Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-5147

Summary
Assigner-talos
Assigner Org ID-b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b
Published At-25 Jan, 2020 | 17:53
Updated At-04 Aug, 2024 | 19:47
Rejected At-
Credits

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13003.1007. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:talos
Assigner Org ID:b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b
Published At:25 Jan, 2020 | 17:53
Updated At:04 Aug, 2024 | 19:47
Rejected At:
▼CVE Numbering Authority (CNA)

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13003.1007. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.

Affected Products
Vendor
n/a
Product
AMD
Versions
Affected
  • AMD ATIDXX64.DLL (26.20.13003.1007) running on Radeon RX 550 / 550 Series VMware Workstation 15 (15.5.0 build-14665864) with Windows 10 x64 as guestVM
Problem Types
TypeCWE IDDescription
textN/Aout of bounds read
Type: text
CWE ID: N/A
Description: out of bounds read
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0936
x_refsource_MISC
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0936
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0936
x_refsource_MISC
x_transferred
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0936
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:talos-cna@cisco.com
Published At:25 Jan, 2020 | 18:15
Updated At:27 Jan, 2020 | 18:51

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13003.1007. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.6HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.1
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Advanced Micro Devices, Inc.
amd
>>atidxx64>>26.20.13003.1007
cpe:2.3:a:amd:atidxx64:26.20.13003.1007:*:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>workstation>>15.0
cpe:2.3:a:vmware:workstation:15.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarynvd@nist.gov
CWE ID: CWE-125
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0936talos-cna@cisco.com
Third Party Advisory
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0936
Source: talos-cna@cisco.com
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

115Records found
CVE-2019-5146
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-8.6||HIGH
EPSS-0.45% / 62.52%
||
7 Day CHG~0.00%
Published-25 Jan, 2020 | 17:53
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13025.10004. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.

Action-Not Available
Vendor-n/aAdvanced Micro Devices, Inc.VMware (Broadcom Inc.)
Product-workstationatidxx64AMD
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-5098
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-8.6||HIGH
EPSS-0.57% / 67.61%
||
7 Day CHG~0.00%
Published-05 Dec, 2019 | 17:24
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. A specially crafted pixel shader can cause out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.

Action-Not Available
Vendor-n/aAdvanced Micro Devices, Inc.VMware (Broadcom Inc.)Microsoft Corporation
Product-workstationradeon_rx_550_firmwareradeon_550_firmwareradeon_rx_550radeon_550windows_10AMD ATI
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-5124
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-8.6||HIGH
EPSS-0.45% / 62.52%
||
7 Day CHG~0.00%
Published-25 Jan, 2020 | 17:53
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.50005. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.

Action-Not Available
Vendor-n/aAdvanced Micro Devices, Inc.VMware (Broadcom Inc.)
Product-workstationatidxx64AMD
CWE ID-CWE-125
Out-of-bounds Read
CVE-2011-1785
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-5.29% / 89.63%
||
7 Day CHG~0.00%
Published-03 May, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware ESXi 4.0 and 4.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (socket exhaustion) via unspecified network traffic.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)
Product-esxiesxn/a
CVE-2011-0355
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.79% / 81.95%
||
7 Day CHG~0.00%
Published-17 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451.

Action-Not Available
Vendor-n/aCisco Systems, Inc.VMware (Broadcom Inc.)
Product-1000v_virtual_ethernet_module_\(vem\)esxiesxn/a
CVE-2010-4251
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.15% / 83.55%
||
7 Day CHG~0.00%
Published-26 May, 2011 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests.

Action-Not Available
Vendor-n/aRed Hat, Inc.VMware (Broadcom Inc.)Linux Kernel Organization, Inc
Product-linux_kernelenterprise_linuxesxn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2009-3282
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.44% / 62.33%
||
7 Day CHG~0.00%
Published-16 Oct, 2009 | 16:00
Updated-16 Sep, 2024 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 allows host OS users to cause a denial of service to the host OS via unspecified vectors.

Action-Not Available
Vendor-n/aApple Inc.VMware (Broadcom Inc.)
Product-fusionmac_os_xn/a
CWE ID-CWE-189
Not Available
CVE-2015-2341
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.74% / 71.96%
||
7 Day CHG~0.00%
Published-13 Jun, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.6, and VMware Fusion 6.x before 6.0.6 and 7.x before 7.0.1 allow attackers to cause a denial of service against a 32-bit guest OS or 64-bit host OS via a crafted RPC command.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)
Product-playerfusionworkstationn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-26338
Matching Score-8
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-8
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.95%
||
7 Day CHG~0.00%
Published-16 Nov, 2021 | 17:53
Updated-17 Sep, 2024 | 01:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access controls in System Management Unit (SMU) may allow for an attacker to override performance control tables located in DRAM resulting in a potential lack of system resources.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-epyc_7543epyc_7502_firmwareepyc_7402epyc_7262_firmwareepyc_7443_firmwareepyc_7402pepyc_7343epyc_7252_firmwareepyc_7543_firmwareepyc_7282_firmwareepyc_7542_firmwareepyc_7f32epyc_7763_firmwareepyc_7272_firmwareepyc_7713pepyc_7443epyc_7513epyc_7313p_firmwareepyc_7252epyc_7502pepyc_7232p_firmwareepyc_7702epyc_7302p_firmwareepyc_7453epyc_7642_firmwareepyc_7h12epyc_7452epyc_7513_firmwareepyc_7543p_firmwareepyc_7542epyc_7302epyc_7413_firmwareepyc_7h12_firmwareepyc_7232pepyc_7643_firmwareepyc_7f52epyc_7663epyc_7552_firmwareepyc_75f3epyc_72f3_firmwareepyc_7f72epyc_7f32_firmwareepyc_7662epyc_7f72_firmwareepyc_7662_firmwareepyc_7502epyc_75f3_firmwareepyc_7642epyc_7343_firmwareepyc_7532_firmwareepyc_7502p_firmwareepyc_7413epyc_7313pepyc_7313epyc_7663_firmwareepyc_7552epyc_7302pepyc_7702p_firmwareepyc_74f3_firmwareepyc_7352epyc_7302_firmwareepyc_7763epyc_7713_firmwareepyc_7402_firmwareepyc_7742epyc_7713p_firmwareepyc_7272epyc_73f3_firmwareepyc_7702pepyc_7f52_firmwareepyc_7262epyc_7713epyc_7443p_firmwareepyc_72f3epyc_7643epyc_7452_firmwareepyc_7402p_firmwareepyc_7543pepyc_7313_firmwareepyc_7443pepyc_7742_firmwareepyc_7453_firmwareepyc_7282epyc_7702_firmwareepyc_7352_firmwareepyc_74f3epyc_7532epyc_73f32nd Gen AMD EPYC™3rd Gen AMD EPYC™
CWE ID-CWE-284
Improper Access Control
CVE-2012-6326
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.40% / 60.06%
||
7 Day CHG~0.00%
Published-22 Feb, 2013 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCSA 5.0 before Update 2, allows remote attackers to cause a denial of service (disk consumption) via vectors that trigger large log entries.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)
Product-vcenter_servervcenter_server_appliancen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-1364
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.80% / 82.03%
||
7 Day CHG~0.00%
Published-20 Mar, 2008 | 00:00
Updated-07 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)
Product-workstationvmware_workstationacevmware_serverserverplayern/a
CWE ID-CWE-399
Not Available
CVE-2012-3289
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.45% / 62.61%
||
7 Day CHG~0.00%
Published-14 Jun, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow remote attackers to cause a denial of service (guest OS crash) via crafted traffic from a remote virtual device.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)
Product-playeresxworkstationesxin/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2007-1877
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.15% / 77.60%
||
7 Day CHG~0.00%
Published-02 May, 2007 | 19:00
Updated-07 Aug, 2024 | 13:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Workstation before 5.5.4 allows attackers to cause a denial of service against the guest OS by causing the virtual machine process (VMX) to store malformed configuration information.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)
Product-workstationn/a
CVE-2007-1337
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.17% / 77.81%
||
7 Day CHG~0.00%
Published-02 May, 2007 | 19:00
Updated-07 Aug, 2024 | 12:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows attackers to cause a denial of service (virtual machine reboot) via unknown vectors.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)
Product-workstationn/a
CVE-2007-1069
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.20% / 78.03%
||
7 Day CHG~0.00%
Published-02 May, 2007 | 19:00
Updated-07 Aug, 2024 | 12:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The memory management in VMware Workstation before 5.5.4 allows attackers to cause a denial of service (Windows virtual machine crash) by triggering certain general protection faults (GPF).

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)
Product-workstationn/a
CVE-2020-12988
Matching Score-8
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-8
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.5||HIGH
EPSS-0.30% / 52.47%
||
7 Day CHG~0.00%
Published-11 Jun, 2021 | 21:50
Updated-16 Sep, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential denial of service (DoS) vulnerability exists in the integrated chipset that may allow a malicious attacker to hang the system when it is rebooted.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-epyc_7543epyc_7502_firmwareepyc_7402epyc_7262_firmwareepyc_7371_firmwareepyc_7443_firmwareepyc_7402pepyc_7261epyc_7451epyc_7282_firmwareepyc_7343epyc_7252_firmwareepyc_7543_firmwareepyc_7f32epyc_7542_firmwareepyc_7551_firmwareepyc_7763_firmwareepyc_7272_firmwareepyc_7713pepyc_7443epyc_7513epyc_7313p_firmwareepyc_7252epyc_7502pepyc_7232p_firmwareepyc_7702epyc_7302p_firmwareepyc_7351p_firmwareepyc_7453epyc_7642_firmwareepyc_7452epyc_7h12epyc_7513_firmwareepyc_7543p_firmwareepyc_7542epyc_7401pepyc_7281_firmwareepyc_7413_firmwareepyc_7h12_firmwareepyc_7302epyc_7601epyc_7232pepyc_7002epyc_7643_firmwareepyc_7f52epyc_7663epyc_7552_firmwareepyc_75f3epyc_72f3_firmwareepyc_7371epyc_7001epyc_7f72epyc_7f32_firmwareepyc_7662epyc_7502epyc_7001_firmwareepyc_75f3_firmwareepyc_7662_firmwareepyc_7f72_firmwareepyc_7642epyc_7451_firmwareepyc_7343_firmwareepyc_7532_firmwareepyc_7281epyc_7551epyc_7502p_firmwareepyc_7413epyc_7301epyc_7551pepyc_7313pepyc_7401p_firmwareepyc_7002_firmwareepyc_7313epyc_7351pepyc_7551p_firmwareepyc_7663_firmwareepyc_7601_firmwareepyc_7351_firmwareepyc_7251epyc_7532epyc_7552epyc_7302pepyc_7702p_firmwareepyc_74f3_firmwareepyc_7352epyc_7302_firmwareepyc_7763epyc_7401epyc_7713_firmwareepyc_7402_firmwareepyc_7742epyc_7713p_firmwareepyc_7272epyc_73f3_firmwareepyc_7702pepyc_7f52_firmwareepyc_7262epyc_7713epyc_7003_firmwareepyc_7443p_firmwareepyc_7003epyc_7251_firmwareepyc_7401_firmwareepyc_72f3epyc_7643epyc_7402p_firmwareepyc_7452_firmwareepyc_7351epyc_7261_firmwareepyc_7313_firmwareepyc_7543pepyc_7443pepyc_7742_firmwareepyc_7453_firmwareepyc_7282epyc_7501epyc_7501_firmwareepyc_7702_firmwareepyc_7352_firmwareepyc_74f3epyc_7301_firmwareepyc_73f31st/2nd/3rd Gen AMD EPYC™ Processors
CVE-2021-21989
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 16.39%
||
7 Day CHG~0.00%
Published-24 May, 2021 | 11:43
Updated-03 Aug, 2024 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)Microsoft Corporation
Product-workstationwindowshorizon_clientVMware Workstation Pro / Player (Workstation), VMware Horizon Client for Windows
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20896
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-5.9||MEDIUM
EPSS-0.29% / 51.90%
||
7 Day CHG~0.00%
Published-22 Jun, 2023 | 12:00
Updated-13 Feb, 2025 | 16:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds read by sending a specially crafted packet leading to denial-of-service of certain services (vmcad, vmdird, and vmafdd).

Action-Not Available
Vendor-VMware (Broadcom Inc.)
Product-vcenter_serverVMware Cloud Foundation (vCenter Server)VMware vCenter Server (vCenter Server)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20870
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-6||MEDIUM
EPSS-0.07% / 23.08%
||
7 Day CHG~0.00%
Published-25 Apr, 2023 | 00:00
Updated-04 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)
Product-workstationfusionVMware Workstation Pro / Player (Workstation) and VMware Fusion
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-6967
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-8.1||HIGH
EPSS-0.39% / 59.36%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 20:00
Updated-17 Sep, 2024 | 03:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6965 and CVE-2018-6966.

Action-Not Available
Vendor-Apple Inc.VMware (Broadcom Inc.)
Product-workstationfusionesximac_os_xVMware ESXi, Workstation, and Fusion
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-6974
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-8.8||HIGH
EPSS-0.06% / 19.58%
||
7 Day CHG~0.00%
Published-16 Oct, 2018 | 20:00
Updated-16 Sep, 2024 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host.

Action-Not Available
Vendor-Apple Inc.VMware (Broadcom Inc.)
Product-mac_os_xworkstationesxifusionFusionESXiWorkstation
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-6965
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-8.1||HIGH
EPSS-0.39% / 59.36%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 20:00
Updated-17 Sep, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6966 and CVE-2018-6967.

Action-Not Available
Vendor-Apple Inc.VMware (Broadcom Inc.)
Product-mac_os_xworkstationesxifusionVMware ESXi, Workstation, and Fusion
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-6970
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-6.5||MEDIUM
EPSS-0.90% / 74.76%
||
7 Day CHG~0.00%
Published-13 Aug, 2018 | 21:00
Updated-17 Sep, 2024 | 02:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), and Horizon Client (4.x.x and prior before 4.8.1) contain an out-of-bounds read vulnerability in the Message Framework library. Successfully exploiting this issue may allow a less-privileged user to leak information from a privileged process running on a system where Horizon Connection Server, Horizon Agent or Horizon Client are installed. Note: This issue doesn't apply to Horizon 6, 7 Agents installed on Linux systems or Horizon Clients installed on non-Windows systems.

Action-Not Available
Vendor-VMware (Broadcom Inc.)
Product-horizon_clienthorizon_viewVMware Horizon 6, Horizon 7, and Horizon Client
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-6969
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-7||HIGH
EPSS-0.07% / 22.66%
||
7 Day CHG~0.00%
Published-13 Jul, 2018 | 13:00
Updated-17 Sep, 2024 | 03:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. In order to be able to exploit this issue, file sharing must be enabled.

Action-Not Available
Vendor-VMware (Broadcom Inc.)
Product-toolsVMware Tools
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-6966
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-8.1||HIGH
EPSS-0.39% / 59.36%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 20:00
Updated-16 Sep, 2024 | 23:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6965 and CVE-2018-6967.

Action-Not Available
Vendor-Apple Inc.VMware (Broadcom Inc.)
Product-workstationfusionesximac_os_xVMware ESXi, Workstation, and Fusion
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-0180
Matching Score-6
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-6
Assigner-NVIDIA Corporation
CVSS Score-7.1||HIGH
EPSS-0.09% / 26.36%
||
7 Day CHG+0.03%
Published-01 Apr, 2023 | 04:28
Updated-13 Feb, 2025 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode layer handler, which may lead to denial of service or information disclosure.

Action-Not Available
Vendor-Red Hat, Inc.Linux Kernel Organization, IncVMware (Broadcom Inc.)Citrix (Cloud Software Group, Inc.)NVIDIA Corporation
Product-linux_kernelenterprise_linux_kernel-based_virtual_machinevirtual_gpuhypervisorvspherevGPU software (guest driver - Linux), vGPU software (Virtual GPU Manager - Citrix Hypervisor, VMware vSphere, Red Hat Enterprise Linux KVM), NVIDIA Cloud Gaming (guest driver - Linux), NVIDIA Cloud Gaming (Virtual GPU Manager - Red Hat Enterprise Linux KVM)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-22251
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-5.9||MEDIUM
EPSS-0.06% / 18.86%
||
7 Day CHG~0.00%
Published-27 Feb, 2024 | 17:35
Updated-10 Jun, 2025 | 19:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds read vulnerability

VMware Workstation and Fusion contain an out-of-bounds read vulnerability in the USB CCID (chip card interface device). A malicious actor with local administrative privileges on a virtual machine may trigger an out-of-bounds read leading to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.VMware (Broadcom Inc.)
Product-fusionmacosworkstationVMware WorkstationVMware Fusion
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-26384
Matching Score-6
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-6
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.98%
||
7 Day CHG-0.01%
Published-14 Jul, 2022 | 19:28
Updated-16 Sep, 2024 | 23:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A malformed SMI (System Management Interface) command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentially leading to out-of-bounds memory reads and writes when triggering an SMI resulting in a potential loss of resources.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-ryzen_3_3200u_firmwareryzen_5_2700x_firmwareryzen_3_3450uryzen_5_5600hathlon_silver_3050u_firmwareryzen_3_3300uryzen_3_3550hryzen_5_5600gryzen_3_5425cryzen_3_5425u_firmwareryzen_5_5600uryzen_5_2500uryzen_9_5980hxryzen_3_3750hryzen_3_2300u_firmwareryzen_7_5800hsryzen_9_5900hx_firmwareryzen_5_5600hsryzen_3_5300geryzen_3_2300uryzen_5_5600geryzen_7_5825uryzen_5_2600xryzen_7_5825u_firmwareryzen_3_3550h_firmwareryzen_3_5300ge_firmwareryzen_5_5625uryzen_7_2700u_firmwareryzen_7_5700geryzen_5_2700ryzen_3_3780u_firmwareryzen_3_5125cryzen_7_2800h_firmwareryzen_5_2700_firmwareryzen_3_3500u_firmwareryzen_3_3700cryzen_5_5560uryzen_9_5900hs_firmwareryzen_5_5600u_firmwareryzen_5_2500u_firmwareryzen_7_5700g_firmwareryzen_3_2200u_firmwareryzen_9_5900hsryzen_3_2200uryzen_7_2700xryzen_3_3500cryzen_3_3500uryzen_7_5700gryzen_9_5980hsryzen_3_5300g_firmwareryzen_3_5125c_firmwareryzen_7_5800u_firmwareryzen_3_3200uryzen_7_5825c_firmwareryzen_5_2600ryzen_7_5800h_firmwareryzen_7_2700ryzen_7_2700x_firmwareryzen_5_5625c_firmwareryzen_3_3580u_firmwareathlon_silver_3050uryzen_3_3700u_firmwareryzen_5_2600hryzen_5_5625cryzen_3_5425uryzen_9_5980hx_firmwareryzen_5_5560u_firmwareryzen_7_2700uryzen_3_3750h_firmwareryzen_3_5400uryzen_3_3580uryzen_7_5825cryzen_3_3500c_firmwareryzen_7_5800uryzen_7_2800hryzen_5_2600h_firmwareryzen_3_3700uryzen_9_5900hxryzen_3_3700c_firmwareryzen_3_3250uryzen_5_5600g_firmwareryzen_9_5980hs_firmwareryzen_5_2600x_firmwareryzen_3_5300gathlon_gold_3150u_firmwareryzen_5_5600ge_firmwareryzen_5_5600hs_firmwareryzen_7_2700_firmwareryzen_3_5425c_firmwareathlon_gold_3150uryzen_5_5600h_firmwareryzen_3_3350u_firmwareryzen_5_2700xryzen_7_5800hryzen_3_5400u_firmwareryzen_5_2600_firmwareryzen_3_3780uryzen_3_3250u_firmwareryzen_3_3300u_firmwareryzen_3_3450u_firmwareryzen_7_5800hs_firmwareryzen_5_5625u_firmwareryzen_7_5700ge_firmwareryzen_3_3350uAthlon™ SeriesRyzen™ Series
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-12904
Matching Score-6
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-6
Assigner-Advanced Micro Devices Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 16.62%
||
7 Day CHG~0.00%
Published-15 Nov, 2021 | 15:12
Updated-16 Sep, 2024 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004203 may lead to arbitrary information disclosure.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.Microsoft Corporation
Product-radeon_softwarewindows_10AMD Radeon Software
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-26388
Matching Score-6
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-6
Assigner-Advanced Micro Devices Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.28%
||
7 Day CHG+0.01%
Published-11 May, 2022 | 16:29
Updated-16 Sep, 2024 | 23:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-ryzen_9_5900xepyc_7502_firmwareepyc_7402epyc_7262_firmwareepyc_7282_firmwareepyc_7f32epyc_7272_firmwareepyc_7713pepyc_7573xryzen_3_3100_firmwareepyc_7513ryzen_threadripper_2950x_firmwareryzen_9_5900x_firmwareryzen_5_2500uepyc_7232p_firmwareryzen_9_5980hxepyc_7702ryzen_7_5800hsryzen_threadripper_pro_5955wx_firmwareryzen_5_5600xryzen_threadripper_pro_5995wxepyc_7453ryzen_5_5600hsryzen_3_2300uepyc_7373xryzen_7_5825uepyc_7513_firmwareryzen_7_5825u_firmwareepyc_7542epyc_7413_firmwareryzen_threadripper_3960x_firmwareryzen_7_5800x3d_firmwareryzen_threadripper_3960xryzen_threadripper_2950xryzen_5_2700_firmwareryzen_threadripper_pro_3975wxepyc_7643_firmwareryzen_threadripper_1950x_firmwareryzen_5_5560uepyc_7f52epyc_75f3ryzen_threadripper_pro_5945wxepyc_7373x_firmwareryzen_5_2500u_firmwareepyc_7f32_firmwareryzen_3_3100epyc_7502epyc_7662_firmwareepyc_7f72_firmwareepyc_75f3_firmwareepyc_7473x_firmwareepyc_7343_firmwareryzen_7_5700u_firmwareryzen_3_2200u_firmwareryzen_threadripper_1900x_firmwareryzen_9_5900hsryzen_3_2200uepyc_7313pryzen_7_5700gryzen_threadripper_2920xryzen_9_5980hsryzen_3_5125c_firmwareepyc_7573x_firmwareryzen_5_5500u_firmwareryzen_7_2700x_firmwareryzen_7_2700ryzen_threadripper_pro_5965wx_firmwareryzen_3_3300xryzen_7_5800h_firmwareepyc_7352ryzen_5_2600hepyc_7713_firmwareepyc_7742ryzen_5_5500epyc_7272ryzen_7_2700uryzen_3_5400uepyc_7713epyc_7443p_firmwareryzen_5_5600_firmwareryzen_7_5800xryzen_7_2800hepyc_7773xryzen_threadripper_3990x_firmwareryzen_5_2600x_firmwareryzen_5_5600x_firmwareryzen_7_5800x3dryzen_9_5980hs_firmwareryzen_threadripper_3990xryzen_5_5600hs_firmwareryzen_7_2700_firmwareryzen_5_5600h_firmwareryzen_threadripper_pro_5955wxryzen_5_5500uryzen_3_5400u_firmwareepyc_7742_firmwareryzen_9_5950xryzen_5_5500_firmwareryzen_threadripper_2990wx_firmwareryzen_3_3200u_firmwareryzen_3_3300x_firmwareepyc_7402pepyc_7343ryzen_5_5600hepyc_7252_firmwareryzen_threadripper_1920x_firmwareryzen_3_5300u_firmwareepyc_7542_firmwareepyc_7763_firmwareryzen_3_5300uryzen_threadripper_pro_5945wx_firmwareryzen_5_5600gryzen_3_5425u_firmwareepyc_7313p_firmwareepyc_7252epyc_7502pryzen_threadripper_1900xryzen_5_5600uryzen_threadripper_pro_5975wxepyc_7302p_firmwareryzen_3_2300u_firmwareryzen_9_5900hx_firmwareryzen_9_5950x_firmwareepyc_7642_firmwareryzen_threadripper_2970wxepyc_7452ryzen_7_5800x_firmwareepyc_7543p_firmwareryzen_5_2600xryzen_7_2700u_firmwareryzen_5_5625uryzen_threadripper_2920x_firmwareepyc_7302ryzen_5_2700ryzen_7_5700uryzen_3_5125cryzen_7_2800h_firmwareepyc_7232pryzen_threadripper_1950xryzen_threadripper_pro_3945wx_firmwareryzen_9_5900hs_firmwareepyc_7663ryzen_5_5600u_firmwareepyc_7552_firmwareepyc_7773x_firmwareepyc_72f3_firmwareepyc_7f72epyc_7662ryzen_7_5700g_firmwareepyc_7642epyc_7473xryzen_threadripper_2970wx_firmwareryzen_threadripper_pro_5975wx_firmwareepyc_7532_firmwareryzen_threadripper_pro_3995wxepyc_7502p_firmwareepyc_7413ryzen_7_2700xryzen_7_5700x_firmwareepyc_7663_firmwareryzen_threadripper_pro_3955wxryzen_7_5800u_firmwareryzen_3_3200uepyc_7552epyc_7302pepyc_7702p_firmwareryzen_3_3300epyc_74f3_firmwareryzen_3_5425uepyc_7302_firmwareepyc_7763ryzen_threadripper_pro_3955wx_firmwareryzen_5_5560u_firmwareepyc_7402_firmwareryzen_9_5980hx_firmwareepyc_7713p_firmwareryzen_threadripper_1920xepyc_73f3_firmwareepyc_7702pryzen_threadripper_pro_3995wx_firmwareepyc_7f52_firmwareepyc_7262ryzen_5_2600h_firmwareryzen_threadripper_pro_5965wxryzen_7_5800uryzen_9_5900hxryzen_3_3250uryzen_5_5600g_firmwareepyc_72f3epyc_7643epyc_7402p_firmwareepyc_7452_firmwareryzen_threadripper_2990wxryzen_5_5600ryzen_threadripper_3970xryzen_7_5800hepyc_7543pepyc_7443pryzen_threadripper_3970x_firmwareryzen_threadripper_pro_3945wxryzen_3_3250u_firmwareepyc_7453_firmwareryzen_threadripper_pro_3975wx_firmwareepyc_7282ryzen_7_5800hs_firmwareryzen_threadripper_pro_5995wx_firmwareepyc_7702_firmwareepyc_7352_firmwareepyc_74f3epyc_7532ryzen_5_5625u_firmwareryzen_7_5700xepyc_73f3Athlon™ SeriesRyzen™ SeriesEPYC™ Processors
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-26345
Matching Score-6
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-6
Assigner-Advanced Micro Devices Inc.
CVSS Score-1.9||LOW
EPSS-0.03% / 5.78%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 18:53
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-epyc_7543epyc_7502_firmwareepyc_7402epyc_7262_firmwareepyc_9254_firmwareepyc_7282_firmwareepyc_9354pepyc_7f32epyc_7272_firmwareepyc_7573xepyc_7713pepyc_7443epyc_7513epyc_7643pepyc_9684x_firmwareepyc_7232p_firmwareepyc_9534epyc_7702epyc_7203_firmwareepyc_7453epyc_7373xepyc_8224pepyc_7513_firmwareepyc_9334_firmwareepyc_8124pn_firmwareepyc_9454p_firmwareepyc_7542epyc_7303p_firmwareepyc_8024pn_firmwareepyc_9454epyc_7413_firmwareepyc_7h12_firmwareepyc_9754_firmwareepyc_9534_firmwareepyc_9384x_firmwareepyc_8024pnepyc_7643_firmwareepyc_7f52epyc_9274f_firmwareepyc_75f3epyc_7373x_firmwareepyc_7f32_firmwareepyc_7f72_firmwareepyc_7662_firmwareepyc_7502epyc_75f3_firmwareepyc_9184x_firmwareepyc_7473x_firmwareepyc_7343_firmwareepyc_8024pepyc_9754s_firmwareepyc_8434pepyc_9634_firmwareepyc_8434p_firmwareepyc_7643p_firmwareepyc_9174f_firmwareepyc_7313pepyc_9124_firmwareepyc_7573x_firmwareepyc_7352epyc_7303pepyc_7713_firmwareepyc_8224pnepyc_7742epyc_7272epyc_9254epyc_7203p_firmwareepyc_7713epyc_9474f_firmwareepyc_7443p_firmwareepyc_7773xepyc_8124pepyc_8324pn_firmwareepyc_9634epyc_9554p_firmwareepyc_8324p_firmwareepyc_7742_firmwareepyc_8024p_firmwareepyc_8124p_firmwareepyc_7663pepyc_7443_firmwareepyc_7402pepyc_7343epyc_7252_firmwareepyc_7543_firmwareepyc_7542_firmwareepyc_7763_firmwareepyc_9274fepyc_8534p_firmwareepyc_9734epyc_9454pepyc_9734_firmwareepyc_8124pnepyc_7313p_firmwareepyc_7252epyc_7502pepyc_7302p_firmwareepyc_9124epyc_7663p_firmwareepyc_9354epyc_7642_firmwareepyc_7h12epyc_7452epyc_7543p_firmwareepyc_9374f_firmwareepyc_9554_firmwareepyc_7302epyc_8534pnepyc_7232pepyc_7203epyc_7663epyc_7552_firmwareepyc_7773x_firmwareepyc_72f3_firmwareepyc_8224p_firmwareepyc_7f72epyc_9174fepyc_7662epyc_7642epyc_7473xepyc_8534pn_firmwareepyc_9754epyc_8534pepyc_7532_firmwareepyc_7502p_firmwareepyc_7413epyc_9654_firmwareepyc_9384xepyc_9554pepyc_9654epyc_9684xepyc_7313epyc_7663_firmwareepyc_9474fepyc_7303_firmwareepyc_9754sepyc_7552epyc_7302pepyc_7702p_firmwareepyc_74f3_firmwareepyc_9654pepyc_7302_firmwareepyc_7763epyc_9454_firmwareepyc_9374fepyc_7402_firmwareepyc_7713p_firmwareepyc_73f3_firmwareepyc_7702pepyc_9654p_firmwareepyc_7f52_firmwareepyc_7262epyc_9334epyc_7203pepyc_8434pn_firmwareepyc_8324pepyc_72f3epyc_7643epyc_9354_firmwareepyc_7452_firmwareepyc_7402p_firmwareepyc_9354p_firmwareepyc_8434pnepyc_9224_firmwareepyc_7313_firmwareepyc_7543pepyc_8224pn_firmwareepyc_7443pepyc_8324pnepyc_9184xepyc_7453_firmwareepyc_7282epyc_9224epyc_7303epyc_7702_firmwareepyc_7352_firmwareepyc_74f3epyc_7532epyc_9554epyc_73f34th Gen AMD EPYC™ ProcessorsAMD EPYC™ Embedded 70033rd Gen AMD EPYC™ Processors2nd Gen AMD EPYC™ ProcessorsAMD EPYC™ Embedded 7002
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-26365
Matching Score-6
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-6
Assigner-Advanced Micro Devices Inc.
CVSS Score-8.2||HIGH
EPSS-0.17% / 39.17%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 18:58
Updated-28 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about out-of-bounds memory contents.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-ryzen_3_2300u_firmwareryzen_7_5700x_firmwareryzen_9_6900hxryzen_3_3250c_firmwareryzen_5_6600hsryzen_3_5300gryzen_7_6800u_firmwareryzen_7_5700uryzen_5_6600uryzen_5_5600_firmwareryzen_5_6600hs_firmwareamd_3015ceryzen_5_5600x_firmwareryzen_9_6980hx_firmwareryzen_5_3400gryzen_7_2700uryzen_5_6600u_firmwareryzen_7_5800xryzen_5_pro_3400geryzen_5_5600gryzen_5_pro_3350g_firmwareryzen_7_6800hsryzen_3_2300uryzen_7_5700xryzen_7_5800x3d_firmwareryzen_5_5600xryzen_3_pro_3200gryzen_9_6980hs_firmwareamd_3015eryzen_3_5300g_firmwareryzen_3_2200g_firmwareryzen_5_2500u_firmwareryzen_5_pro_3400g_firmwareryzen_5_2600hryzen_3_pro_3200ge_firmwareryzen_9_6980hxryzen_3_3200geryzen_3_3250u_firmwareryzen_7_2800hryzen_5_5600ge_firmwareryzen_5_5600ryzen_5_2400ge_firmwareryzen_5_pro_3350ge_firmwareryzen_5_5500_firmwareryzen_9_6900hsryzen_7_5700u_firmwareryzen_5_3400g_firmwareryzen_3_5300ge_firmwareryzen_3_2200u_firmwareryzen_9_5900ryzen_9_5900x_firmwareryzen_5_2400g_firmwareryzen_3_3200u_firmwareryzen_5_6600h_firmwareryzen_5_pro_3350geryzen_5_2600h_firmwareryzen_7_5700ge_firmwareryzen_3_2200gryzen_3_3200ge_firmwareryzen_5_5500uryzen_7_5800_firmwareryzen_5_pro_3400gryzen_3_5300u_firmwareryzen_7_5700geryzen_5_2500uryzen_3_3200g_firmwareryzen_7_5800x_firmwareryzen_5_pro_3350gryzen_7_5800x3damd_3015e_firmwareryzen_7_2800h_firmwareryzen_9_5900_firmwareryzen_7_5800ryzen_7_6800uamd_3015ce_firmwareryzen_9_6900hx_firmwareryzen_5_6600hryzen_3_3250uryzen_7_6800h_firmwareryzen_3_2200geryzen_5_5600geryzen_5_5600g_firmwareryzen_5_5500u_firmwareryzen_9_6980hsryzen_5_pro_3400ge_firmwareryzen_5_2400gryzen_9_5950xryzen_3_pro_2100ge_firmwareryzen_9_5900xryzen_3_3200gryzen_3_2200ge_firmwareryzen_7_2700u_firmwareryzen_7_6800hs_firmwareryzen_9_5950x_firmwareryzen_5_2400geryzen_3_5300uryzen_3_pro_2100geryzen_5_5500ryzen_9_6900hs_firmwareryzen_7_5700gryzen_7_6800hryzen_3_3200uryzen_3_3250cryzen_3_pro_3200geryzen_3_pro_3200g_firmwareryzen_3_5300geryzen_3_2200uryzen_7_5700g_firmwareAthlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”Ryzen™ 2000 Series Mobile Processors “Raven Ridge” FP5Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics “Cezanne” AM4Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULPRyzen™ 2000 series Desktop Processors “Raven Ridge” AM4Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Renoir” Ryzen™ 5000 Series Mobile processors with Radeon™ Graphics “Cezanne”Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso”Ryzen™ 6000 Series Mobile Processors "Rembrandt"
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-21995
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-7.5||HIGH
EPSS-0.32% / 54.22%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 18:05
Updated-03 Aug, 2024 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bounds read in OpenSLP service resulting in a denial-of-service condition.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)
Product-esxicloud_foundationVMware ESXi and VMware Cloud Foundation
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-34044
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-7.1||HIGH
EPSS-0.06% / 18.17%
||
7 Day CHG~0.00%
Published-20 Oct, 2023 | 08:56
Updated-02 Aug, 2024 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Information disclosure vulnerability in bluetooth device-sharing functionality

VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine.

Action-Not Available
Vendor-Apple Inc.VMware (Broadcom Inc.)
Product-workstationfusionmac_os_xFusionWorkstation
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1063
Matching Score-6
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-6
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.06%
||
7 Day CHG~0.00%
Published-08 Jan, 2021 | 15:05
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input offset is not validated, which may lead to a buffer overread, which in turn may cause tampering of data, information disclosure, or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

Action-Not Available
Vendor-nutanixVMware (Broadcom Inc.)NVIDIA CorporationCitrix (Cloud Software Group, Inc.)Red Hat, Inc.
Product-enterprise_linux_kernel-based_virtual_machinehypervisorvirtual_gpu_managervsphereahvNVIDIA Virtual GPU Manager
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-4948
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-7.1||HIGH
EPSS-0.04% / 11.03%
||
7 Day CHG~0.00%
Published-05 Jan, 2018 | 14:00
Updated-16 Sep, 2024 | 23:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View Client (4.x before 4.7.0) contain an out-of-bounds read vulnerability in TPView.dll. On Workstation, this issue in conjunction with other bugs may allow a guest to leak information from host or may allow for a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this issue in conjunction with other bugs may allow a View desktop to leak information from host or may allow for a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.

Action-Not Available
Vendor-VMware (Broadcom Inc.)
Product-workstationhorizon_viewHorizon Client for WindowsWorkstation
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-34684
Matching Score-6
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-6
Assigner-NVIDIA Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 19.75%
||
7 Day CHG~0.00%
Published-30 Dec, 2022 | 00:00
Updated-10 Apr, 2025 | 19:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one error may lead to data tampering or information disclosure.

Action-Not Available
Vendor-NVIDIA CorporationRed Hat, Inc.VMware (Broadcom Inc.)Citrix (Cloud Software Group, Inc.)Linux Kernel Organization, Inc
Product-linux_kernelgpu_display_driverenterprise_linux_kernel-based_virtual_machinevirtual_gpuhypervisornvsteslavspherequadrocloud_gaminggeforcertxvGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-193
Off-by-one Error
CVE-2022-34677
Matching Score-6
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-6
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.19%
||
7 Day CHG+0.01%
Published-30 Dec, 2022 | 00:00
Updated-11 Apr, 2025 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.

Action-Not Available
Vendor-Red Hat, Inc.Citrix (Cloud Software Group, Inc.)Debian GNU/LinuxVMware (Broadcom Inc.)Linux Kernel Organization, IncNVIDIA Corporation
Product-debian_linuxlinux_kernelgpu_display_driverenterprise_linux_kernel-based_virtual_machinevirtual_gpuhypervisornvsteslavspherequadrocloud_gaminggeforcertxvGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CVE-2022-34676
Matching Score-6
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-6
Assigner-NVIDIA Corporation
CVSS Score-7.1||HIGH
EPSS-0.06% / 17.35%
||
7 Day CHG~0.00%
Published-30 Dec, 2022 | 00:00
Updated-11 Apr, 2025 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds read may lead to denial of service, information disclosure, or data tampering.

Action-Not Available
Vendor-Red Hat, Inc.Citrix (Cloud Software Group, Inc.)VMware (Broadcom Inc.)Linux Kernel Organization, IncNVIDIA Corporation
Product-linux_kernelenterprise_linux_kernel-based_virtual_machinevirtual_gpuhypervisorvspherecloud_gamingvGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)
CWE ID-CWE-197
Numeric Truncation Error
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-4899
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-4.7||MEDIUM
EPSS-0.05% / 14.37%
||
7 Day CHG~0.00%
Published-07 Jun, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. An attacker may exploit this issue to crash the VM or trigger an out-of-bound read. Note: This issue can be triggered only when the host has no graphics card or no graphics drivers are installed.

Action-Not Available
Vendor-VMware (Broadcom Inc.)
Product-workstation_playerworkstation_proWorkstation Pro/Player
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-4937
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.59%
||
7 Day CHG~0.00%
Published-17 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View Client.

Action-Not Available
Vendor-VMware (Broadcom Inc.)
Product-horizon_viewworkstationHorizon View Client for WindowsWorkstation
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-4912
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.54%
||
7 Day CHG~0.00%
Published-08 Jun, 2017 | 13:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in TrueType Font (TTF) parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.

Action-Not Available
Vendor-VMware (Broadcom Inc.)
Product-horizon_viewworkstationHorizon View Client for WindowsWorkstation
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-4936
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.54%
||
7 Day CHG~0.00%
Published-17 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client.

Action-Not Available
Vendor-VMware (Broadcom Inc.)
Product-horizon_viewworkstationHorizon View Client for WindowsWorkstation
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-4910
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.54%
||
7 Day CHG~0.00%
Published-08 Jun, 2017 | 13:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.

Action-Not Available
Vendor-VMware (Broadcom Inc.)
Product-horizon_viewworkstationHorizon View Client for WindowsWorkstation
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-3960
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-8.4||HIGH
EPSS-0.13% / 33.27%
||
7 Day CHG~0.00%
Published-15 Sep, 2021 | 12:14
Updated-04 Aug, 2024 | 07:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVMe functionality. A malicious actor with local non-administrative access to a virtual machine with a virtual NVMe controller present may be able to read privileged information contained in physical memory.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)
Product-workstationvsphere_esxifusionVMware ESXi, Workstation, and Fusion
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-3965
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 20.46%
||
7 Day CHG~0.00%
Published-25 Jun, 2020 | 14:54
Updated-04 Aug, 2024 | 07:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the XHCI USB controller. A malicious actor with local access to a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine.

Action-Not Available
Vendor-VMware (Broadcom Inc.)
Product-workstationcloud_foundationesxifusionFusionVMware ESXiWorkstation
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-3988
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-6.1||MEDIUM
EPSS-0.05% / 14.34%
||
7 Day CHG~0.00%
Published-16 Sep, 2020 | 16:14
Updated-04 Aug, 2024 | 07:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (JPEG2000 parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)
Product-workstation_playerhorizon_clientworkstation_proVMware Workstation and Horizon Client for Windows
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-46765
Matching Score-6
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-6
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.83%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 19:01
Updated-27 Jan, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-ryzen_6980hxryzen_5500_firmwareryzen_3800xryzen_3900xryzen_3900ryzen_5600gryzen_3500x_firmwareryzen_5600ryzen_5700xryzen_5800x3d_firmwareryzen_3500_firmwareryzen_3900_firmwareryzen_6980hsryzen_5975wx_firmwareryzen_5965wxryzen_5900x_firmwareryzen_6800u_firmwareryzen_5900xryzen_3500xryzen_5800ryzen_3600ryzen_6800hsryzen_3900xt_firmwareryzen_6600uryzen_5800x_firmwareryzen_3500ryzen_5500ryzen_5600geryzen_6800hs_firmwareryzen_5955wxryzen_5900ryzen_6800uryzen_6900hxryzen_5800_firmwareryzen_3600xryzen_5950xryzen_5600g_firmwareryzen_6900hsryzen_3300xryzen_3950x_firmwareryzen_3800x_firmwareryzen_5955wx_firmwareryzen_3900xtryzen_6800h_firmwareryzen_5600ge_firmwareryzen_5945wx_firmwareryzen_5700geryzen_3600xtryzen_5800xryzen_3600x_firmwareryzen_5995wx_firmwareryzen_3900x_firmwareryzen_6900hs_firmwareryzen_5700gryzen_6900hx_firmwareryzen_6600hryzen_5600xryzen_5700ge_firmwareryzen_5300g_firmwareryzen_5700x_firmwareryzen_5965wx_firmwareryzen_5300ge_firmwareryzen_5600_firmwareryzen_3950xryzen_5300geryzen_5600x_firmwareryzen_6980hx_firmwareryzen_3800xtryzen_6980hs_firmwareryzen_5950x_firmwareryzen_3800xt_firmwareryzen_6600hs_firmwareryzen_6600u_firmwareryzen_5995wxryzen_3100_firmwareryzen_3300x_firmwareryzen_6800hryzen_3600xt_firmwareryzen_5300gryzen_5700g_firmwareryzen_5945wxryzen_3600_firmwareryzen_3100ryzen_5800x3dryzen_6600h_firmwareryzen_5975wxryzen_5900_firmwareryzen_6600hsRyzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Renoir” Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics “Cezanne” AM4Ryzen™ 6000 Series Mobile Processors "Rembrandt"Ryzen™ 5000 Series Mobile processors with Radeon™ Graphics “Cezanne”Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-46749
Matching Score-6
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-6
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.5||HIGH
EPSS-0.16% / 36.97%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 18:59
Updated-28 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-ryzen_2600xathlon_gold_3150geryzen_3600x_firmwareryzen_3800xryzen_1200_\(af\)_firmwareryzen_3300xryzen_5300geryzen_3600ryzen_5995wxryzen_2920x_firmwareryzen_5600ryzen_5955wxryzen_5800x_firmwareryzen_2700eryzen_2600_firmwareryzen_5500_firmwareryzen_5900ryzen_3600xryzen_2920xryzen_pro_2100ge_firmwareryzen_2970wx_firmwareryzen_3800x_firmwareryzen_3600xt_firmwareryzen_5700xryzen_5600xryzen_2300x_firmwareryzen_5300g_firmwareryzen_5700geryzen_2600e_firmwareryzen_2950xryzen_3900xt_firmwareryzen_2600ryzen_3600_firmwareryzen_2500xryzen_5600x_firmwareryzen_3900xtryzen_5945wx_firmwareryzen_2990wx_firmwareathlon_gold_3150g_firmwareryzen_5800_firmwareryzen_2990wxryzen_3100_firmwareryzen_3500_firmwareryzen_2500x_firmwareryzen_5300gryzen_2200geryzen_2200ge_firmwareryzen_3900ryzen_5975wxryzen_2200gryzen_2950x_firmwareryzen_2600eryzen_2700_firmwareryzen_5800ryzen_3800xt_firmwareryzen_5800xryzen_5800x3d_firmwareryzen_3300x_firmwareathlon_silver_3050geryzen_2970wxathlon_silver_3050ge_firmwareryzen_3800xtryzen_5500ryzen_2700x_firmwareryzen_3900xryzen_2600x_firmwareryzen_5955wx_firmwareryzen_3500ryzen_5300ge_firmwareryzen_2400ge_firmwareryzen_3950xryzen_5995wx_firmwareryzen_5950x_firmwareathlon_gold_3150gryzen_1200_\(af\)ryzen_5700g_firmwareryzen_5900_firmwareryzen_3600xtryzen_5600ge_firmwareryzen_5600gryzen_5950xryzen_2400gryzen_pro_2100geryzen_5600_firmwareryzen_2700xryzen_5965wx_firmwareryzen_5600g_firmwareryzen_2400geryzen_5945wxryzen_5965wxryzen_5700gryzen_5600geryzen_3900_firmwareryzen_2700ryzen_2200g_firmwareryzen_5900xryzen_3950x_firmwareryzen_5700ge_firmwareryzen_3100ryzen_1600_\(af\)ryzen_2300xryzen_1600_\(af\)_firmwareryzen_3500xryzen_3500x_firmwareryzen_2400g_firmwareryzen_5900x_firmwareryzen_5700x_firmwareryzen_5975wx_firmwareryzen_5800x3dryzen_3900x_firmwareryzen_2700e_firmwareathlon_gold_3150ge_firmwareRyzen™ 3000 Series Desktop Processors “Matisse” AM4Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”Ryzen™ 2000 Series Desktop Processors “Pinnacle Ridge”Ryzen™ Threadripper™ PRO Processors “Castle Peak” WSRyzen™ 2000 Series Mobile Processors “Raven Ridge” FP5Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics “Cezanne” AM4Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULPRyzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Renoir” Ryzen™ Threadripper™ PRO Processors “Chagall” WSRyzen™ 5000 Series Mobile processors with Radeon™ Graphics “Cezanne”AMD Ryzen™ 5000 Series Desktop Processors “Vermeer” AM4Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDTRyzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso”
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-0188
Matching Score-6
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-6
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 25.06%
||
7 Day CHG+0.03%
Published-01 Apr, 2023 | 04:45
Updated-13 Feb, 2025 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged user can cause improper restriction of operations within the bounds of a memory buffer cause an out-of-bounds read, which may lead to denial of service.

Action-Not Available
Vendor-Red Hat, Inc.Linux Kernel Organization, IncVMware (Broadcom Inc.)Microsoft CorporationCitrix (Cloud Software Group, Inc.)NVIDIA Corporation
Product-linux_kernelenterprise_linux_kernel-based_virtual_machinevirtual_gpuhypervisorwindowsvspherevGPU software (guest driver - Windows), vGPU software (guest driver - Linux), vGPU software (Virtual GPU Manager - Citrix Hypervisor, VMware vSphere, Red Hat Enterprise Linux KVM), NVIDIA Cloud Gaming (guest driver - Windows), NVIDIA Cloud Gaming (guest driver - Linux), NVIDIA Cloud Gaming (Virtual GPU Manager - Red Hat Enterprise Linux KVM)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found