The management target at this time is called "domain U" (domU) in Xen jargon, where domain U means user domains.

Excerpt from [https://ja.wikipedia.org/wiki/Xen_(virtualization software)].
Add Information URL
No Type Name URL
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
131 Xen 4.19 4.19.0 July 29, 2024 July 29, 2024 0 1 0 0
132 Xen 4.18 4.18.3 Aug. 14, 2024 Nov. 17, 2023 0 1 0 0
133 Xen 4.17 4.17.5 Aug. 14, 2024 Dec. 14, 2022 0 4 3 1
134 Xen 4.16 4.16.6 March 27, 2024 Dec. 2, 2021 0 3 5 2
135 Xen 4.15 4.15.7 May 3, 2024 April 8, 2021 0 11 9 2
136 Xen 4.9 4.9.4 3 55 66 3
137 Xen 4.8 4.8.5 10 58 68 3
138 Xen 4.7 4.7.6 12 57 73 4
139 Xen 4.6 4.6.6 11 62 82 8
140 Xen 4.5 4.5.5 11 67 87 16
141 Xen 4.4 4.4.4 11 67 98 25
142 Xen 4.3 4.3.4 11 68 99 23
143 Xen 4.2 4.2.5 11 70 126 34
144 Xen 4.14 4.14.3 0 21 30 3
145 Xen 4.13 4.13.4 0 26 37 3
146 Xen 4.12 4.12.4 1 30 46 3
147 Xen 4.11 4.11.4 1 45 53 3
148 Xen 4.10 4.10.4 2 43 57 3
149 Xen 4.1 4.1.6.1 11 74 122 32
150 Xen 4.0 4.0.4 11 64 104 28
151 Xen 3.4 3.4.4 11 58 84 21
152 Xen 3.3 3.3.2 11 53 82 18
153 Xen 3.2 3.2.3 11 52 76 15
154 Xen 3.1 3.1.4 11 44 71 10
155 Xen 3.0 3.0.4 11 44 70 9
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
131 6.5
4.7 		MEDIUM
Local 		An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2020-15563 cpe:2.3:o:xen:xen:*:* 4.8.0 4.13.1 2024-11-21 14:05
2020-07-7 		Show GitHub Exploit DB Packet Storm
132 5.5
2.1 		MEDIUM
Local 		An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. Unprivileged guests can request to ma… CWE-212
 Improper Removal of Sensitive Information Before Storage or Transfer 		CVE-2020-11740 cpe:2.3:o:xen:xen:4.13.0:rc2
cpe:2.3:o:xen:xen:4.13.0:rc1
cpe:2.3:o:xen:xen:*:* 		3.2.0 4.13.0 2024-11-21 13:58
2020-04-14 		Show GitHub Exploit DB Packet Storm
133 5.5
2.1 		MEDIUM
Local 		An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of a bad error path in GNTTABOP_map_grant. Grant table operations are expected to return 0 … CWE-755
 Improper Handling of Exceptional Conditions 		CVE-2020-11743 cpe:2.3:o:xen:xen:4.13.0:rc2
cpe:2.3:o:xen:xen:4.13.0:rc1
cpe:2.3:o:xen:xen:*:* 		4.13.0 2024-11-21 13:58
2020-04-14 		Show GitHub Exploit DB Packet Storm
134 5.5
2.1 		MEDIUM
Local 		An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOP_copy. Grant table operations are expected to retur… NVD-CWE-Other
CVE-2020-11742 cpe:2.3:o:xen:xen:4.13.0:rc2
cpe:2.3:o:xen:xen:4.13.0:rc1
cpe:2.3:o:xen:xen:*:* 		4.13.0 2024-11-21 13:58
2020-04-14 		Show GitHub Exploit DB Packet Storm
135 8.8
6.9 		HIGH
Local 		An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly g… CWE-909
 Missing Initialization of Resource 		CVE-2020-11741 cpe:2.3:o:xen:xen:4.13.0:rc2
cpe:2.3:o:xen:xen:4.13.0:rc1
cpe:2.3:o:xen:xen:*:* 		4.13.0 2024-11-21 13:58
2020-04-14 		Show GitHub Exploit DB Packet Storm
136 7.8
6.9 		HIGH
Local 		An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service or possibly gain privileges because of missing memory barriers in read-write unlock paths. The read… CWE-362
Race Condition 		CVE-2020-11739 cpe:2.3:o:xen:xen:4.13.0:rc2
cpe:2.3:o:xen:xen:4.13.0:rc1
cpe:2.3:o:xen:xen:*:* 		4.13.0 2024-11-21 13:58
2020-04-14 		Show GitHub Exploit DB Packet Storm
137 3.5
2.7 		LOW
Adjacent 		The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of ser… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2015-6815 cpe:2.3:o:xen:xen:4.5.1:*
cpe:2.3:o:xen:xen:4.4.3:* 		2024-11-21 11:35
2020-02-1 		Show GitHub Exploit DB Packet Storm
138 7.5
5.0 		HIGH
Network 		An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service (guest OS crash) because VMX VMEntry checks mishandle a certain case. Please see XSA-260… NVD-CWE-noinfo
CVE-2019-19583 cpe:2.3:o:xen:xen:*:* 4.8.0 4.12.1 2024-11-21 13:34
2019-12-12 		Show GitHub Exploit DB Packet Storm
139 6.5
2.1 		MEDIUM
Local 		An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service (infinite loop) because certain bit iteration is mishandled. In a number of places bitmaps are b… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2019-19582 cpe:2.3:o:xen:xen:*:* 4.8.0 4.12.1 2024-11-21 13:34
2019-12-12 		Show GitHub Exploit DB Packet Storm
140 6.5
2.1 		MEDIUM
Local 		An issue was discovered in Xen through 4.12.x allowing 32-bit Arm guest OS users to cause a denial of service (out-of-bounds access) because certain bit iteration is mishandled. In a number of places… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2019-19581 cpe:2.3:o:xen:xen:*:* 4.8.0 4.12.1 2024-11-21 13:34
2019-12-12 		Show GitHub Exploit DB Packet Storm