Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2016-9385

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-23 Jan, 2017 | 21:00
Updated At-06 Aug, 2024 | 02:50
Rejected At-
Credits

The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:23 Jan, 2017 | 21:00
Updated At:06 Aug, 2024 | 02:50
Rejected At:
▼CVE Numbering Authority (CNA)

The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.gentoo.org/glsa/201612-56
vendor-advisory
x_refsource_GENTOO
http://www.securityfocus.com/bid/94472
vdb-entry
x_refsource_BID
http://www.securitytracker.com/id/1037342
vdb-entry
x_refsource_SECTRACK
https://support.citrix.com/article/CTX218775
x_refsource_CONFIRM
http://xenbits.xen.org/xsa/advisory-193.html
x_refsource_CONFIRM
Hyperlink: https://security.gentoo.org/glsa/201612-56
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://www.securityfocus.com/bid/94472
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.securitytracker.com/id/1037342
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://support.citrix.com/article/CTX218775
Resource:
x_refsource_CONFIRM
Hyperlink: http://xenbits.xen.org/xsa/advisory-193.html
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.gentoo.org/glsa/201612-56
vendor-advisory
x_refsource_GENTOO
x_transferred
http://www.securityfocus.com/bid/94472
vdb-entry
x_refsource_BID
x_transferred
http://www.securitytracker.com/id/1037342
vdb-entry
x_refsource_SECTRACK
x_transferred
https://support.citrix.com/article/CTX218775
x_refsource_CONFIRM
x_transferred
http://xenbits.xen.org/xsa/advisory-193.html
x_refsource_CONFIRM
x_transferred
Hyperlink: https://security.gentoo.org/glsa/201612-56
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://www.securityfocus.com/bid/94472
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.securitytracker.com/id/1037342
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://support.citrix.com/article/CTX218775
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://xenbits.xen.org/xsa/advisory-193.html
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:23 Jan, 2017 | 21:59
Updated At:13 May, 2026 | 00:24

The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.06.0MEDIUM
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Primary2.04.9MEDIUM
AV:L/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.0
Base score: 6.0
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 4.9
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Xen Project
xen
>>xen>>4.4.0
cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*
Xen Project
xen
>>xen>>4.4.1
cpe:2.3:o:xen:xen:4.4.1:*:*:*:*:*:*:*
Xen Project
xen
>>xen>>4.4.2
cpe:2.3:o:xen:xen:4.4.2:*:*:*:*:*:*:*
Xen Project
xen
>>xen>>4.4.3
cpe:2.3:o:xen:xen:4.4.3:*:*:*:*:*:*:*
Xen Project
xen
>>xen>>4.4.4
cpe:2.3:o:xen:xen:4.4.4:*:*:*:*:*:*:*
Xen Project
xen
>>xen>>4.5.0
cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*
Xen Project
xen
>>xen>>4.5.1
cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*
Xen Project
xen
>>xen>>4.5.2
cpe:2.3:o:xen:xen:4.5.2:*:*:*:*:*:*:*
Xen Project
xen
>>xen>>4.5.3
cpe:2.3:o:xen:xen:4.5.3:*:*:*:*:*:*:*
Xen Project
xen
>>xen>>4.5.5
cpe:2.3:o:xen:xen:4.5.5:*:*:*:*:*:*:*
Xen Project
xen
>>xen>>4.6.0
cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*
Xen Project
xen
>>xen>>4.6.1
cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*
Xen Project
xen
>>xen>>4.6.3
cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*
Xen Project
xen
>>xen>>4.6.4
cpe:2.3:o:xen:xen:4.6.4:*:*:*:*:*:*:*
Xen Project
xen
>>xen>>4.7.0
cpe:2.3:o:xen:xen:4.7.0:*:*:*:*:*:*:*
Xen Project
xen
>>xen>>4.7.1
cpe:2.3:o:xen:xen:4.7.1:*:*:*:*:*:*:*
Citrix (Cloud Software Group, Inc.)
citrix
>>xenserver>>6.0.2
cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*
Citrix (Cloud Software Group, Inc.)
citrix
>>xenserver>>6.2.0
cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*
Citrix (Cloud Software Group, Inc.)
citrix
>>xenserver>>6.5
cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*
Citrix (Cloud Software Group, Inc.)
citrix
>>xenserver>>7.0
cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/94472cve@mitre.org
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037342cve@mitre.org
Third Party Advisory
VDB Entry
http://xenbits.xen.org/xsa/advisory-193.htmlcve@mitre.org
Patch
Vendor Advisory
https://security.gentoo.org/glsa/201612-56cve@mitre.org
N/A
https://support.citrix.com/article/CTX218775cve@mitre.org
Patch
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/94472af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037342af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://xenbits.xen.org/xsa/advisory-193.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
https://security.gentoo.org/glsa/201612-56af854a3a-2127-422b-91ae-364da2661108
N/A
https://support.citrix.com/article/CTX218775af854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/94472
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1037342
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://xenbits.xen.org/xsa/advisory-193.html
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: https://security.gentoo.org/glsa/201612-56
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://support.citrix.com/article/CTX218775
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/94472
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1037342
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://xenbits.xen.org/xsa/advisory-193.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: https://security.gentoo.org/glsa/201612-56
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://support.citrix.com/article/CTX218775
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
VDB Entry

Change History

0
Information is not available yet

Similar CVEs

254Records found
CVE-2016-6243
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.18%
||
7 Day CHG~0.00%
Published-07 Mar, 2017 | 16:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call.

Action-Not Available
Vendor-n/aOpenBSD
Product-openbsdn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-4706
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.06%
||
7 Day CHG~0.00%
Published-25 Sep, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cd9660 in Apple OS X before 10.12 allows local users to cause a denial of service via unspecified vectors.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-2841
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6||MEDIUM
EPSS-0.06% / 18.79%
||
7 Day CHG~0.00%
Published-16 Jun, 2016 | 18:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via crafted values for the PSTART and PSTOP registers, involving ring buffer control.

Action-Not Available
Vendor-n/aCanonical Ltd.QEMU
Product-ubuntu_linuxqemun/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7509
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.08% / 24.16%
||
7 Day CHG~0.00%
Published-28 Dec, 2015 | 11:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7847
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 6.15%
||
7 Day CHG~0.00%
Published-02 Apr, 2017 | 20:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei MBB (Mobile Broadband) product E3272s with software versions earlier than E3272s-153TCPU-V200R002B491D09SP00C00 has a Denial of Service (DoS) vulnerability. An attacker could send a malicious packet to the Common Gateway Interface (CGI) of a target device and make it fail while setting the port attribute, which causes a DoS attack.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-e3272se3272s_firmwareE3272s Versions earlier than E3272s-153TCPU-V200R002B491D09SP00C00
CWE ID-CWE-20
Improper Input Validation
CVE-2021-33098
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 20.21%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:12
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_500_series_controllers_driverethernet_connection_x540ethernet_connection_x557ethernet_connection_x550Intel(R) Ethernet ixgbe driver for Linux
CWE ID-CWE-20
Improper Input Validation
CVE-2016-8944
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.91%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM AIX 7.1 and 7.2 allows a local user to open a file with a specially crafted argument that would crash the system. IBM APARs: IV91488, IV91487, IV91456, IV90234.

Action-Not Available
Vendor-IBM Corporation
Product-aixAIX
CWE ID-CWE-20
Improper Input Validation
CVE-2021-3038
Matching Score-4
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Palo Alto Networks, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.94%
||
7 Day CHG~0.00%
Published-20 Apr, 2021 | 03:15
Updated-16 Sep, 2024 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GlobalProtect App: Windows VPN kernel driver denial of service (DoS)

A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.8; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.4.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-globalprotectGlobalProtect App
CWE ID-CWE-248
Uncaught Exception
CWE ID-CWE-20
Improper Input Validation
CVE-2017-0318
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.94%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 23:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

All versions of NVIDIA Linux GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper validation of an input parameter may cause a denial of service on the system.

Action-Not Available
Vendor-FreeBSD FoundationOracle CorporationNVIDIA CorporationMicrosoft Corporation
Product-gpu_driversolariswindowsfreebsdLinux GPU Display Driver
CWE ID-CWE-20
Improper Input Validation
CVE-2018-0211
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.09% / 25.64%
||
7 Day CHG~0.00%
Published-08 Mar, 2018 | 07:00
Updated-02 Dec, 2024 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in specific CLI commands for the Cisco Identity Services Engine could allow an authenticated, local attacker to cause a denial of service (DoS) condition. The device may need to be manually rebooted to recover. The vulnerability is due to lack of proper input validation of the CLI user input for certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and issuing a crafted, malicious CLI command on the targeted device. A successful exploit could allow the attacker to cause a DoS condition. The attacker must have valid administrative privileges on the device to exploit this vulnerability. Cisco Bug IDs: CSCvf63414, CSCvh51992.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine
CWE ID-CWE-20
Improper Input Validation
CVE-2021-26321
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 29.96%
||
7 Day CHG~0.00%
Published-16 Nov, 2021 | 18:07
Updated-16 Sep, 2024 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient ID command validation in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-epyc_7543epyc_7502_firmwareepyc_7402epyc_7262_firmwareepyc_7371_firmwareepyc_7443_firmwareepyc_7402pepyc_7451epyc_7261epyc_7282_firmwareepyc_7343epyc_7252_firmwareepyc_7543_firmwareepyc_7f32epyc_7542_firmwareepyc_7551_firmwareepyc_7763_firmwareepyc_7272_firmwareepyc_7713pepyc_7443epyc_7513epyc_7313p_firmwareepyc_7252epyc_7502pepyc_7232p_firmwareepyc_7702epyc_7351p_firmwareepyc_7302p_firmwareepyc_7453epyc_7642_firmwareepyc_7h12epyc_7452epyc_7513_firmwareepyc_7543p_firmwareepyc_7542epyc_7281_firmwareepyc_7413_firmwareepyc_7h12_firmwareepyc_7601epyc_7302epyc_7232pepyc_7643_firmwareepyc_7f52epyc_7663epyc_7552_firmwareepyc_75f3epyc_7371epyc_72f3_firmwareepyc_7f72epyc_7f32_firmwareepyc_7662epyc_7f72_firmwareepyc_7662_firmwareepyc_7502epyc_75f3_firmwareepyc_7642epyc_7451_firmwareepyc_7343_firmwareepyc_7532_firmwareepyc_7551epyc_7281epyc_7502p_firmwareepyc_7413epyc_7301epyc_7551pepyc_7313pepyc_7313epyc_7351pepyc_7551p_firmwareepyc_7663_firmwareepyc_7601_firmwareepyc_7351_firmwareepyc_7251epyc_7532epyc_7552epyc_7302pepyc_7702p_firmwareepyc_74f3_firmwareepyc_7352epyc_7302_firmwareepyc_7763epyc_7401epyc_7713_firmwareepyc_7402_firmwareepyc_7742epyc_7713p_firmwareepyc_7272epyc_73f3_firmwareepyc_7702pepyc_7f52_firmwareepyc_7262epyc_7713epyc_7443p_firmwareepyc_7251_firmwareepyc_7401_firmwareepyc_72f3epyc_7643epyc_7452_firmwareepyc_7402p_firmwareepyc_7351epyc_7261_firmwareepyc_7543pepyc_7313_firmwareepyc_7443pepyc_7742_firmwareepyc_7453_firmwareepyc_7282epyc_7501epyc_7501_firmwareepyc_7702_firmwareepyc_7352_firmwareepyc_74f3epyc_7301_firmwareepyc_73f32nd Gen AMD EPYC™3rd Gen AMD EPYC™1st Gen AMD EPYC™
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2021-26351
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.13% / 31.29%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 17:18
Updated-16 Sep, 2024 | 22:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA (Direct Memory Access) read/write from/to invalid DRAM address that could result in denial of service.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-ryzen_3_3300x_firmwareryzen_5_5600hryzen_threadripper_pro_5945wx_firmwareryzen_3_3100_firmwareryzen_threadripper_2950x_firmwareryzen_3_5425cryzen_9_3900xryzen_3_3300g_firmwareryzen_3_5425u_firmwareryzen_5_3450gryzen_5_5600uryzen_9_5980hxryzen_threadripper_pro_5975wxryzen_7_5800hsryzen_threadripper_pro_5955wx_firmwareryzen_5_5600xryzen_9_5900hx_firmwareryzen_threadripper_pro_5995wxryzen_5_5600hsryzen_threadripper_2970wxryzen_7_5825uryzen_7_5825u_firmwareryzen_5_5625uryzen_5_5700geryzen_5_3600x_firmwareryzen_threadripper_2920x_firmwareryzen_5_3400gryzen_3_5125cryzen_threadripper_3960x_firmwareryzen_7_3800x_firmwareryzen_threadripper_3960xryzen_threadripper_2950xryzen_5_5700gryzen_threadripper_pro_3975wxryzen_9_5900hs_firmwareryzen_5_5560uryzen_threadripper_pro_3945wx_firmwareryzen_5_5600u_firmwareryzen_threadripper_pro_5945wxryzen_5_3600xryzen_3_3100ryzen_threadripper_pro_5975wx_firmwareryzen_threadripper_2970wx_firmwareryzen_9_3950x_firmwareryzen_threadripper_pro_3995wxryzen_9_5900hsryzen_5_5700g_firmwareryzen_9_5980hsryzen_threadripper_2920xryzen_threadripper_pro_3955wxryzen_3_5125c_firmwareryzen_7_5800u_firmwareryzen_9_3900x_firmwareryzen_7_5825c_firmwareryzen_7_5800h_firmwareryzen_threadripper_pro_5965wx_firmwareryzen_3_3300xryzen_7_3700xryzen_5_5625c_firmwareryzen_3_5425uryzen_5_5700ge_firmwareryzen_5_5625cryzen_threadripper_pro_3955wx_firmwareryzen_5_5560u_firmwareryzen_9_5980hx_firmwareryzen_threadripper_pro_3995wx_firmwareryzen_3_5400uryzen_5_3450g_firmwareryzen_7_5825cryzen_7_5800uryzen_threadripper_pro_5965wxryzen_9_5900hxryzen_threadripper_3990x_firmwareryzen_5_5600x_firmwareryzen_9_5980hs_firmwareryzen_7_3700x_firmwareryzen_threadripper_3990xryzen_9_3950xryzen_5_5600hs_firmwareryzen_5_3400g_firmwareryzen_threadripper_2990wxryzen_threadripper_3970xryzen_3_5425c_firmwareryzen_5_5600h_firmwareryzen_threadripper_pro_5955wxryzen_3_3300gryzen_7_5800hryzen_3_5400u_firmwareryzen_threadripper_3970x_firmwareryzen_5_3600ryzen_threadripper_pro_3945wxryzen_7_5800hs_firmwareryzen_threadripper_pro_3975wx_firmwareryzen_7_3800xryzen_threadripper_pro_5995wx_firmwareryzen_5_5625u_firmwareryzen_5_3600_firmwareryzen_threadripper_2990wx_firmwareAthlon™ SeriesRyzen™ Series
CWE ID-CWE-20
Improper Input Validation
CVE-2021-26373
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 11.93%
||
7 Day CHG~0.00%
Published-11 May, 2022 | 16:27
Updated-16 Sep, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-ryzen_9_5900xepyc_7502_firmwareepyc_7402epyc_7262_firmwareepyc_7282_firmwareepyc_7f32epyc_7272_firmwareepyc_7713pepyc_7573xryzen_3_3100_firmwareepyc_7513ryzen_threadripper_2950x_firmwareryzen_9_5900x_firmwareryzen_5_2500uepyc_7232p_firmwareepyc_7702ryzen_threadripper_pro_5955wx_firmwareryzen_5_5600xryzen_threadripper_pro_5995wxepyc_7453ryzen_3_2300uepyc_7373xepyc_7513_firmwareepyc_7542epyc_7413_firmwareryzen_threadripper_3960x_firmwareryzen_7_5800x3d_firmwareryzen_threadripper_3960xryzen_threadripper_2950xryzen_5_2700_firmwareryzen_threadripper_pro_3975wxepyc_7643_firmwareryzen_threadripper_1950x_firmwareepyc_7f52epyc_75f3ryzen_threadripper_pro_5945wxepyc_7373x_firmwareryzen_5_2500u_firmwareepyc_7f32_firmwareryzen_3_3100epyc_7502epyc_7662_firmwareepyc_7f72_firmwareepyc_75f3_firmwareepyc_7473x_firmwareepyc_7343_firmwareryzen_3_2200u_firmwareryzen_threadripper_1900x_firmwareryzen_3_2200uepyc_7313pryzen_7_5700gryzen_threadripper_2920xepyc_7573x_firmwareryzen_7_2700x_firmwareryzen_7_2700ryzen_threadripper_pro_5965wx_firmwareryzen_3_3300xepyc_7352ryzen_5_2600hepyc_7713_firmwareepyc_7742ryzen_5_5500epyc_7272ryzen_7_2700uepyc_7713epyc_7443p_firmwareryzen_5_5600_firmwareryzen_7_5800xryzen_7_2800hepyc_7773xryzen_threadripper_3990x_firmwareryzen_5_2600x_firmwareryzen_5_5600x_firmwareryzen_7_5800x3dryzen_threadripper_3990xryzen_7_2700_firmwareryzen_threadripper_pro_5955wxepyc_7742_firmwareryzen_9_5950xryzen_5_5500_firmwareryzen_threadripper_2990wx_firmwareryzen_3_3200u_firmwareryzen_3_3300x_firmwareepyc_7402pepyc_7343epyc_7252_firmwareryzen_threadripper_1920x_firmwareepyc_7542_firmwareepyc_7763_firmwareryzen_threadripper_pro_5945wx_firmwareryzen_5_5600gepyc_7313p_firmwareepyc_7252epyc_7502pryzen_threadripper_1900xryzen_threadripper_pro_5975wxepyc_7302p_firmwareryzen_3_2300u_firmwareryzen_9_5950x_firmwareepyc_7642_firmwareryzen_threadripper_2970wxepyc_7452ryzen_7_5800x_firmwareepyc_7543p_firmwareryzen_5_2600xryzen_7_2700u_firmwareryzen_threadripper_2920x_firmwareepyc_7302ryzen_5_2700ryzen_7_2800h_firmwareepyc_7232pryzen_threadripper_1950xryzen_threadripper_pro_3945wx_firmwareepyc_7663epyc_7552_firmwareepyc_7773x_firmwareepyc_72f3_firmwareepyc_7f72epyc_7662ryzen_7_5700g_firmwareepyc_7642epyc_7473xryzen_threadripper_2970wx_firmwareryzen_threadripper_pro_5975wx_firmwareepyc_7532_firmwareryzen_threadripper_pro_3995wxepyc_7502p_firmwareepyc_7413ryzen_7_2700xryzen_7_5700x_firmwareepyc_7663_firmwareryzen_threadripper_pro_3955wxryzen_3_3200uepyc_7552epyc_7302pepyc_7702p_firmwareryzen_3_3300epyc_74f3_firmwareepyc_7302_firmwareepyc_7763ryzen_threadripper_pro_3955wx_firmwareepyc_7402_firmwareepyc_7713p_firmwareryzen_threadripper_1920xepyc_73f3_firmwareepyc_7702pryzen_threadripper_pro_3995wx_firmwareepyc_7f52_firmwareepyc_7262ryzen_5_2600h_firmwareryzen_threadripper_pro_5965wxryzen_3_3250uryzen_5_5600g_firmwareepyc_72f3epyc_7643epyc_7402p_firmwareepyc_7452_firmwareryzen_threadripper_2990wxryzen_5_5600ryzen_threadripper_3970xepyc_7543pepyc_7443pryzen_threadripper_3970x_firmwareryzen_threadripper_pro_3945wxryzen_3_3250u_firmwareepyc_7453_firmwareryzen_threadripper_pro_3975wx_firmwareepyc_7282ryzen_threadripper_pro_5995wx_firmwareepyc_7702_firmwareepyc_7352_firmwareepyc_74f3epyc_7532ryzen_7_5700xepyc_73f3Athlon™ SeriesRyzen™ SeriesEPYC™ Processors
CWE ID-CWE-20
Improper Input Validation
CVE-2021-25489
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-3.3||LOW
EPSS-0.36% / 58.39%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:10
Updated-30 Oct, 2025 | 15:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-07-20||Apply updates per vendor instructions or discontinue use of the product if updates are unavailable

Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.

Action-Not Available
Vendor-Google LLCSamsung ElectronicsSamsung
Product-androidSamsung Mobile DevicesMobile Devices
CWE ID-CWE-134
Use of Externally-Controlled Format String
CWE ID-CWE-20
Improper Input Validation
CVE-2021-25452
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 5.61%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 18:04
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper input validation vulnerability in loading graph file in DSP driver prior to SMR Sep-2021 Release 1 allows attackers to perform permanent denial of service on the device.

Action-Not Available
Vendor-Google LLCSamsungSamsung Electronics
Product-androidexynos_9830exynos_980exynos_2100Samsung Mobile Devices
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-20
Improper Input Validation
CVE-2014-3880
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 14.72%
||
7 Day CHG~0.00%
Published-10 Jun, 2014 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The (1) execve and (2) fexecve system calls in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 10.0 before p4 destroys the virtual memory address space and mappings for a process before all threads have terminated, which allows local users to cause a denial of service (triple-fault and system reboot) via a crafted system call, which triggers an invalid page table pointer dereference.

Action-Not Available
Vendor-n/aFreeBSD Foundation
Product-freebsdn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2039
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.04% / 11.21%
||
7 Day CHG~0.00%
Published-28 Feb, 2014 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the s390 platform does not properly handle attempted use of the linkage stack, which allows local users to cause a denial of service (system crash) by executing a crafted instruction.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-1874
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 17.20%
||
7 Day CHG~0.00%
Published-28 Feb, 2014 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, IncSUSE
Product-linux_enterprise_serverubuntu_linuxlinux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-0373
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 22.48%
||
7 Day CHG~0.00%
Published-21 Jun, 2018 | 11:00
Updated-29 Nov, 2024 | 14:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in vpnva-6.sys for 32-bit Windows and vpnva64-6.sys for 64-bit Windows of Cisco AnyConnect Secure Mobility Client for Windows Desktop could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to improper validation of user-supplied data. An attacker could exploit this vulnerability by sending a malicious request to the application. A successful exploit could allow the attacker to cause a DoS condition on the affected system. Cisco Bug IDs: CSCvj47654.

Action-Not Available
Vendor-n/aCisco Systems, Inc.Microsoft Corporation
Product-windowsanyconnect_secure_mobility_clientCisco AnyConnect Secure Mobility Client unknown
CWE ID-CWE-20
Improper Input Validation
CVE-2017-17862
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 23.03%
||
7 Day CHG~0.00%
Published-23 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-linux_kerneldebian_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-3705
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-22 Dec, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR5 on Windows allows local users to cause a denial of service (bugcheck and BSOD) via an IOCTL call for an invalid IOCTL.

Action-Not Available
Vendor-n/aNovell
Product-clientn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-1450
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 18.14%
||
7 Day CHG~0.00%
Published-24 Feb, 2021 | 19:31
Updated-08 Nov, 2024 | 23:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco AnyConnect Secure Mobility Client Denial of Service Vulnerability

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending one or more crafted IPC messages to the AnyConnect process on an affected device. A successful exploit could allow the attacker to stop the AnyConnect process, causing a DoS condition on the device. Note: The process under attack will automatically restart so no action is needed by the user or admin.

Action-Not Available
Vendor-Linux Kernel Organization, IncCisco Systems, Inc.Apple Inc.Microsoft Corporation
Product-windowsmacoslinux_kernelanyconnect_secure_mobility_clientCisco AnyConnect Secure Mobility Client
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0418
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.97%
||
7 Day CHG~0.00%
Published-18 Aug, 2021 | 14:43
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05336706.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidMT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0350
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 4.36%
||
7 Day CHG~0.00%
Published-04 Feb, 2021 | 17:10
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ged, there is a possible system crash due to an improper input validation. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID: ALPS05342338.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0417
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.97%
||
7 Day CHG~0.00%
Published-18 Aug, 2021 | 14:43
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05336702.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidMT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-330
Use of Insufficiently Random Values
CVE-2021-0419
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.97%
||
7 Day CHG~0.00%
Published-18 Aug, 2021 | 14:44
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05336713.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidMT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0416
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.97%
||
7 Day CHG~0.00%
Published-18 Aug, 2021 | 14:43
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05336700.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidMT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893
CWE ID-CWE-20
Improper Input Validation
CVE-2020-8095
Matching Score-4
Assigner-Bitdefender
ShareView Details
Matching Score-4
Assigner-Bitdefender
CVSS Score-4.9||MEDIUM
EPSS-0.15% / 34.72%
||
7 Day CHG~0.00%
Published-30 Jan, 2020 | 21:05
Updated-17 Sep, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Bitdefender Total Security Link Resolution Denial-of-Service Vulnerability

A vulnerability in the improper handling of junctions before deletion in Bitdefender Total Security 2020 can allow an attacker to to trigger a denial of service on the affected device.

Action-Not Available
Vendor-Bitdefender
Product-total_security_2020Bitdefender Total Security 2020
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE ID-CWE-20
Improper Input Validation
CVE-2012-6647
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 14.09%
||
7 Day CHG~0.00%
Published-26 May, 2014 | 22:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The futex_wait_requeue_pi function in kernel/futex.c in the Linux kernel before 3.5.1 does not ensure that calls have two different futex addresses, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted FUTEX_WAIT_REQUEUE_PI command.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-4411
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.1||HIGH
EPSS-0.04% / 13.31%
||
7 Day CHG~0.00%
Published-19 May, 2020 | 13:15
Updated-17 Sep, 2024 | 02:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system. To exploit this vulnerability, a local attacker could invoke a subset of ioctls on the Spectrum Scale device with non-valid arguments. This could allow the attacker to crash the kernel. IBM X-Force ID: 179986.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, Inc
Product-spectrum_scaleaixlinux_kernelSpectrum Scale
CWE ID-CWE-20
Improper Input Validation
CVE-2017-9242
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.13%
||
7 Day CHG~0.00%
Published-27 May, 2017 | 00:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8704
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.23% / 45.77%
||
7 Day CHG~0.00%
Published-13 Sep, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability".

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10windows_server_2016Windows Hyper-V
CWE ID-CWE-20
Improper Input Validation
CVE-2017-7261
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 28.80%
||
7 Day CHG~0.00%
Published-24 Mar, 2017 | 21:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-7262
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 17.95%
||
7 Day CHG~0.00%
Published-25 Mar, 2017 | 00:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The AMD Ryzen processor with AGESA microcode through 2017-01-27 allows local users to cause a denial of service (system hang) via an application that makes a long series of FMA3 instructions, as demonstrated by the Flops test suite.

Action-Not Available
Vendor-n/aAdvanced Micro Devices, Inc.
Product-ryzenn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-2372
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 14.71%
||
7 Day CHG~0.00%
Published-02 Jul, 2008 | 16:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux kernel 2.6.24 and 2.6.25 before 2.6.25.9 allows local users to cause a denial of service (memory consumption) via a large number of calls to the get_user_pages function, which lacks a ZERO_PAGE optimization and results in allocation of "useless newly zeroed pages."

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-18292
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 16.59%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Secure app running in non secure space can restart TZ by calling Widevine app API repeatedly in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820asd_412msm8996au_firmwaresd_415sd_616sd_425sd_430_firmwaresd_615sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaresd_210msm8996ausd_820_firmwaresd_650sd_820sd_450_firmwaresd_800sd_410sd_617sd_820a_firmwaresd_652sd_425_firmwaresd_212_firmwaresd_800_firmwaresd_625_firmwaresd_450sd_412_firmwaresd_430sd_810sd_410_firmwaresd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-20
Improper Input Validation
CVE-2017-18221
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 27.24%
||
7 Day CHG~0.00%
Published-07 Mar, 2018 | 08:00
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-1090
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 18.79%
||
7 Day CHG~0.00%
Published-17 May, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

Action-Not Available
Vendor-n/aRed Hat, Inc.Linux Kernel Organization, IncSUSE
Product-linux_enterprise_desktoplinux_enterprise_high_availability_extensionlinux_enterprise_serverenterprise_mrglinux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-0723
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.07% / 20.16%
||
7 Day CHG~0.00%
Published-30 Jul, 2012 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted application.

Action-Not Available
Vendor-n/aIBM Corporation
Product-viosaixn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-18200
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.80%
||
7 Day CHG~0.00%
Published-26 Feb, 2018 | 03:00
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The f2fs implementation in the Linux kernel before 4.14 mishandles reference counts associated with f2fs_wait_discard_bios calls, which allows local users to cause a denial of service (BUG), as demonstrated by fstrim.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-2518
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 14.80%
||
7 Day CHG~0.00%
Published-24 May, 2012 | 23:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The tomoyo_mount_acl function in security/tomoyo/mount.c in the Linux kernel before 2.6.39.2 calls the kern_path function with arguments taken directly from a mount system call, which allows local users to cause a denial of service (OOPS) or possibly have unspecified other impact via a NULL value for the device name.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-4398
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.12% / 30.76%
||
7 Day CHG~0.00%
Published-18 Feb, 2013 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-3960
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-4.9||MEDIUM
EPSS-1.48% / 81.10%
||
7 Day CHG~0.00%
Published-16 Dec, 2010 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows guest OS users to cause a denial of service (host OS hang) by sending a crafted encapsulated packet over the VMBus, aka "Hyper-V VMBus Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_server_2008n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-0238
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-4.9||MEDIUM
EPSS-1.01% / 77.27%
||
7 Day CHG~0.00%
Published-14 Apr, 2010 | 15:44
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in registry-key validation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Registry Key Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_vistawindows_xpwindows_2000windows_2003_serverwindows_server_2003n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2009-1914
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.08% / 23.86%
||
7 Day CHG~0.00%
Published-04 Jun, 2009 | 16:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause a denial of service (system crash) by reading the /proc/iomem file, related to uninitialized pointers and the request_resource function.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-3477
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 17.22%
||
7 Day CHG~0.00%
Published-19 Feb, 2018 | 19:00
Updated-06 Aug, 2024 | 23:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors.

Action-Not Available
Vendor-n/aSymantec Corporation
Product-norton_360backup_exec_system_recoverynorton_ghostsystem_recovery_2011n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-28188
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.98%
||
7 Day CHG~0.00%
Published-17 May, 2022 | 19:15
Updated-03 Aug, 2024 | 05:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product receives input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly, which may lead to denial of service.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-windowsvirtual_gpugpu_display_driverNVIDIA GPU Display Driver
CWE ID-CWE-20
Improper Input Validation
CVE-2022-21136
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 16.72%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:35
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_gold_5215xeon_silver_4109txeon_bronze_3106_firmwarecore_i9-7900xxeon_bronze_3106xeon_platinum_8260ycore_i9-7920xxeon_d-2173it_firmwarexeon_d-2145nt_firmwarexeon_platinum_8153xeon_silver_4108_firmwarecore_i9-7960x_firmwarexeon_platinum_8260y_firmwarexeon_gold_5218txeon_gold_6126_firmwarexeon_platinum_8280_firmwarexeon_gold_5218nxeon_d-2163it_firmwarexeon_silver_4209t_firmwarexeon_gold_6250lxeon_gold_6209uxeon_bronze_3104_firmwarexeon_platinum_8253xeon_d-2146nt_firmwarexeon_gold_6252nxeon_silver_4214yxeon_platinum_8156xeon_gold_6142fxeon_d-2177ntxeon_platinum_8158xeon_platinum_8270_firmwarexeon_gold_6230txeon_silver_4210rxeon_platinum_8280xeon_platinum_8180_firmwarexeon_gold_6238l_firmwarexeon_gold_5220t_firmwarexeon_gold_6252xeon_gold_5220rxeon_gold_6246xeon_gold_6226r_firmwarexeon_silver_4214rxeon_silver_4116_firmwarexeon_silver_4210r_firmwarexeon_gold_6256_firmwarexeon_gold_5122_firmwarexeon_platinum_9221xeon_gold_6230rxeon_d-2142itxeon_platinum_9222_firmwarexeon_gold_6132_firmwarexeon_d-2187ntxeon_silver_4116txeon_silver_4208xeon_gold_6150_firmwarexeon_gold_6210u_firmwarexeon_gold_6126txeon_silver_4116xeon_silver_4210t_firmwarexeon_gold_5218t_firmwarexeon_silver_4112xeon_gold_6140xeon_platinum_8160fxeon_platinum_8164xeon_platinum_8176fxeon_gold_5215lxeon_gold_5115_firmwarexeon_platinum_8168xeon_gold_6154_firmwarexeon_platinum_8168_firmwarexeon_gold_6126f_firmwarexeon_platinum_8253_firmwarexeon_gold_5120xeon_gold_6238xeon_gold_6240lxeon_gold_6248xeon_gold_6258rxeon_d-2145ntxeon_platinum_8176f_firmwarexeon_gold_6130fxeon_gold_6240l_firmwarexeon_platinum_8256xeon_platinum_9282xeon_d-2173itxeon_d-2161ixeon_d-2163itxeon_silver_4215_firmwarexeon_platinum_8160_firmwarexeon_gold_6254_firmwarexeon_gold_5220_firmwarexeon_d-2123itxeon_platinum_8160txeon_gold_6252_firmwarexeon_gold_6142xeon_gold_6230n_firmwarexeon_bronze_3206rxeon_silver_4208_firmwarexeon_gold_6148xeon_gold_6140_firmwarexeon_gold_6240xeon_d-2161i_firmwarexeon_gold_5220xeon_gold_6126fxeon_platinum_8256_firmwarexeon_gold_6144xeon_platinum_8160f_firmwarexeon_platinum_8170_firmwarexeon_gold_5218r_firmwarexeon_platinum_8176_firmwarexeon_platinum_8268xeon_gold_5118xeon_silver_4114txeon_gold_6240rxeon_silver_4214y_firmwarexeon_gold_6238_firmwarexeon_d-2143itxeon_silver_4209txeon_gold_6152_firmwarexeon_gold_6134_firmwarexeon_silver_4215rxeon_gold_6212ucore_i9-7980xe_firmwarexeon_silver_4215xeon_d-2177nt_firmwarexeon_gold_6230nxeon_gold_6126t_firmwarexeon_gold_6138pxeon_platinum_8160xeon_platinum_8280l_firmwarexeon_gold_5119txeon_gold_6148fxeon_gold_6208uxeon_gold_6130f_firmwarexeon_gold_6242_firmwarexeon_gold_6230r_firmwarexeon_gold_6242xeon_d-2142it_firmwarexeon_gold_6246_firmwarexeon_silver_4112_firmwarexeon_platinum_8260_firmwarexeon_gold_6230t_firmwarexeon_gold_6250_firmwarexeon_gold_5218_firmwarexeon_gold_6130xeon_platinum_8158_firmwarexeon_silver_4210txeon_gold_6244_firmwarexeon_gold_6138t_firmwarexeon_gold_6138_firmwarexeon_gold_6136xeon_platinum_8276_firmwarexeon_platinum_8276xeon_gold_6240_firmwarecore_i9-7960xxeon_gold_5220txeon_gold_6244xeon_gold_6242rxeon_platinum_9242_firmwarexeon_gold_6134xeon_gold_6226rxeon_gold_6258r_firmwarexeon_bronze_3204xeon_gold_6142_firmwarexeon_gold_6230_firmwarexeon_gold_5218b_firmwarexeon_gold_5218bxeon_gold_6248_firmwarexeon_d-2141ixeon_gold_6128xeon_gold_6146xeon_d-2141i_firmwarexeon_silver_4214r_firmwarexeon_silver_4108xeon_gold_6148f_firmwarexeon_gold_6254xeon_gold_5218rxeon_gold_6138p_firmwarexeon_gold_6240yxeon_platinum_8160t_firmwarexeon_gold_5218n_firmwarexeon_gold_6238lxeon_gold_6148_firmwarexeon_platinum_8156_firmwarexeon_gold_6246r_firmwarexeon_gold_6246rxeon_d-2183itxeon_d-2123it_firmwarexeon_gold_6130t_firmwarexeon_gold_6234_firmwarexeon_silver_4114_firmwarecore_i9-7940x_firmwarexeon_gold_6126core_i9-7940xcore_i9-7900x_firmwarexeon_gold_5220r_firmwarexeon_gold_5222xeon_gold_6256xeon_platinum_8260l_firmwarexeon_gold_6248rxeon_silver_4214xeon_gold_6130txeon_platinum_9222xeon_d-2187nt_firmwarexeon_gold_5220sxeon_platinum_8260xeon_platinum_8280lxeon_gold_5118_firmwarexeon_gold_5120t_firmwarexeon_d-2146ntxeon_gold_6138f_firmwarexeon_gold_6128_firmwarexeon_silver_4114xeon_gold_5119t_firmwarexeon_gold_5222_firmwarexeon_platinum_9242xeon_silver_4216xeon_platinum_8180xeon_platinum_8276lxeon_gold_6138txeon_gold_6238txeon_platinum_9221_firmwarexeon_gold_6240r_firmwarexeon_gold_6138xeon_gold_6212u_firmwarexeon_gold_6208u_firmwarexeon_gold_6146_firmwarexeon_gold_6138fcore_i9-7920x_firmwarexeon_gold_6209u_firmwarexeon_platinum_9282_firmwarexeon_gold_5120_firmwarexeon_platinum_8276l_firmwarexeon_gold_6250xeon_platinum_8260lxeon_platinum_8270xeon_gold_6248r_firmwarexeon_gold_6262v_firmwarexeon_gold_6226xeon_gold_6132xeon_silver_4214_firmwarexeon_platinum_8268_firmwarexeon_d-2166ntxeon_gold_6226_firmwarexeon_silver_4210xeon_gold_6250l_firmwarexeon_gold_6234xeon_gold_6142f_firmwarexeon_gold_6130_firmwarexeon_silver_4114t_firmwarexeon_gold_6136_firmwarexeon_gold_6252n_firmwarexeon_gold_6262vxeon_gold_6240y_firmwarexeon_gold_5215_firmwarexeon_gold_5220s_firmwarexeon_d-2143it_firmwarexeon_gold_6144_firmwarexeon_silver_4116t_firmwarexeon_silver_4210_firmwarexeon_gold_5218xeon_gold_6238rxeon_silver_4110_firmwarexeon_bronze_3204_firmwarexeon_silver_4109t_firmwarexeon_platinum_8170xeon_gold_6222v_firmwarexeon_gold_6154xeon_silver_4110xeon_bronze_3206r_firmwarexeon_gold_6238r_firmwarexeon_platinum_8176xeon_d-2166nt_firmwarexeon_silver_4215r_firmwarexeon_platinum_8164_firmwarexeon_bronze_3104xeon_gold_6242r_firmwarexeon_gold_6152xeon_gold_5217xeon_d-2183it_firmwarexeon_platinum_8153_firmwarexeon_gold_5120txeon_gold_6150core_i9-7980xexeon_gold_6210uxeon_gold_6222vxeon_silver_4216_firmwarexeon_gold_5115xeon_gold_5122xeon_gold_5215l_firmwarexeon_gold_6238t_firmwarexeon_gold_5217_firmwarexeon_gold_6230Intel(R) Xeon(R) Processors
CWE ID-CWE-20
Improper Input Validation
CVE-2022-21180
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 23.47%
||
7 Day CHG~0.00%
Published-15 Jun, 2022 | 20:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_e3-1565l_v5core_i7-6870hqxeon_e-2286gcore_i7-8670t_firmwarepentium_gold_g5500tcore_i7-7700t_firmwarecore_i3-10100core_i3-7320t_firmwarecore_i7-8850h_firmwarecore_i5-11400core_i7-10510yceleron_g5900t_firmwarexeon_e3-1220_v5core_i5-7y57_firmwarexeon_e-2174g_firmwarecore_i7-10710u_firmwarecore_i9-11900_firmwarexeon_e-2276ml_firmwarexeon_e3-1505m_v5_firmwarexeon_w-1270p_firmwarexeon_e3-1578l_v5_firmwarexeon_e-2246gcore_i9-10900_firmwarecore_i5-6350hqcore_i3-6300txeon_e-2374gcore_i5-8500t_firmwarecore_i7-9700k_firmwarexeon_e-2254ml_firmwarexeon_e-2236xeon_e3-1220_v5_firmwarexeon_e-2374g_firmwarecore_i7-8709g_firmwarepentium_gold_g6605pentium_gold_g6405u_firmwarepentium_gold_g5400tcore_i5-6500tcore_i5-7500core_i7-10875h_firmwarecore_i9-9900kf_firmwarecore_4415uxeon_e3-1545m_v5_firmwarecore_i3-6120core_i7-8709gcore_i5-7440hqxeon_w-10855mxeon_e-2278gepentium_gold_g5600_firmwarecore_i9-11900kfcore_i5-10600t_firmwarepentium_gold_g6505xeon_w-1270xeon_e3-1505l_v6xeon_e-2254me_firmwarecore_i7-11700k_firmwarecore_i5-10300h_firmwarepentium_gold_g6400core_i9-10900tpentium_gold_g5400_firmwarexeon_e-2126gcore_i5-8200ycore_i5-10500t_firmwarecore_i9-10900kcore_i5-10600_firmwarecore_i7-10700tecore_i7-8809g_firmwarecore_i5-11400fcore_i5-10400txeon_w-1290exeon_e3-1235l_v5core_i3-7110u_firmwarecore_5405u_firmwarecore_i7-6820eq_firmwareceleron_g5925_firmwarecore_i7-9700kfpentium_g4420t_firmwarepentium_g4520_firmwarecore_i5-7287u_firmwarexeon_w-1290te_firmwarecore_i3-8000tcore_i5-7600k_firmwarecore_i5-8305g_firmwarecore_i5-10110y_firmwarecore_i5-8650k_firmwarecore_i9-10900te_firmwarecore_i9-11900kcore_i3-8300t_firmwarecore_i3-7167u_firmwarecore_i5-10600kfxeon_w-10855_firmwarecore_i7-10700_firmwarepentium_gold_g6600_firmwarexeon_e-2146gcore_i9-10850hcore_i7-7820eq_firmwarecore_i5-8210y_firmwarecore_i5-9400fpentium_gold_g5420tcore_i7-10700kf_firmwarexeon_e-2286g_firmwarexeon_e3-1515m_v5core_i7-7560uceleron_g3920t_firmwarecore_i7-8550u_firmwarecore_i5-7600txeon_e-2284g_firmwarecore_i5-11600kfcore_i5-8365uceleron_g5900_firmwarexeon_e3-1260l_v5_firmwarexeon_e3-1240l_v5core_i5-9600kfpentium_g4500xeon_e-2288g_firmwarexeon_e-2276mxeon_e-2224gcore_i5-8600_firmwarecore_i5-8269ucore_i3-8100_firmwarepentium_g4500txeon_e3-1505m_v5core_i5-7600t_firmwarepentium_g4500_firmwarecore_i7-7510uxeon_e3-1535m_v6_firmwarecore_i7-10810ucore_i3-10300tcore_i7-7820hq_firmwarecore_i3-8100pentium_gold_g5500_firmwarepentium_gold_g5500t_firmwarexeon_e-2378g_firmwarecore_i9-11900core_i5-9600kcore_i5-8265ucore_i9-9900kfxeon_e-2246g_firmwarecore_i7-10700tcore_i5-8650core_i5-6300hqcore_i7-7600u_firmwarecore_i3-6120_firmwarecore_i7-9700kf_firmwarecore_i5-9300hcore_i7-10750hcore_i9-10850kceleron_g3920core_i5-6600t_firmwarecore_i3-7100e_firmwarecore_i5-8500bcore_3865u_firmwarepentium_gold_g6405xeon_e3-1225_v6_firmwarecore_i5-8250u_firmwarecore_i7-7820hk_firmwarexeon_w-1390_firmwarecore_4415ycore_i5-6600core_i3-8100hcore_i5-8400b_firmwarecore_i7-8706gceleron_g3940_firmwarepentium_gold_g6400tcore_i3-6300celeron_g3900core_i3-8120core_i5-7400t_firmwarecore_i9-11900fxeon_e3-1270_v5_firmwarecore_i5-8365u_firmwareceleron_g3902ecore_3865uxeon_w-1300_firmwarecore_i3-8130u_firmwarecore_i9-10885hcore_i7-8557ucore_i5-7440eqcore_i3-6320xeon_e-2386gcore_i3-8350k_firmwarecore_i5-11400_firmwarepentium_gold_g6605_firmwarexeon_e-2134core_i7-10750h_firmwarexeon_w-1290tecore_i7-8557u_firmwarecore_i5-6440eqcore_i9-10980hkxeon_e-2176mcore_i9-10900t_firmwarecore_i7-10700k_firmwarepentium_gold_g6505_firmwarecore_i5-11400f_firmwarecore_i3-10305_firmwarecore_i3-7100u_firmwarexeon_e-2274gcore_i3-10325_firmwarecore_i7-10510y_firmwarecore_i9-11900k_firmwareceleron_g5905t_firmwarexeon_e-2134_firmwarecore_i3-7007u_firmwarecore_i5-7267u_firmwarecore_i7-8500ycore_i5-7640x_firmwarecore_i9-11900t_firmwarexeon_e-2226g_firmwarepentium_g4520core_i5-7400_firmwarecore_i7-6700te_firmwarexeon_w-1370pentium_g4400_firmwareceleron_g3900te_firmwarexeon_e-2174gcore_i5-8600tcore_i7-8510y_firmwarexeon_e3-1585_v5_firmwarecore_i5-7200u_firmwarexeon_e3-1220_v6pentium_gold_g5420_firmwarecore_i7-7y75_firmwarepentium_gold_g6405t_firmwarexeon_e3-1220_v6_firmwareceleron_g3930ecore_i3-10320_firmwareceleron_g4900t_firmwarexeon_e-2176gxeon_e-2288gcore_i3-6100hcore_i7-7500uxeon_e-2274g_firmwarexeon_e3-1225_v6xeon_w-1370pcore_i3-6320t_firmwarexeon_e3-1280_v6core_i3-10320core_i5-8420t_firmwarepentium_gold_g5400xeon_e-2124g_firmwarecore_i3-10105fcore_i3-7120_firmwarexeon_w-1390t_firmwarexeon_e-2224_firmwarecore_i5-6400core_4415u_firmwarecore_i7-10875hcore_i5-6300hq_firmwarepentium_g4420tcore_i3-7101tecore_i7-7700core_i5-10400hcore_i5-6440eq_firmwarecore_i5-7300hqcore_i5-9600kf_firmwarecore_i5-10505_firmwarexeon_w-10885mxeon_e-2224g_firmwarexeon_e3-1505m_v6pentium_gold_g6500_firmwarecore_4410y_firmwarexeon_e3-1535m_v5core_i5-6600kcore_i5-10110yxeon_e3-1505m_v6_firmwarecore_i3-7007uxeon_e-2254mecore_i9-11900kf_firmwarexeon_e3-1505l_v5core_i7-8500y_firmwarecore_i7-6700t_firmwarecore_i7-6700tcore_i7-6822eq_firmwarecore_i5-6442eq_firmwarecore_i3-6102e_firmwarecore_i3-10105tcore_i9-9900k_firmwarecore_i7-6820hk_firmwarecore_i5-6500tecore_i7-10510u_firmwarecore_i7-7700_firmwarecore_i3-8100h_firmwareceleron_g5905_firmwarecore_i5-6500core_i3-10105t_firmwarecore_i5-10400h_firmwarecore_i9-10900kfcore_i9-9980hk_firmwarexeon_e-2144gcore_i3-10100tpentium_gold_g6600core_i7-7700hq_firmwarecore_i5-8300h_firmwarexeon_e3-1270_v6_firmwarecore_i9-9980hkcore_3965y_firmwarecore_i5-8500b_firmwarexeon_e-2244gcore_i3-6102exeon_w-1390tceleron_g3902e_firmwarecore_i7-6770hqcore_i7-10610uxeon_e3-1235l_v5_firmwarecore_i7-9850h_firmwarecore_i7-11700kfpentium_gold_g5420core_i7-11700_firmwarecore_i7-7740xcore_i7-7y75core_i7-8559ucore_i9-10850h_firmwarexeon_e3-1575m_v5core_i5-7210ucore_i5-8550_firmwarexeon_e-2124gcore_i5-11500tcore_i7-8670_firmwarecore_i7-8560ucore_i5-9400pentium_gold_g5600core_i3-6320_firmwarecore_i3-6100e_firmwarexeon_e3-1285_v6_firmwarexeon_w-1290t_firmwarecore_i3-10325xeon_e-2356gcore_i5-8500_firmwarecore_i7-8700core_i3-7130uxeon_e3-1585l_v5_firmwarecore_i5-8400xeon_e3-1585_v5core_i3-10105f_firmwarexeon_e-2334core_i5-7440hq_firmwarecore_i7-9850hcore_i5-7300hq_firmwarecore_i5-8650kxeon_w-1350core_i3-10110u_firmwarecore_i5-7600xeon_e3-1505l_v5_firmwarecore_i7-8750hfxeon_e3-1280_v5_firmwarexeon_w-1290core_i9-11900f_firmwarexeon_e-2186gxeon_e-2314_firmwarecore_i5-8310y_firmwarecore_i3-10110ucore_i7-8665u_firmwarecore_i9-10885h_firmwarexeon_e3-1280_v5core_i7-7567u_firmwarecore_i5-7442eq_firmwarecore_i5-11500_firmwarecore_i7-6770hq_firmwarecore_i7-8569u_firmwarecore_3965ycore_i5-8420_firmwarexeon_w-1350pcore_i9-10900xeon_e3-1230_v6_firmwarexeon_e3-1565l_v5_firmwarexeon_e3-1275_v6core_i5-7360uxeon_w-1250core_i5-7300ucore_i3-10300xeon_w-1290p_firmwareceleron_g5925core_i5-7600_firmwarecore_i5-6600tcore_i3-8100t_firmwarexeon_w-1250p_firmwarexeon_e3-1230_v5_firmwarecore_i5-6500t_firmwareceleron_g5920core_i3-7100h_firmwarecore_i7-8565ucore_i7-8670core_4205uxeon_e3-1578l_v5core_3965ucore_i5-8400_firmwarexeon_e-2104g_firmwarexeon_e-2234_firmwarecore_i7-7700kcore_i7-8510ycore_i7-10870hceleron_g3900t_firmwarecore_i7-10510ucore_i3-7320tcore_i3-6300t_firmwarecore_i3-10100fxeon_w-1290ppentium_gold_g5500core_i7-7920hq_firmwareceleron_5305u_firmwareceleron_g4900_firmwareceleron_g3940core_i5-8310ycore_i3-10300_firmwarecore_i5-6440hqcore_i7-9750hf_firmwarexeon_e-2324gcore_i7-6870hq_firmwarecore_i3-6100ecore_i5-7200uxeon_e3-1270_v5core_i3-8000t_firmwarecore_i5-8265u_firmwarecore_i7-6970hq_firmwarepentium_g4520t_firmwarexeon_e-2186m_firmwarecore_i7-6820hqcore_i5-10210ucore_i3-8000_firmwarexeon_e-2234pentium_gold_g5400t_firmwarecore_i5-10500core_i7-7740x_firmwarecore_i5-8400bpentium_gold_g6405tceleron_g5900tcore_i7-8850hcore_i3-7100hcore_i9-8950hk_firmwarecore_i5-8400h_firmwarecore_i5-11600_firmwarexeon_e3-1240_v6_firmwarecore_i5-10400t_firmwarecore_i5-6350hq_firmwarecore_i3-10100_firmwarecore_i9-8950hkxeon_e3-1230_v6core_i9-10900tecore_i5-11600kxeon_e3-1501l_v6xeon_e-2378core_i5-10600tcore_i5-10600kf_firmwarecore_i7-7700k_firmwarecore_i5-7640xcore_i5-7500uxeon_w-1290_firmwarexeon_e-2386g_firmwarexeon_e-2176m_firmwarecore_i5-9400hcore_i9-10900e_firmwarexeon_e-2278g_firmwarexeon_e3-1240_v6celeron_g5205u_firmwarexeon_e3-1230_v5xeon_e3-1240_v5_firmwarepentium_gold_g6505tcore_i7-7660uxeon_e3-1275_v5_firmwarexeon_e-2278gel_firmwarecore_i3-6320tcore_i7-7700hqcore_i7-6820hq_firmwarexeon_e-2236_firmwarexeon_e-2244g_firmwarepentium_gold_g6500tcore_i3-10100t_firmwarecore_i7-10700f_firmwarecore_m3-7y30core_i5-8269u_firmwarecore_i3-6100t_firmwarecore_i3-10105xeon_e3-1505l_v6_firmwarexeon_e3-1285_v6pentium_g4400te_firmwareceleron_g4900tceleron_g3900tcore_i5-11400tcore_i7-11700kcore_i9-10900kf_firmwarecore_i7-8550uxeon_e-2276mlxeon_e3-1225_v5_firmwarecore_i7-10810u_firmwarexeon_e3-1245_v6_firmwarexeon_w-1350_firmwarecore_i3-7101e_firmwarecore_i9-9880h_firmwarexeon_e3-1270_v6core_i7-6700hqxeon_e3-1545m_v5core_i5-6500_firmwarecore_i3-7102e_firmwarexeon_e3-1515m_v5_firmwarecore_i3-8300pentium_gold_g6400t_firmwarexeon_e-2334_firmwarexeon_e-2276me_firmwarepentium_g4520tcore_i7-10700kfcore_i5-8400tcore_i5-6440hq_firmwarecore_i5-7500tceleron_g5905xeon_w-1370p_firmwarecore_i5-11600kf_firmwarexeon_e-2136_firmwarexeon_w-1270_firmwarexeon_e-2276mecore_i5-7y54core_i5-7400core_i3-6100te_firmwarecore_i7-8700b_firmwarecore_i5-9400f_firmwarexeon_e-2356g_firmwarecore_i7-8706g_firmwarecore_i3-10305t_firmwarecore_i5-7287uxeon_w-10855m_firmwarexeon_e-2146g_firmwarecore_i7-7660u_firmwarecore_i9-10850k_firmwarecore_i7-7920hqcore_i7-10700core_i5-6600_firmwarexeon_e-2126g_firmwarexeon_w-1350p_firmwarecore_i7-10610u_firmwareceleron_g4920_firmwareceleron_g3920_firmwarecore_i3-7020ucore_i5-11600k_firmwarecore_i3-8145u_firmwarecore_i5-8600k_firmwarexeon_e-2136xeon_w-1270pxeon_e-2378_firmwarecore_i3-8145ucore_i5-10400core_i3-7020u_firmwarecore_i7-7567uxeon_w-1250pcore_i7-8700kcore_i3-7130u_firmwarecore_i7-10870h_firmwarepentium_g4500t_firmwarecore_i7-7820eqcore_i3-6120tcore_i7-7820hqcore_i7-9700kceleron_g4920core_i7-11700kf_firmwarepentium_gold_g6405_firmwarepentium_g4420core_i7-6920hq_firmwarecore_i3-8109ucore_5405ucore_i5-8420tpentium_g4540core_i5-8200y_firmwarexeon_e-2144g_firmwarecore_i7-10700te_firmwarecore_i7-10700exeon_e3-1585l_v5core_i5-8350uceleron_g5305uxeon_e3-1275_v5core_i7-8750h_firmwarecore_i3-10100teceleron_g5205uxeon_e3-1558l_v5_firmwarepentium_gold_g5420t_firmwarecore_i5-10210u_firmwarexeon_e-2388gxeon_e-2226gcore_i5-7y57core_i7-6700teceleron_g5905tcore_i3-10100te_firmwarecore_i3-6120t_firmwarecore_i5-7260uxeon_e-2278gcore_i5-10600k_firmwarecore_i9-10900ecore_i5-8259u_firmwarexeon_e-2124core_i5-8250ucore_i5-8600xeon_e-2186g_firmwarepentium_g4540_firmwarecore_m3-8100y_firmwarecore_3965u_firmwarecore_i5-10500tecore_i7-6700_firmwarecore_i7-8559u_firmwarecore_i5-7500_firmwarecore_4205u_firmwarecore_i7-7500u_firmwarecore_i5-10210y_firmwarecore_i7-8700k_firmwarexeon_e-2184g_firmwarecore_i3-6100tecore_i3-8000core_i7-11700core_i5-11500celeron_g3900tecore_i7-8700bpentium_g4400t_firmwarecore_i5-10500tcore_i5-10600xeon_e3-1240l_v5_firmwarecore_i5-10500_firmwarexeon_e3-1501l_v6_firmwarexeon_e3-1260l_v5core_i5-10310ycore_i5-10310y_firmwarepentium_gold_g6500t_firmwarecore_i5-8259ucore_i5-11500t_firmwarexeon_e-2388g_firmwarepentium_gold_g6405ucore_i7-10700kxeon_e-2336xeon_e3-1575m_v5_firmwarexeon_e3-1225_v5core_i3-8109u_firmwarexeon_e-2186mxeon_e3-1558l_v5core_i5-11600t_firmwarecore_i9-9880hcore_i7-8705g_firmwarexeon_e-2286mcore_i5-7442eqxeon_w-1300core_i5-6400_firmwarecore_i3-8130ucore_i5-7500u_firmwarecore_i3-7167ucore_i3-8300tcore_i3-7340core_i5-11600tcore_i7-8650ucore_i5-10200hxeon_e3-1268l_v5xeon_e-2284gcore_i7-8705gcore_i9-9900kcore_i5-10400fxeon_e-2324g_firmwarecore_i7-7600uxeon_e-2278ge_firmwarecore_i3-7100epentium_gold_g6400_firmwarexeon_w-10855core_i5-9400_firmwarecore_i7-7510u_firmwarexeon_e3-1535m_v6core_i3-7101exeon_w-10885m_firmwarexeon_e-2276m_firmwarecore_i5-8400t_firmwarecore_i5-8400hxeon_e-2286m_firmwarexeon_e3-1245_v5core_i3-7120xeon_e3-1501m_v6_firmwarecore_i7-9750hfxeon_e-2176g_firmwarecore_i7-7820hkcore_i5-9300h_firmwarexeon_e-2254mlcore_i5-8305gcore_i3-6100celeron_g5900xeon_w-1390celeron_g3930tecore_i7-11700t_firmwarecore_i5-7400tcore_i5-11600core_i7-8750hcore_i3-6100tcore_i7-11700fcore_i7-8665ucore_i3-10305tcore_i5-7210u_firmwarexeon_e3-1275_v6_firmwarecore_i5-8300hxeon_w-1370_firmwarecore_i3-7101te_firmwarecore_i5-7440eq_firmwarecore_i5-8420core_i5-7360u_firmwarecore_i3-8350kcore_i5-10600kcore_i7-10850hcore_i3-7120tcore_i3-8120_firmwarecore_i7-8560u_firmwarecore_i5-10500te_firmwarecore_i3-8020_firmwarexeon_w-1290e_firmwarecore_i5-7y54_firmwarecore_i3-10300t_firmwarexeon_e3-1280_v6_firmwarexeon_w-1390p_firmwarecore_i5-8550core_i3-10100f_firmwarecore_i9-10900f_firmwarecore_m3-8100ycore_i5-7267ucore_i5-8600kcore_i3-7100ucore_i5-6442eqcore_i7-8700tcore_i7-6700k_firmwarecore_i5-7260u_firmwarecore_i7-11700txeon_e3-1245_v5_firmwarecore_i5-7300u_firmwarecore_i7-8700t_firmwarecore_i7-10700e_firmwarecore_i5-6500te_firmwarecore_i3-7120t_firmwarecore_i5-8600t_firmwarecore_i7-6700kcore_i7-6970hqcore_i3-7340_firmwarecore_i7-6822eqcore_i5-8500xeon_e-2184gcore_i9-11900tcore_i5-9400h_firmwarecore_i5-8210ycore_i5-10400f_firmwarepentium_g4420_firmwarecore_i7-8565u_firmwarecore_i7-8569ucore_i5-11400t_firmwarecore_i7-10700t_firmwarecore_i7-7700txeon_e3-1240_v5xeon_e-2336_firmwarexeon_w-1290tceleron_g3930te_firmwarecore_i7-8809gcore_i5-8500tcore_i3-10105_firmwarecore_i7-8650u_firmwarexeon_e3-1501m_v6core_i5-6400t_firmwarecore_i3-6300_firmwarecore_i7-10850h_firmwarexeon_e3-1535m_v5_firmwarexeon_e-2314core_i3-7110ucore_i5-6400tcore_i3-10305pentium_g4400tecore_i3-6100h_firmwarecore_i7-8700_firmwarexeon_w-1390pcore_i3-8300_firmwarecore_i5-8650_firmwareceleron_g3920tcore_i5-10505core_i7-6700core_i7-6820eqcore_i7-6920hqpentium_g4400tcore_i7-6820hkcore_i7-7560u_firmwarecore_i5-7600kpentium_g4400core_m3-7y30_firmwarecore_i7-10710ucore_i5-10210ycore_i5-10300hcore_i5-8350u_firmwarexeon_e-2276g_firmwarecore_i3-8020celeron_g5920_firmwareceleron_g3930e_firmwarexeon_e-2224pentium_gold_g6500xeon_e-2124_firmwareceleron_5305ucore_i7-11700f_firmwarexeon_w-1250_firmwarecore_i5-7500t_firmwarecore_i9-10900fceleron_g4900xeon_e-2278gelxeon_e3-1245_v6xeon_e-2378gcore_i3-8100tcore_i5-10200h_firmwarecore_i3-6100_firmwarecore_4410ycore_i9-10980hk_firmwarecore_i7-8670tcore_i5-10400_firmwarecore_i5-6600k_firmwarecore_i7-6700hq_firmwarexeon_e-2104gcore_i3-7102epentium_gold_g6505t_firmwarexeon_e3-1268l_v5_firmwarecore_4415y_firmwarexeon_e-2276gceleron_g5305u_firmwareceleron_g3900_firmwarecore_i7-10700fcore_i5-9600k_firmwarecore_i9-10900k_firmwarecore_i7-8750hf_firmwareIntel(R) Processors
CWE ID-CWE-20
Improper Input Validation
CVE-2022-20129
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 3.17%
||
7 Day CHG~0.00%
Published-15 Jun, 2022 | 13:00
Updated-03 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In registerPhoneAccount of PhoneAccountRegistrar.java, there is a possible way to prevent the user from selecting a phone account due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-217934478

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found