Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Xen Number Of NVD 431 CRITICAL 12 HIGH 133 MEDIUM 238 LOW 48
URL https://xenproject.org/
Explanation Since 2010, the Xen community has been developing and maintaining Xen as free software under the GPLv2 license. Xen is available for IA-32, x64, IA-64, and ARM architectures. Xen is available for IA-32, x64, IA-64, and ARM architectures.

In a Xen system, the Xen hypervisor is the core software that runs at the lowest privilege level [2]. The Xen hypervisor hierarchy supports one or more guest operating systems and performs scheduling for the physical CPU. the physical CPU. The first guest OS is referred to in Xen jargon as "domain 0" (dom0). It is, by default, automatically executed when the hypervisor boots, and has special administrative privileges and direct access to all physical hardware. The system administrator can log in to any additional guest OS through dom0. The management target at this time is called "domain U" (domU) in Xen jargon, where domain U means user domains.

Excerpt from [https://ja.wikipedia.org/wiki/Xen_(virtualization software)].
Add Information URL
No Type Name URL
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
191 Xen 4.19 4.19.0 July 29, 2024 July 29, 2024 0 1 0 0
192 Xen 4.18 4.18.3 Aug. 14, 2024 Nov. 17, 2023 0 1 0 0
193 Xen 4.17 4.17.5 Aug. 14, 2024 Dec. 14, 2022 0 4 3 1
194 Xen 4.16 4.16.6 March 27, 2024 Dec. 2, 2021 0 3 5 2
195 Xen 4.15 4.15.7 May 3, 2024 April 8, 2021 0 11 9 2
196 Xen 4.9 4.9.4 3 55 66 3
197 Xen 4.8 4.8.5 10 58 68 3
198 Xen 4.7 4.7.6 12 57 73 4
199 Xen 4.6 4.6.6 11 62 82 8
200 Xen 4.5 4.5.5 11 67 87 16
201 Xen 4.4 4.4.4 11 67 98 25
202 Xen 4.3 4.3.4 11 68 99 23
203 Xen 4.2 4.2.5 11 70 126 34
204 Xen 4.14 4.14.3 0 21 30 3
205 Xen 4.13 4.13.4 0 26 37 3
206 Xen 4.12 4.12.4 1 30 46 3
207 Xen 4.11 4.11.4 1 45 53 3
208 Xen 4.10 4.10.4 2 43 57 3
209 Xen 4.1 4.1.6.1 11 74 122 32
210 Xen 4.0 4.0.4 11 64 104 28
211 Xen 3.4 3.4.4 11 58 84 21
212 Xen 3.3 3.3.2 11 53 82 18
213 Xen 3.2 3.2.3 11 52 76 15
214 Xen 3.1 3.1.4 11 44 71 10
215 Xen 3.0 3.0.4 11 44 70 9
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
191 5.6
4.7 		MEDIUM
Local 		An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion … CWE-20
 Improper Input Validation  		CVE-2017-17565 cpe:2.3:o:xen:xen:*:* 4.9.1 2024-11-21 12:18
2017-12-13 		Show GitHub Exploit DB Packet Storm
192 7.8
6.9 		HIGH
Local 		An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference count… CWE-388
 7PK - Errors 		CVE-2017-17564 cpe:2.3:o:xen:xen:*:* 4.9.1 2024-11-21 12:18
2017-12-13 		Show GitHub Exploit DB Packet Storm
193 7.8
6.9 		HIGH
Local 		An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overfl… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-17563 cpe:2.3:o:xen:xen:*:* 4.9.1 2024-11-21 12:18
2017-12-13 		Show GitHub Exploit DB Packet Storm
194 6.5
2.1 		MEDIUM
Local 		An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that… CWE-200
Information Exposure 		CVE-2017-17046 cpe:2.3:o:xen:xen:*:* 4.9.1 2024-11-21 12:17
2017-11-29 		Show GitHub Exploit DB Packet Storm
195 8.8
7.2 		HIGH
Local 		An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by lever… CWE-416
 Use After Free 		CVE-2017-17045 cpe:2.3:o:xen:xen:*:* 4.9.1 2024-11-21 12:17
2017-11-29 		Show GitHub Exploit DB Packet Storm
196 6.5
4.9 		MEDIUM
Local 		An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service (infinite loop and host OS hang) by leveraging the mishandling of Populate on Demand (PoD) errors. CWE-754
CWE-755
CWE-835
 Improper Check for Unusual or Exceptional Conditions
 Improper Handling of Exceptional Conditions
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2017-17044 cpe:2.3:o:xen:xen:*:* 4.9.1 2024-11-21 12:17
2017-11-29 		Show GitHub Exploit DB Packet Storm
197 9.1
9.0 		CRITICAL
Network 		An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not mat… CWE-119
CWE-200
Incorrect Access of Indexable Resource ('Range Error') 
Information Exposure 		CVE-2017-15597 cpe:2.3:o:xen:xen:*:rc7 4.9.0 2024-11-21 12:14
2017-10-30 		Show GitHub Exploit DB Packet Storm
198 6.0
4.9 		MEDIUM
Local 		An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physma… CWE-400
 Uncontrolled Resource Consumption 		CVE-2017-15596 cpe:2.3:o:xen:xen:4.9.0:rc9
cpe:2.3:o:xen:xen:4.9.0:rc8
cpe:2.3:o:xen:xen:4.9.0:rc7
cpe:2.3:o:xen:xen:4.9.0:rc… 		2024-11-21 12:14
2017-10-18 		Show GitHub Exploit DB Packet Storm
199 8.8
7.2 		HIGH
Local 		An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via… CWE-400
 Uncontrolled Resource Consumption 		CVE-2017-15595 cpe:2.3:o:xen:xen:*:* 4.9.0 2024-11-21 12:14
2017-10-18 		Show GitHub Exploit DB Packet Storm
200 8.8
4.6 		HIGH
Local 		An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotpl… NVD-CWE-noinfo
CVE-2017-15594 cpe:2.3:o:xen:xen:*:* 4.9.0 2024-11-21 12:14
2017-10-18 		Show GitHub Exploit DB Packet Storm