Every CVE whose affected-product data names Xhyve Project Xhyve, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-36660 — CVSS 9.8 (critical): xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pci_vtrnd_notify().
CVE-2022-35867 — CVSS 6.7 (medium): This vulnerability allows local attackers to escalate privileges on affected installations of xhyve. An attacker must first obtain the…
CVE-2022-36659 — CVSS 6.5 (medium): xhyve commit dfbe09b was discovered to contain a NULL pointer dereference via the component vi_pci_write(). This vulnerability allows…
CVE-2022-36661 — CVSS 6.5 (medium): xhyve commit dfbe09b was discovered to contain a NULL pointer dereference via the component vi_pci_read(). This vulnerability allows…