Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Xen Number Of NVD 431 CRITICAL 12 HIGH 133 MEDIUM 238 LOW 48
URL https://xenproject.org/
Explanation Since 2010, the Xen community has been developing and maintaining Xen as free software under the GPLv2 license. Xen is available for IA-32, x64, IA-64, and ARM architectures. Xen is available for IA-32, x64, IA-64, and ARM architectures.

In a Xen system, the Xen hypervisor is the core software that runs at the lowest privilege level [2]. The Xen hypervisor hierarchy supports one or more guest operating systems and performs scheduling for the physical CPU. the physical CPU. The first guest OS is referred to in Xen jargon as "domain 0" (dom0). It is, by default, automatically executed when the hypervisor boots, and has special administrative privileges and direct access to all physical hardware. The system administrator can log in to any additional guest OS through dom0. The management target at this time is called "domain U" (domU) in Xen jargon, where domain U means user domains.

Excerpt from [https://ja.wikipedia.org/wiki/Xen_(virtualization software)].
Add Information URL
No Type Name URL
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
411 Xen 4.19 4.19.0 July 29, 2024 July 29, 2024 0 1 0 0
412 Xen 4.18 4.18.3 Aug. 14, 2024 Nov. 17, 2023 0 1 0 0
413 Xen 4.17 4.17.5 Aug. 14, 2024 Dec. 14, 2022 0 4 3 1
414 Xen 4.16 4.16.6 March 27, 2024 Dec. 2, 2021 0 3 5 2
415 Xen 4.15 4.15.7 May 3, 2024 April 8, 2021 0 11 9 2
416 Xen 4.9 4.9.4 3 55 66 3
417 Xen 4.8 4.8.5 10 58 68 3
418 Xen 4.7 4.7.6 12 57 73 4
419 Xen 4.6 4.6.6 11 62 82 8
420 Xen 4.5 4.5.5 11 67 87 16
421 Xen 4.4 4.4.4 11 67 98 25
422 Xen 4.3 4.3.4 11 68 99 23
423 Xen 4.2 4.2.5 11 70 126 34
424 Xen 4.14 4.14.3 0 21 30 3
425 Xen 4.13 4.13.4 0 26 37 3
426 Xen 4.12 4.12.4 1 30 46 3
427 Xen 4.11 4.11.4 1 45 53 3
428 Xen 4.10 4.10.4 2 43 57 3
429 Xen 4.1 4.1.6.1 11 74 122 32
430 Xen 4.0 4.0.4 11 64 104 28
431 Xen 3.4 3.4.4 11 58 84 21
432 Xen 3.3 3.3.2 11 53 82 18
433 Xen 3.2 3.2.3 11 52 76 15
434 Xen 3.1 3.1.4 11 44 71 10
435 Xen 3.0 3.0.4 11 44 70 9
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
411 -
6.9 		MEDIUM The do_tmem_destroy_pool function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 does not properly validate pool ids, which allows local guest OS users to cause a denial of service (memor… CWE-20
 Improper Input Validation  		CVE-2012-6035 cpe:2.3:o:xen:xen:4.2.0:*
cpe:2.3:o:xen:xen:4.1.0:*
cpe:2.3:o:xen:xen:4.0.0:* 		2024-11-21 10:45
2012-11-24 		Show GitHub Exploit DB Packet Storm
412 -
4.4 		MEDIUM The (1) tmemc_save_get_next_page and (2) tmemc_save_get_next_inv functions and the (3) TMEMC_SAVE_GET_POOL_UUID sub-operation in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 "do not check … CWE-20
 Improper Input Validation  		CVE-2012-6034 cpe:2.3:o:xen:xen:4.2.0:*
cpe:2.3:o:xen:xen:4.1.0:*
cpe:2.3:o:xen:xen:4.0.0:* 		2024-11-21 10:45
2012-11-24 		Show GitHub Exploit DB Packet Storm
413 -
4.4 		MEDIUM The do_tmem_control function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 does not properly check privileges, which allows local guest OS users to access control stack operations via un… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-6033 cpe:2.3:o:xen:xen:4.2.0:*
cpe:2.3:o:xen:xen:4.1.0:*
cpe:2.3:o:xen:xen:4.0.0:* 		2024-11-21 10:45
2012-11-24 		Show GitHub Exploit DB Packet Storm
414 -
4.9 		MEDIUM Multiple integer overflows in the (1) tmh_copy_from_client and (2) tmh_copy_to_client functions in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial… CWE-189
Numeric Errors 		CVE-2012-6032 cpe:2.3:o:xen:xen:4.2.0:*
cpe:2.3:o:xen:xen:4.1.0:*
cpe:2.3:o:xen:xen:4.0.0:* 		2024-11-21 10:45
2012-11-24 		Show GitHub Exploit DB Packet Storm
415 -
4.7 		MEDIUM The do_tmem_get function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (CPU hang and host crash) via unspecified vectors related t… CWE-20
 Improper Input Validation  		CVE-2012-6031 cpe:2.3:o:xen:xen:4.2.0:*
cpe:2.3:o:xen:xen:4.1.0:*
cpe:2.3:o:xen:xen:4.0.0:* 		2024-11-21 10:45
2012-11-24 		Show GitHub Exploit DB Packet Storm
416 -
7.2 		HIGH The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (host crash) and possibly have other unspecified impacts via… CWE-20
 Improper Input Validation  		CVE-2012-6030 cpe:2.3:o:xen:xen:4.2.0:*
cpe:2.3:o:xen:xen:4.1.0:*
cpe:2.3:o:xen:xen:4.0.0:* 		2024-11-21 10:45
2012-11-24 		Show GitHub Exploit DB Packet Storm
417 -
4.6 		MEDIUM The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-099… CWE-200
Information Exposure 		CVE-2012-4411 cpe:2.3:o:xen:xen:4.2.0:*
cpe:2.3:o:xen:xen:4.1.0:*
cpe:2.3:o:xen:xen:4.0.0:* 		2024-11-21 10:42
2012-11-24 		Show GitHub Exploit DB Packet Storm
418 -
6.9 		MEDIUM The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-3516 cpe:2.3:o:xen:xen:4.2.0:* 2024-11-21 10:41
2012-11-24 		Show GitHub Exploit DB Packet Storm
419 -
7.2 		HIGH Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 seq… CWE-20
 Improper Input Validation  		CVE-2012-3515 cpe:2.3:o:xen:xen:4.1.0:*
cpe:2.3:o:xen:xen:4.0.0:* 		2024-11-21 10:41
2012-11-24 		Show GitHub Exploit DB Packet Storm
420 -
5.6 		MEDIUM PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory v… CWE-20
 Improper Input Validation  		CVE-2012-3498 cpe:2.3:o:xen:xen:4.2.0:*
cpe:2.3:o:xen:xen:4.1.0:* 		2024-11-21 10:41
2012-11-24 		Show GitHub Exploit DB Packet Storm