Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2008-3761

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-21 Aug, 2008 | 17:00
Updated At-07 Aug, 2024 | 09:53
Rejected At-
Credits

hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 uses the METHOD_NEITHER communication method for IOCTLs, which allows local users to cause a denial of service via a crafted IOCTL request.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:21 Aug, 2008 | 17:00
Updated At:07 Aug, 2024 | 09:53
Rejected At:
▼CVE Numbering Authority (CNA)

hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 uses the METHOD_NEITHER communication method for IOCTLs, which allows local users to cause a denial of service via a crafted IOCTL request.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/44539
vdb-entry
x_refsource_XF
http://securityreason.com/securityalert/4177
third-party-advisory
x_refsource_SREASON
http://seclists.org/fulldisclosure/2009/Apr/0036.html
mailing-list
x_refsource_FULLDISC
http://www.securityfocus.com/bid/30737
vdb-entry
x_refsource_BID
http://www.securityfocus.com/bid/34373
vdb-entry
x_refsource_BID
http://www.securitytracker.com/id?1020715
vdb-entry
x_refsource_SECTRACK
http://www.orange-bat.com/adv/2008/adv.08.17.txt
x_refsource_MISC
http://www.vupen.com/english/advisories/2009/0944
vdb-entry
x_refsource_VUPEN
http://lists.vmware.com/pipermail/security-announce/2009/000054.html
mailing-list
x_refsource_MLIST
http://www.vmware.com/security/advisories/VMSA-2009-0005.html
x_refsource_CONFIRM
https://www.exploit-db.com/exploits/6262
exploit
x_refsource_EXPLOIT-DB
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/44539
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://securityreason.com/securityalert/4177
Resource:
third-party-advisory
x_refsource_SREASON
Hyperlink: http://seclists.org/fulldisclosure/2009/Apr/0036.html
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: http://www.securityfocus.com/bid/30737
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.securityfocus.com/bid/34373
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.securitytracker.com/id?1020715
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.orange-bat.com/adv/2008/adv.08.17.txt
Resource:
x_refsource_MISC
Hyperlink: http://www.vupen.com/english/advisories/2009/0944
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://lists.vmware.com/pipermail/security-announce/2009/000054.html
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2009-0005.html
Resource:
x_refsource_CONFIRM
Hyperlink: https://www.exploit-db.com/exploits/6262
Resource:
exploit
x_refsource_EXPLOIT-DB
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/44539
vdb-entry
x_refsource_XF
x_transferred
http://securityreason.com/securityalert/4177
third-party-advisory
x_refsource_SREASON
x_transferred
http://seclists.org/fulldisclosure/2009/Apr/0036.html
mailing-list
x_refsource_FULLDISC
x_transferred
http://www.securityfocus.com/bid/30737
vdb-entry
x_refsource_BID
x_transferred
http://www.securityfocus.com/bid/34373
vdb-entry
x_refsource_BID
x_transferred
http://www.securitytracker.com/id?1020715
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.orange-bat.com/adv/2008/adv.08.17.txt
x_refsource_MISC
x_transferred
http://www.vupen.com/english/advisories/2009/0944
vdb-entry
x_refsource_VUPEN
x_transferred
http://lists.vmware.com/pipermail/security-announce/2009/000054.html
mailing-list
x_refsource_MLIST
x_transferred
http://www.vmware.com/security/advisories/VMSA-2009-0005.html
x_refsource_CONFIRM
x_transferred
https://www.exploit-db.com/exploits/6262
exploit
x_refsource_EXPLOIT-DB
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/44539
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://securityreason.com/securityalert/4177
Resource:
third-party-advisory
x_refsource_SREASON
x_transferred
Hyperlink: http://seclists.org/fulldisclosure/2009/Apr/0036.html
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: http://www.securityfocus.com/bid/30737
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.securityfocus.com/bid/34373
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.securitytracker.com/id?1020715
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.orange-bat.com/adv/2008/adv.08.17.txt
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2009/0944
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://lists.vmware.com/pipermail/security-announce/2009/000054.html
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2009-0005.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.exploit-db.com/exploits/6262
Resource:
exploit
x_refsource_EXPLOIT-DB
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:21 Aug, 2008 | 17:41
Updated At:29 Sep, 2017 | 01:31

hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 uses the METHOD_NEITHER communication method for IOCTLs, which allows local users to cause a denial of service via a crafted IOCTL request.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.9MEDIUM
AV:L/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 2.0
Base score: 4.9
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
VMware (Broadcom Inc.)
vmware
>>vmware_workstation>>6.0.0.45731
cpe:2.3:a:vmware:vmware_workstation:6.0.0.45731:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.vmware.com/pipermail/security-announce/2009/000054.htmlcve@mitre.org
N/A
http://seclists.org/fulldisclosure/2009/Apr/0036.htmlcve@mitre.org
N/A
http://securityreason.com/securityalert/4177cve@mitre.org
N/A
http://www.orange-bat.com/adv/2008/adv.08.17.txtcve@mitre.org
N/A
http://www.securityfocus.com/bid/30737cve@mitre.org
N/A
http://www.securityfocus.com/bid/34373cve@mitre.org
N/A
http://www.securitytracker.com/id?1020715cve@mitre.org
N/A
http://www.vmware.com/security/advisories/VMSA-2009-0005.htmlcve@mitre.org
N/A
http://www.vupen.com/english/advisories/2009/0944cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/44539cve@mitre.org
N/A
https://www.exploit-db.com/exploits/6262cve@mitre.org
N/A
Hyperlink: http://lists.vmware.com/pipermail/security-announce/2009/000054.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2009/Apr/0036.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/4177
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.orange-bat.com/adv/2008/adv.08.17.txt
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/30737
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/34373
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1020715
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2009-0005.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2009/0944
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/44539
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.exploit-db.com/exploits/6262
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

179Records found
CVE-2017-10674
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.17%
||
7 Day CHG~0.00%
Published-30 Jun, 2017 | 13:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Antiy Antivirus Engine 5.0.0.06281654 allows local users to cause a denial of service (BSOD) via a long third argument in a DeviceIoControl call.

Action-Not Available
Vendor-antiyn/a
Product-antivirus_enginen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-26321
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.15% / 35.62%
||
7 Day CHG~0.00%
Published-16 Nov, 2021 | 18:07
Updated-16 Sep, 2024 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient ID command validation in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-epyc_7543epyc_7502_firmwareepyc_7402epyc_7262_firmwareepyc_7371_firmwareepyc_7443_firmwareepyc_7402pepyc_7451epyc_7261epyc_7282_firmwareepyc_7343epyc_7252_firmwareepyc_7543_firmwareepyc_7f32epyc_7542_firmwareepyc_7551_firmwareepyc_7763_firmwareepyc_7272_firmwareepyc_7713pepyc_7443epyc_7513epyc_7313p_firmwareepyc_7252epyc_7502pepyc_7232p_firmwareepyc_7702epyc_7351p_firmwareepyc_7302p_firmwareepyc_7453epyc_7642_firmwareepyc_7h12epyc_7452epyc_7513_firmwareepyc_7543p_firmwareepyc_7542epyc_7281_firmwareepyc_7413_firmwareepyc_7h12_firmwareepyc_7601epyc_7302epyc_7232pepyc_7643_firmwareepyc_7f52epyc_7663epyc_7552_firmwareepyc_75f3epyc_7371epyc_72f3_firmwareepyc_7f72epyc_7f32_firmwareepyc_7662epyc_7f72_firmwareepyc_7662_firmwareepyc_7502epyc_75f3_firmwareepyc_7642epyc_7451_firmwareepyc_7343_firmwareepyc_7532_firmwareepyc_7551epyc_7281epyc_7502p_firmwareepyc_7413epyc_7301epyc_7551pepyc_7313pepyc_7313epyc_7351pepyc_7551p_firmwareepyc_7663_firmwareepyc_7601_firmwareepyc_7351_firmwareepyc_7251epyc_7532epyc_7552epyc_7302pepyc_7702p_firmwareepyc_74f3_firmwareepyc_7352epyc_7302_firmwareepyc_7763epyc_7401epyc_7713_firmwareepyc_7402_firmwareepyc_7742epyc_7713p_firmwareepyc_7272epyc_73f3_firmwareepyc_7702pepyc_7f52_firmwareepyc_7262epyc_7713epyc_7443p_firmwareepyc_7251_firmwareepyc_7401_firmwareepyc_72f3epyc_7643epyc_7452_firmwareepyc_7402p_firmwareepyc_7351epyc_7261_firmwareepyc_7543pepyc_7313_firmwareepyc_7443pepyc_7742_firmwareepyc_7453_firmwareepyc_7282epyc_7501epyc_7501_firmwareepyc_7702_firmwareepyc_7352_firmwareepyc_74f3epyc_7301_firmwareepyc_73f32nd Gen AMD EPYC™3rd Gen AMD EPYC™1st Gen AMD EPYC™
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2021-25489
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-3.3||LOW
EPSS-0.29% / 51.93%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:10
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-07-20||Apply updates per vendor instructions or discontinue use of the product if updates are unavailable

Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.

Action-Not Available
Vendor-Samsung ElectronicsSamsungGoogle LLC
Product-androidSamsung Mobile DevicesMobile Devices
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-134
Use of Externally-Controlled Format String
CVE-2012-4538
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 16.54%
||
7 Day CHG~0.00%
Published-24 Nov, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HVMOP_pagetable_dying hypercall in Xen 4.0, 4.1, and 4.2 does not properly check the pagetable state when running on shadow pagetables, which allows a local HVM guest OS to cause a denial of service (hypervisor crash) via unspecified vectors.

Action-Not Available
Vendor-n/aXen Project
Product-xenn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-6247
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.14%
||
7 Day CHG~0.00%
Published-07 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist.

Action-Not Available
Vendor-n/aOpenBSD
Product-openbsdn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2006-1528
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.09% / 26.32%
||
7 Day CHG~0.00%
Published-18 May, 2006 | 19:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2006-1522
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.07% / 22.36%
||
7 Day CHG~0.00%
Published-10 Apr, 2006 | 20:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid dereference in the __keyring_search_one function.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2006-0744
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.11% / 29.28%
||
7 Day CHG~0.00%
Published-18 Apr, 2006 | 10:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-3044
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 35.35%
||
7 Day CHG~0.00%
Published-01 Dec, 2016 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux kernel component in IBM PowerKVM 2.1 before 2.1.1.3-65.10 and 3.1 before 3.1.0.2 allows guest OS users to cause a denial of service (host OS infinite loop and hang) via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-powerkvmn/a
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-284
Improper Access Control
CVE-2014-2597
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 14.10%
||
7 Day CHG~0.00%
Published-18 Apr, 2014 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PCNetSoftware RAC Server 4.0.4 and 4.0.5 allows local users to cause a denial of service (disabled keyboard or crash) via a large input buffer to unspecified IOCTL requests in RACDriver.sys, which triggers a buffer over-read.

Action-Not Available
Vendor-remote-racn/a
Product-rac_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-2414
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.2||MEDIUM
EPSS-0.50% / 64.93%
||
7 Day CHG~0.00%
Published-18 Apr, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Minikin library in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider negative size values in font data, which allows remote attackers to cause a denial of service (memory corruption and reboot loop) via a crafted font, aka internal bug 26413177.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2039
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.04% / 9.97%
||
7 Day CHG~0.00%
Published-28 Feb, 2014 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the s390 platform does not properly handle attempted use of the linkage stack, which allows local users to cause a denial of service (system crash) by executing a crafted instruction.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-8013
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.09% / 27.03%
||
7 Day CHG~0.00%
Published-03 Feb, 2015 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TACACS+ command-authorization implementation in Cisco NX-OS allows local users to cause a denial of service (device reload) via a long CLI command, aka Bug ID CSCur54182.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-nx-osn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-3880
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 14.10%
||
7 Day CHG~0.00%
Published-10 Jun, 2014 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The (1) execve and (2) fexecve system calls in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 10.0 before p4 destroys the virtual memory address space and mappings for a process before all threads have terminated, which allows local users to cause a denial of service (triple-fault and system reboot) via a crafted system call, which triggers an invalid page table pointer dereference.

Action-Not Available
Vendor-n/aFreeBSD Foundation
Product-freebsdn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-4434
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 16.31%
||
7 Day CHG~0.00%
Published-18 Oct, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kernel in Apple OS X before 10.10 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted filename on an HFS filesystem.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-5192
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.14% / 34.34%
||
7 Day CHG~0.00%
Published-24 Oct, 2013 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The USB hub controller in Apple Mac OS X before 10.9 allows local users to cause a denial of service (system crash) via a request with a crafted (1) port or (2) port number.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2599
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.07% / 23.04%
||
7 Day CHG~0.00%
Published-28 Mar, 2014 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HVMOP_set_mem_access HVM control operations in Xen 4.1.x for 32-bit and 4.1.x through 4.4.x for 64-bit allow local guest administrators to cause a denial of service (CPU consumption) by leveraging access to certain service domains for HVM guests and a large input.

Action-Not Available
Vendor-n/aXen Project
Product-xenn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-1874
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 19.17%
||
7 Day CHG~0.00%
Published-28 Feb, 2014 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.SUSE
Product-linux_kernellinux_enterprise_serverubuntu_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0417
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 2.98%
||
7 Day CHG~0.00%
Published-18 Aug, 2021 | 14:43
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05336702.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidMT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-330
Use of Insufficiently Random Values
CVE-2013-3705
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.03% / 6.28%
||
7 Day CHG~0.00%
Published-22 Dec, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR5 on Windows allows local users to cause a denial of service (bugcheck and BSOD) via an IOCTL call for an invalid IOCTL.

Action-Not Available
Vendor-n/aNovell
Product-clientn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0419
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 2.98%
||
7 Day CHG~0.00%
Published-18 Aug, 2021 | 14:44
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05336713.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidMT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
CWE ID-CWE-20
Improper Input Validation
CVE-2017-15591
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 15.59%
||
7 Day CHG~0.00%
Published-18 Oct, 2017 | 08:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unmap implementation.

Action-Not Available
Vendor-n/aXen Project
Product-xenn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-2232
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.09% / 26.57%
||
7 Day CHG~0.00%
Published-04 Jul, 2013 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux kernel before 3.10 allows local users to cause a denial of service (system crash) by using an AF_INET6 socket for a connection to an IPv4 interface.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-2697
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.04% / 13.11%
||
7 Day CHG~0.00%
Published-24 Feb, 2013 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in autofs, as used in Red Hat Enterprise Linux (RHEL) 5, allows local users to cause a denial of service (autofs crash and delayed mounts) or prevent "mount expiration" via unspecified vectors related to "using an LDAP-based automount map."

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-enterprise_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-1029
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.50% / 64.75%
||
7 Day CHG~0.00%
Published-16 Sep, 2013 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kernel in Apple Mac OS X before 10.8.5 allows remote attackers to cause a denial of service (panic) via crafted IGMP packets that leverage incorrect, extraneous code in the IGMP parser.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-6647
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 13.38%
||
7 Day CHG~0.00%
Published-26 May, 2014 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The futex_wait_requeue_pi function in kernel/futex.c in the Linux kernel before 3.5.1 does not ensure that calls have two different futex addresses, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted FUTEX_WAIT_REQUEUE_PI command.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-8095
Matching Score-4
Assigner-Bitdefender
ShareView Details
Matching Score-4
Assigner-Bitdefender
CVSS Score-4.9||MEDIUM
EPSS-0.15% / 35.82%
||
7 Day CHG~0.00%
Published-30 Jan, 2020 | 21:05
Updated-17 Sep, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Bitdefender Total Security Link Resolution Denial-of-Service Vulnerability

A vulnerability in the improper handling of junctions before deletion in Bitdefender Total Security 2020 can allow an attacker to to trigger a denial of service on the affected device.

Action-Not Available
Vendor-Bitdefender
Product-total_security_2020Bitdefender Total Security 2020
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE ID-CWE-20
Improper Input Validation
CVE-2012-0723
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.07% / 20.56%
||
7 Day CHG~0.00%
Published-30 Jul, 2012 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted application.

Action-Not Available
Vendor-n/aIBM Corporation
Product-viosaixn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-0290
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.04% / 8.70%
||
7 Day CHG~0.00%
Published-19 Feb, 2013 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel before 3.8 does not properly handle the MSG_PEEK flag with zero-length data, which allows local users to cause a denial of service (infinite loop and system hang) via a crafted application.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-0617
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6||MEDIUM
EPSS-0.35% / 56.81%
||
7 Day CHG~0.00%
Published-14 Jan, 2020 | 23:11
Updated-04 Aug, 2024 | 06:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists when Microsoft Hyper-V Virtual PCI on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Hyper-V Denial of Service Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2019windows_10WindowsWindows Server
CWE ID-CWE-20
Improper Input Validation
CVE-2011-2518
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 14.22%
||
7 Day CHG~0.00%
Published-24 May, 2012 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The tomoyo_mount_acl function in security/tomoyo/mount.c in the Linux kernel before 2.6.39.2 calls the kern_path function with arguments taken directly from a mount system call, which allows local users to cause a denial of service (OOPS) or possibly have unspecified other impact via a NULL value for the device name.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-28188
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.13% / 32.61%
||
7 Day CHG~0.00%
Published-17 May, 2022 | 19:15
Updated-03 Aug, 2024 | 05:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product receives input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly, which may lead to denial of service.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-windowsvirtual_gpugpu_display_driverNVIDIA GPU Display Driver
CWE ID-CWE-20
Improper Input Validation
CVE-2010-1735
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.76% / 72.27%
||
7 Day CHG~0.00%
Published-05 May, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SfnLOGONNOTIFY function in win32k.sys in the kernel in Microsoft Windows 2000, XP, and Server 2003 allows local users to cause a denial of service (system crash) via a 0x4c value in the second argument (aka the Msg argument) of a PostMessage function call for the DDEMLEvent window.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_server_2003windows_xpwindows_2000windows_2003_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-4398
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.09% / 26.40%
||
7 Day CHG~0.00%
Published-18 Feb, 2013 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-4411
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.1||HIGH
EPSS-0.04% / 12.29%
||
7 Day CHG~0.00%
Published-19 May, 2020 | 13:15
Updated-17 Sep, 2024 | 02:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system. To exploit this vulnerability, a local attacker could invoke a subset of ioctls on the Spectrum Scale device with non-valid arguments. This could allow the attacker to crash the kernel. IBM X-Force ID: 179986.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, Inc
Product-spectrum_scaleaixlinux_kernelSpectrum Scale
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3201
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.04% / 11.57%
||
7 Day CHG~0.00%
Published-03 Jun, 2020 | 17:40
Updated-15 Nov, 2024 | 17:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software Tcl Denial of Service Vulnerability

A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient input validation of data passed to the Tcl interpreter. An attacker could exploit this vulnerability by executing crafted Tcl arguments on an affected device. An exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeiosCisco IOS 12.2(25)S
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3434
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.16% / 37.47%
||
7 Day CHG~0.00%
Published-17 Aug, 2020 | 18:01
Updated-13 Nov, 2024 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process on an affected device. A successful exploit could allow the attacker to stop the AnyConnect process, causing a DoS condition on the device. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-anyconnect_secure_mobility_clientCisco AnyConnect Secure Mobility Client
CWE ID-CWE-20
Improper Input Validation
CVE-2016-10024
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.14% / 35.07%
||
7 Day CHG~0.00%
Published-26 Jan, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations.

Action-Not Available
Vendor-n/aXen ProjectCitrix (Cloud Software Group, Inc.)
Product-xenxenservern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-1090
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 19.09%
||
7 Day CHG~0.00%
Published-17 May, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

Action-Not Available
Vendor-n/aSUSERed Hat, Inc.Linux Kernel Organization, Inc
Product-linux_enterprise_serverenterprise_mrglinux_enterprise_high_availability_extensionlinux_enterprise_desktoplinux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-2330
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 11.89%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

improper input validation in allocation request for secure allocations can lead to page fault. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636msm8909w_firmwaremsm8996ausd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwareipq4019_firmwaresd_675_firmwaresd_425_firmwaresd_665sdx24_firmwaresd_625_firmwareipq8074sd_450sd_845qcs605mdm9640sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835ipq8064sda660msm8909wsd_665_firmwareipq8064_firmwaresd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_425sdm660sd_430_firmwaresd_710_firmwaresd_435sdm630qcs405sd_625ipq8074_firmwaresd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_850_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_427ipq4019sd_430sd_670sd_435_firmwaresd_710sdx20_firmwaresdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-20
Improper Input Validation
CVE-2019-17348
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.21% / 42.74%
||
7 Day CHG~0.00%
Published-08 Oct, 2019 | 00:01
Updated-05 Aug, 2024 | 01:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service because of an incompatibility between Process Context Identifiers (PCID) and shadow-pagetable switching.

Action-Not Available
Vendor-n/aDebian GNU/LinuxXen Project
Product-xendebian_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-3049
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 18.19%
||
7 Day CHG~0.00%
Published-25 Sep, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS before 12.2(33)SXI allows local users to cause a denial of service (device reboot).

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2009-2715
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.19% / 41.19%
||
7 Day CHG~0.00%
Published-07 Aug, 2009 | 18:33
Updated-07 Aug, 2024 | 05:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to cause a denial of service (Linux host OS reboot) via a sysenter instruction.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-virtualboxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-5803
Matching Score-4
Assigner-Flexera Software LLC
ShareView Details
Matching Score-4
Assigner-Flexera Software LLC
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 19.04%
||
7 Day CHG~0.00%
Published-12 Jun, 2018 | 16:00
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

Action-Not Available
Vendor-Linux Kernel Organization, IncDebian GNU/LinuxRed Hat, Inc.The Linux Foundation
Product-enterprise_linux_serverdebian_linuxlinux_kernelenterprise_linux_workstationvirtualization_hostenterprise_linux_desktopLinux Kernel
CWE ID-CWE-20
Improper Input Validation
CVE-2011-3477
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 17.23%
||
7 Day CHG~0.00%
Published-19 Feb, 2018 | 19:00
Updated-06 Aug, 2024 | 23:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors.

Action-Not Available
Vendor-n/aSymantec Corporation
Product-norton_360backup_exec_system_recoverynorton_ghostsystem_recovery_2011n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-4004
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.1||HIGH
EPSS-0.05% / 14.50%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 14:15
Updated-05 Aug, 2024 | 04:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the disconnectService functionality. A non-root user is able to kill any privileged process on the system. An attacker would need local access to the machine for a successful exploit.

Action-Not Available
Vendor-shimovpnn/a
Product-shimo_vpnShimo VPN
CWE ID-CWE-20
Improper Input Validation
CVE-2018-3634
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.85%
||
7 Day CHG~0.00%
Published-15 May, 2018 | 14:00
Updated-16 Sep, 2024 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Parameter corruption in NDIS filter driver in Intel Online Connect Access 1.9.22.0 allows an attacker to cause a denial of service via local access.

Action-Not Available
Vendor-Intel Corporation
Product-online_connect_accessOnline Connect Access
CWE ID-CWE-20
Improper Input Validation
CVE-2018-19967
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 23.39%
||
7 Day CHG~0.00%
Published-08 Dec, 2018 | 04:00
Updated-05 Aug, 2024 | 11:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen through 4.11.x on Intel x86 platforms allowing guest OS users to cause a denial of service (host OS hang) because Xen does not work around Intel's mishandling of certain HLE transactions associated with the KACQUIRE instruction prefix.

Action-Not Available
Vendor-n/aDebian GNU/LinuxXen Project
Product-xendebian_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-21180
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 26.82%
||
7 Day CHG~0.00%
Published-15 Jun, 2022 | 20:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_e3-1565l_v5core_i7-6870hqxeon_e-2286gcore_i7-8670t_firmwarepentium_gold_g5500tcore_i7-7700t_firmwarecore_i3-10100core_i3-7320t_firmwarecore_i7-8850h_firmwarecore_i5-11400core_i7-10510yceleron_g5900t_firmwarexeon_e3-1220_v5core_i5-7y57_firmwarexeon_e-2174g_firmwarecore_i7-10710u_firmwarecore_i9-11900_firmwarexeon_e-2276ml_firmwarexeon_e3-1505m_v5_firmwarexeon_w-1270p_firmwarexeon_e3-1578l_v5_firmwarexeon_e-2246gcore_i9-10900_firmwarecore_i5-6350hqcore_i3-6300txeon_e-2374gcore_i5-8500t_firmwarecore_i7-9700k_firmwarexeon_e-2254ml_firmwarexeon_e-2236xeon_e3-1220_v5_firmwarexeon_e-2374g_firmwarecore_i7-8709g_firmwarepentium_gold_g6605pentium_gold_g6405u_firmwarepentium_gold_g5400tcore_i5-6500tcore_i5-7500core_i7-10875h_firmwarecore_i9-9900kf_firmwarecore_4415uxeon_e3-1545m_v5_firmwarecore_i3-6120core_i7-8709gcore_i5-7440hqxeon_w-10855mxeon_e-2278gepentium_gold_g5600_firmwarecore_i9-11900kfcore_i5-10600t_firmwarepentium_gold_g6505xeon_w-1270xeon_e3-1505l_v6xeon_e-2254me_firmwarecore_i7-11700k_firmwarecore_i5-10300h_firmwarepentium_gold_g6400core_i9-10900tpentium_gold_g5400_firmwarexeon_e-2126gcore_i5-8200ycore_i5-10500t_firmwarecore_i9-10900kcore_i5-10600_firmwarecore_i7-10700tecore_i7-8809g_firmwarecore_i5-11400fcore_i5-10400txeon_w-1290exeon_e3-1235l_v5core_i3-7110u_firmwarecore_5405u_firmwarecore_i7-6820eq_firmwareceleron_g5925_firmwarecore_i7-9700kfpentium_g4420t_firmwarepentium_g4520_firmwarecore_i5-7287u_firmwarexeon_w-1290te_firmwarecore_i3-8000tcore_i5-7600k_firmwarecore_i5-8305g_firmwarecore_i5-10110y_firmwarecore_i5-8650k_firmwarecore_i9-10900te_firmwarecore_i9-11900kcore_i3-8300t_firmwarecore_i3-7167u_firmwarecore_i5-10600kfxeon_w-10855_firmwarecore_i7-10700_firmwarepentium_gold_g6600_firmwarexeon_e-2146gcore_i9-10850hcore_i7-7820eq_firmwarecore_i5-8210y_firmwarecore_i5-9400fpentium_gold_g5420tcore_i7-10700kf_firmwarexeon_e-2286g_firmwarexeon_e3-1515m_v5core_i7-7560uceleron_g3920t_firmwarecore_i7-8550u_firmwarecore_i5-7600txeon_e-2284g_firmwarecore_i5-11600kfcore_i5-8365uceleron_g5900_firmwarexeon_e3-1260l_v5_firmwarexeon_e3-1240l_v5core_i5-9600kfpentium_g4500xeon_e-2288g_firmwarexeon_e-2276mxeon_e-2224gcore_i5-8600_firmwarecore_i5-8269ucore_i3-8100_firmwarepentium_g4500txeon_e3-1505m_v5core_i5-7600t_firmwarepentium_g4500_firmwarecore_i7-7510uxeon_e3-1535m_v6_firmwarecore_i7-10810ucore_i3-10300tcore_i7-7820hq_firmwarecore_i3-8100pentium_gold_g5500_firmwarepentium_gold_g5500t_firmwarexeon_e-2378g_firmwarecore_i9-11900core_i5-9600kcore_i5-8265ucore_i9-9900kfxeon_e-2246g_firmwarecore_i7-10700tcore_i5-8650core_i5-6300hqcore_i7-7600u_firmwarecore_i3-6120_firmwarecore_i7-9700kf_firmwarecore_i5-9300hcore_i7-10750hcore_i9-10850kceleron_g3920core_i5-6600t_firmwarecore_i3-7100e_firmwarecore_i5-8500bcore_3865u_firmwarepentium_gold_g6405xeon_e3-1225_v6_firmwarecore_i5-8250u_firmwarecore_i7-7820hk_firmwarexeon_w-1390_firmwarecore_4415ycore_i5-6600core_i3-8100hcore_i5-8400b_firmwarecore_i7-8706gceleron_g3940_firmwarepentium_gold_g6400tcore_i3-6300celeron_g3900core_i3-8120core_i5-7400t_firmwarecore_i9-11900fxeon_e3-1270_v5_firmwarecore_i5-8365u_firmwareceleron_g3902ecore_3865uxeon_w-1300_firmwarecore_i3-8130u_firmwarecore_i9-10885hcore_i7-8557ucore_i5-7440eqcore_i3-6320xeon_e-2386gcore_i3-8350k_firmwarecore_i5-11400_firmwarepentium_gold_g6605_firmwarexeon_e-2134core_i7-10750h_firmwarexeon_w-1290tecore_i7-8557u_firmwarecore_i5-6440eqcore_i9-10980hkxeon_e-2176mcore_i9-10900t_firmwarecore_i7-10700k_firmwarepentium_gold_g6505_firmwarecore_i5-11400f_firmwarecore_i3-10305_firmwarecore_i3-7100u_firmwarexeon_e-2274gcore_i3-10325_firmwarecore_i7-10510y_firmwarecore_i9-11900k_firmwareceleron_g5905t_firmwarexeon_e-2134_firmwarecore_i3-7007u_firmwarecore_i5-7267u_firmwarecore_i7-8500ycore_i5-7640x_firmwarecore_i9-11900t_firmwarexeon_e-2226g_firmwarepentium_g4520core_i5-7400_firmwarecore_i7-6700te_firmwarexeon_w-1370pentium_g4400_firmwareceleron_g3900te_firmwarexeon_e-2174gcore_i5-8600tcore_i7-8510y_firmwarexeon_e3-1585_v5_firmwarecore_i5-7200u_firmwarexeon_e3-1220_v6pentium_gold_g5420_firmwarecore_i7-7y75_firmwarepentium_gold_g6405t_firmwarexeon_e3-1220_v6_firmwareceleron_g3930ecore_i3-10320_firmwareceleron_g4900t_firmwarexeon_e-2176gxeon_e-2288gcore_i3-6100hcore_i7-7500uxeon_e-2274g_firmwarexeon_e3-1225_v6xeon_w-1370pcore_i3-6320t_firmwarexeon_e3-1280_v6core_i3-10320core_i5-8420t_firmwarepentium_gold_g5400xeon_e-2124g_firmwarecore_i3-10105fcore_i3-7120_firmwarexeon_w-1390t_firmwarexeon_e-2224_firmwarecore_i5-6400core_4415u_firmwarecore_i7-10875hcore_i5-6300hq_firmwarepentium_g4420tcore_i3-7101tecore_i7-7700core_i5-10400hcore_i5-6440eq_firmwarecore_i5-7300hqcore_i5-9600kf_firmwarecore_i5-10505_firmwarexeon_w-10885mxeon_e-2224g_firmwarexeon_e3-1505m_v6pentium_gold_g6500_firmwarecore_4410y_firmwarexeon_e3-1535m_v5core_i5-6600kcore_i5-10110yxeon_e3-1505m_v6_firmwarecore_i3-7007uxeon_e-2254mecore_i9-11900kf_firmwarexeon_e3-1505l_v5core_i7-8500y_firmwarecore_i7-6700t_firmwarecore_i7-6700tcore_i7-6822eq_firmwarecore_i5-6442eq_firmwarecore_i3-6102e_firmwarecore_i3-10105tcore_i9-9900k_firmwarecore_i7-6820hk_firmwarecore_i5-6500tecore_i7-10510u_firmwarecore_i7-7700_firmwarecore_i3-8100h_firmwareceleron_g5905_firmwarecore_i5-6500core_i3-10105t_firmwarecore_i5-10400h_firmwarecore_i9-10900kfcore_i9-9980hk_firmwarexeon_e-2144gcore_i3-10100tpentium_gold_g6600core_i7-7700hq_firmwarecore_i5-8300h_firmwarexeon_e3-1270_v6_firmwarecore_i9-9980hkcore_3965y_firmwarecore_i5-8500b_firmwarexeon_e-2244gcore_i3-6102exeon_w-1390tceleron_g3902e_firmwarecore_i7-6770hqcore_i7-10610uxeon_e3-1235l_v5_firmwarecore_i7-9850h_firmwarecore_i7-11700kfpentium_gold_g5420core_i7-11700_firmwarecore_i7-7740xcore_i7-7y75core_i7-8559ucore_i9-10850h_firmwarexeon_e3-1575m_v5core_i5-7210ucore_i5-8550_firmwarexeon_e-2124gcore_i5-11500tcore_i7-8670_firmwarecore_i7-8560ucore_i5-9400pentium_gold_g5600core_i3-6320_firmwarecore_i3-6100e_firmwarexeon_e3-1285_v6_firmwarexeon_w-1290t_firmwarecore_i3-10325xeon_e-2356gcore_i5-8500_firmwarecore_i7-8700core_i3-7130uxeon_e3-1585l_v5_firmwarecore_i5-8400xeon_e3-1585_v5core_i3-10105f_firmwarexeon_e-2334core_i5-7440hq_firmwarecore_i7-9850hcore_i5-7300hq_firmwarecore_i5-8650kxeon_w-1350core_i3-10110u_firmwarecore_i5-7600xeon_e3-1505l_v5_firmwarecore_i7-8750hfxeon_e3-1280_v5_firmwarexeon_w-1290core_i9-11900f_firmwarexeon_e-2186gxeon_e-2314_firmwarecore_i5-8310y_firmwarecore_i3-10110ucore_i7-8665u_firmwarecore_i9-10885h_firmwarexeon_e3-1280_v5core_i7-7567u_firmwarecore_i5-7442eq_firmwarecore_i5-11500_firmwarecore_i7-6770hq_firmwarecore_i7-8569u_firmwarecore_3965ycore_i5-8420_firmwarexeon_w-1350pcore_i9-10900xeon_e3-1230_v6_firmwarexeon_e3-1565l_v5_firmwarexeon_e3-1275_v6core_i5-7360uxeon_w-1250core_i5-7300ucore_i3-10300xeon_w-1290p_firmwareceleron_g5925core_i5-7600_firmwarecore_i5-6600tcore_i3-8100t_firmwarexeon_w-1250p_firmwarexeon_e3-1230_v5_firmwarecore_i5-6500t_firmwareceleron_g5920core_i3-7100h_firmwarecore_i7-8565ucore_i7-8670core_4205uxeon_e3-1578l_v5core_3965ucore_i5-8400_firmwarexeon_e-2104g_firmwarexeon_e-2234_firmwarecore_i7-7700kcore_i7-8510ycore_i7-10870hceleron_g3900t_firmwarecore_i7-10510ucore_i3-7320tcore_i3-6300t_firmwarecore_i3-10100fxeon_w-1290ppentium_gold_g5500core_i7-7920hq_firmwareceleron_5305u_firmwareceleron_g4900_firmwareceleron_g3940core_i5-8310ycore_i3-10300_firmwarecore_i5-6440hqcore_i7-9750hf_firmwarexeon_e-2324gcore_i7-6870hq_firmwarecore_i3-6100ecore_i5-7200uxeon_e3-1270_v5core_i3-8000t_firmwarecore_i5-8265u_firmwarecore_i7-6970hq_firmwarepentium_g4520t_firmwarexeon_e-2186m_firmwarecore_i7-6820hqcore_i5-10210ucore_i3-8000_firmwarexeon_e-2234pentium_gold_g5400t_firmwarecore_i5-10500core_i7-7740x_firmwarecore_i5-8400bpentium_gold_g6405tceleron_g5900tcore_i7-8850hcore_i3-7100hcore_i9-8950hk_firmwarecore_i5-8400h_firmwarecore_i5-11600_firmwarexeon_e3-1240_v6_firmwarecore_i5-10400t_firmwarecore_i5-6350hq_firmwarecore_i3-10100_firmwarecore_i9-8950hkxeon_e3-1230_v6core_i9-10900tecore_i5-11600kxeon_e3-1501l_v6xeon_e-2378core_i5-10600tcore_i5-10600kf_firmwarecore_i7-7700k_firmwarecore_i5-7640xcore_i5-7500uxeon_w-1290_firmwarexeon_e-2386g_firmwarexeon_e-2176m_firmwarecore_i5-9400hcore_i9-10900e_firmwarexeon_e-2278g_firmwarexeon_e3-1240_v6celeron_g5205u_firmwarexeon_e3-1230_v5xeon_e3-1240_v5_firmwarepentium_gold_g6505tcore_i7-7660uxeon_e3-1275_v5_firmwarexeon_e-2278gel_firmwarecore_i3-6320tcore_i7-7700hqcore_i7-6820hq_firmwarexeon_e-2236_firmwarexeon_e-2244g_firmwarepentium_gold_g6500tcore_i3-10100t_firmwarecore_i7-10700f_firmwarecore_m3-7y30core_i5-8269u_firmwarecore_i3-6100t_firmwarecore_i3-10105xeon_e3-1505l_v6_firmwarexeon_e3-1285_v6pentium_g4400te_firmwareceleron_g4900tceleron_g3900tcore_i5-11400tcore_i7-11700kcore_i9-10900kf_firmwarecore_i7-8550uxeon_e-2276mlxeon_e3-1225_v5_firmwarecore_i7-10810u_firmwarexeon_e3-1245_v6_firmwarexeon_w-1350_firmwarecore_i3-7101e_firmwarecore_i9-9880h_firmwarexeon_e3-1270_v6core_i7-6700hqxeon_e3-1545m_v5core_i5-6500_firmwarecore_i3-7102e_firmwarexeon_e3-1515m_v5_firmwarecore_i3-8300pentium_gold_g6400t_firmwarexeon_e-2334_firmwarexeon_e-2276me_firmwarepentium_g4520tcore_i7-10700kfcore_i5-8400tcore_i5-6440hq_firmwarecore_i5-7500tceleron_g5905xeon_w-1370p_firmwarecore_i5-11600kf_firmwarexeon_e-2136_firmwarexeon_w-1270_firmwarexeon_e-2276mecore_i5-7y54core_i5-7400core_i3-6100te_firmwarecore_i7-8700b_firmwarecore_i5-9400f_firmwarexeon_e-2356g_firmwarecore_i7-8706g_firmwarecore_i3-10305t_firmwarecore_i5-7287uxeon_w-10855m_firmwarexeon_e-2146g_firmwarecore_i7-7660u_firmwarecore_i9-10850k_firmwarecore_i7-7920hqcore_i7-10700core_i5-6600_firmwarexeon_e-2126g_firmwarexeon_w-1350p_firmwarecore_i7-10610u_firmwareceleron_g4920_firmwareceleron_g3920_firmwarecore_i3-7020ucore_i5-11600k_firmwarecore_i3-8145u_firmwarecore_i5-8600k_firmwarexeon_e-2136xeon_w-1270pxeon_e-2378_firmwarecore_i3-8145ucore_i5-10400core_i3-7020u_firmwarecore_i7-7567uxeon_w-1250pcore_i7-8700kcore_i3-7130u_firmwarecore_i7-10870h_firmwarepentium_g4500t_firmwarecore_i7-7820eqcore_i3-6120tcore_i7-7820hqcore_i7-9700kceleron_g4920core_i7-11700kf_firmwarepentium_gold_g6405_firmwarepentium_g4420core_i7-6920hq_firmwarecore_i3-8109ucore_5405ucore_i5-8420tpentium_g4540core_i5-8200y_firmwarexeon_e-2144g_firmwarecore_i7-10700te_firmwarecore_i7-10700exeon_e3-1585l_v5core_i5-8350uceleron_g5305uxeon_e3-1275_v5core_i7-8750h_firmwarecore_i3-10100teceleron_g5205uxeon_e3-1558l_v5_firmwarepentium_gold_g5420t_firmwarecore_i5-10210u_firmwarexeon_e-2388gxeon_e-2226gcore_i5-7y57core_i7-6700teceleron_g5905tcore_i3-10100te_firmwarecore_i3-6120t_firmwarecore_i5-7260uxeon_e-2278gcore_i5-10600k_firmwarecore_i9-10900ecore_i5-8259u_firmwarexeon_e-2124core_i5-8250ucore_i5-8600xeon_e-2186g_firmwarepentium_g4540_firmwarecore_m3-8100y_firmwarecore_3965u_firmwarecore_i5-10500tecore_i7-6700_firmwarecore_i7-8559u_firmwarecore_i5-7500_firmwarecore_4205u_firmwarecore_i7-7500u_firmwarecore_i5-10210y_firmwarecore_i7-8700k_firmwarexeon_e-2184g_firmwarecore_i3-6100tecore_i3-8000core_i7-11700core_i5-11500celeron_g3900tecore_i7-8700bpentium_g4400t_firmwarecore_i5-10500tcore_i5-10600xeon_e3-1240l_v5_firmwarecore_i5-10500_firmwarexeon_e3-1501l_v6_firmwarexeon_e3-1260l_v5core_i5-10310ycore_i5-10310y_firmwarepentium_gold_g6500t_firmwarecore_i5-8259ucore_i5-11500t_firmwarexeon_e-2388g_firmwarepentium_gold_g6405ucore_i7-10700kxeon_e-2336xeon_e3-1575m_v5_firmwarexeon_e3-1225_v5core_i3-8109u_firmwarexeon_e-2186mxeon_e3-1558l_v5core_i5-11600t_firmwarecore_i9-9880hcore_i7-8705g_firmwarexeon_e-2286mcore_i5-7442eqxeon_w-1300core_i5-6400_firmwarecore_i3-8130ucore_i5-7500u_firmwarecore_i3-7167ucore_i3-8300tcore_i3-7340core_i5-11600tcore_i7-8650ucore_i5-10200hxeon_e3-1268l_v5xeon_e-2284gcore_i7-8705gcore_i9-9900kcore_i5-10400fxeon_e-2324g_firmwarecore_i7-7600uxeon_e-2278ge_firmwarecore_i3-7100epentium_gold_g6400_firmwarexeon_w-10855core_i5-9400_firmwarecore_i7-7510u_firmwarexeon_e3-1535m_v6core_i3-7101exeon_w-10885m_firmwarexeon_e-2276m_firmwarecore_i5-8400t_firmwarecore_i5-8400hxeon_e-2286m_firmwarexeon_e3-1245_v5core_i3-7120xeon_e3-1501m_v6_firmwarecore_i7-9750hfxeon_e-2176g_firmwarecore_i7-7820hkcore_i5-9300h_firmwarexeon_e-2254mlcore_i5-8305gcore_i3-6100celeron_g5900xeon_w-1390celeron_g3930tecore_i7-11700t_firmwarecore_i5-7400tcore_i5-11600core_i7-8750hcore_i3-6100tcore_i7-11700fcore_i7-8665ucore_i3-10305tcore_i5-7210u_firmwarexeon_e3-1275_v6_firmwarecore_i5-8300hxeon_w-1370_firmwarecore_i3-7101te_firmwarecore_i5-7440eq_firmwarecore_i5-8420core_i5-7360u_firmwarecore_i3-8350kcore_i5-10600kcore_i7-10850hcore_i3-7120tcore_i3-8120_firmwarecore_i7-8560u_firmwarecore_i5-10500te_firmwarecore_i3-8020_firmwarexeon_w-1290e_firmwarecore_i5-7y54_firmwarecore_i3-10300t_firmwarexeon_e3-1280_v6_firmwarexeon_w-1390p_firmwarecore_i5-8550core_i3-10100f_firmwarecore_i9-10900f_firmwarecore_m3-8100ycore_i5-7267ucore_i5-8600kcore_i3-7100ucore_i5-6442eqcore_i7-8700tcore_i7-6700k_firmwarecore_i5-7260u_firmwarecore_i7-11700txeon_e3-1245_v5_firmwarecore_i5-7300u_firmwarecore_i7-8700t_firmwarecore_i7-10700e_firmwarecore_i5-6500te_firmwarecore_i3-7120t_firmwarecore_i5-8600t_firmwarecore_i7-6700kcore_i7-6970hqcore_i3-7340_firmwarecore_i7-6822eqcore_i5-8500xeon_e-2184gcore_i9-11900tcore_i5-9400h_firmwarecore_i5-8210ycore_i5-10400f_firmwarepentium_g4420_firmwarecore_i7-8565u_firmwarecore_i7-8569ucore_i5-11400t_firmwarecore_i7-10700t_firmwarecore_i7-7700txeon_e3-1240_v5xeon_e-2336_firmwarexeon_w-1290tceleron_g3930te_firmwarecore_i7-8809gcore_i5-8500tcore_i3-10105_firmwarecore_i7-8650u_firmwarexeon_e3-1501m_v6core_i5-6400t_firmwarecore_i3-6300_firmwarecore_i7-10850h_firmwarexeon_e3-1535m_v5_firmwarexeon_e-2314core_i3-7110ucore_i5-6400tcore_i3-10305pentium_g4400tecore_i3-6100h_firmwarecore_i7-8700_firmwarexeon_w-1390pcore_i3-8300_firmwarecore_i5-8650_firmwareceleron_g3920tcore_i5-10505core_i7-6700core_i7-6820eqcore_i7-6920hqpentium_g4400tcore_i7-6820hkcore_i7-7560u_firmwarecore_i5-7600kpentium_g4400core_m3-7y30_firmwarecore_i7-10710ucore_i5-10210ycore_i5-10300hcore_i5-8350u_firmwarexeon_e-2276g_firmwarecore_i3-8020celeron_g5920_firmwareceleron_g3930e_firmwarexeon_e-2224pentium_gold_g6500xeon_e-2124_firmwareceleron_5305ucore_i7-11700f_firmwarexeon_w-1250_firmwarecore_i5-7500t_firmwarecore_i9-10900fceleron_g4900xeon_e-2278gelxeon_e3-1245_v6xeon_e-2378gcore_i3-8100tcore_i5-10200h_firmwarecore_i3-6100_firmwarecore_4410ycore_i9-10980hk_firmwarecore_i7-8670tcore_i5-10400_firmwarecore_i5-6600k_firmwarecore_i7-6700hq_firmwarexeon_e-2104gcore_i3-7102epentium_gold_g6505t_firmwarexeon_e3-1268l_v5_firmwarecore_4415y_firmwarexeon_e-2276gceleron_g5305u_firmwareceleron_g3900_firmwarecore_i7-10700fcore_i5-9600k_firmwarecore_i9-10900k_firmwarecore_i7-8750hf_firmwareIntel(R) Processors
CWE ID-CWE-20
Improper Input Validation
CVE-2018-14775
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 13.31%
||
7 Day CHG~0.00%
Published-01 Aug, 2018 | 06:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service (system crash) due to incorrect I/O port access control on the i386 architecture.

Action-Not Available
Vendor-n/aOpenBSD
Product-openbsdn/a
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found