CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-8553

Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0777.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.6%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 2.1

References

http://xenbits.xen.org/xsa/advisory-120.html
https://seclists.org/bugtraq/2019/Aug/18
https://www.debian.org/security/2019/dsa-4497
http://xenbits.xen.org/xsa/advisory-120.html
https://seclists.org/bugtraq/2019/Aug/18
https://www.debian.org/security/2019/dsa-4497

Products affected by CVE-2015-8553

Redhat » Enterprise Linux » Version: 5

cpe:2.3:o:redhat:enterprise_linux:5
Xen » Xen » Version: N/A

cpe:2.3:o:xen:xen:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-8553

Products

Pricing

Contact Us