Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-14955

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-26 Jun, 2020 | 17:03
Updated At-04 Aug, 2024 | 13:00
Rejected At-
Credits

In Jiangmin Antivirus 16.0.13.129, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220440.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:26 Jun, 2020 | 17:03
Updated At:04 Aug, 2024 | 13:00
Rejected At:
▼CVE Numbering Authority (CNA)

In Jiangmin Antivirus 16.0.13.129, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220440.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/y5s5k5/CVE-2020-14955
x_refsource_MISC
Hyperlink: https://github.com/y5s5k5/CVE-2020-14955
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/y5s5k5/CVE-2020-14955
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/y5s5k5/CVE-2020-14955
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:26 Jun, 2020 | 18:15
Updated At:21 Jul, 2021 | 11:39

In Jiangmin Antivirus 16.0.13.129, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220440.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary2.04.9MEDIUM
AV:L/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 4.9
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
jiangmin
jiangmin
>>jiangmin_antivirus>>16.0.13.129
cpe:2.3:a:jiangmin:jiangmin_antivirus:16.0.13.129:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/y5s5k5/CVE-2020-14955cve@mitre.org
Exploit
Third Party Advisory
Hyperlink: https://github.com/y5s5k5/CVE-2020-14955
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

289Records found
CVE-2022-29193
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.05%
||
7 Day CHG~0.00%
Published-20 May, 2022 | 21:20
Updated-22 Apr, 2025 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing validation causes `TensorSummaryV2` in TensorFlow to crash

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.TensorSummaryV2` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-20
Improper Input Validation
CVE-2022-29199
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.57%
||
7 Day CHG~0.00%
Published-20 May, 2022 | 21:40
Updated-22 Apr, 2025 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing validation causes denial of service in TensorFlow via `LoadAndRemapMatrix`

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.LoadAndRemapMatrix does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `initializing_values` is a vector but there is no validation for this before accessing its value. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-20
Improper Input Validation
CVE-2022-29198
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.65%
||
7 Day CHG~0.00%
Published-20 May, 2022 | 21:50
Updated-22 Apr, 2025 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing validation causes denial of service in TensorFlow via `SparseTensorToCSRSparseMatrix`

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorToCSRSparseMatrix` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `dense_shape` is a vector and `indices` is a matrix (as part of requirements for sparse tensors) but there is no validation for this. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-20
Improper Input Validation
CVE-2022-29191
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 22.47%
||
7 Day CHG~0.00%
Published-20 May, 2022 | 20:50
Updated-22 Apr, 2025 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing validation causes denial of service via `GetSessionTensor` in TensorFlow

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.GetSessionTensor` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-20
Improper Input Validation
CVE-2022-28190
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 32.06%
||
7 Day CHG~0.00%
Published-17 May, 2022 | 19:15
Updated-03 Aug, 2024 | 05:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where improper input validation can cause denial of service.

Action-Not Available
Vendor-NVIDIA Corporation
Product-gpu_display_driverNVIDIA GPU Display Driver
CWE ID-CWE-20
Improper Input Validation
CVE-2022-28188
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.13% / 32.64%
||
7 Day CHG~0.00%
Published-17 May, 2022 | 19:15
Updated-03 Aug, 2024 | 05:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product receives input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly, which may lead to denial of service.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-windowsvirtual_gpugpu_display_driverNVIDIA GPU Display Driver
CWE ID-CWE-20
Improper Input Validation
CVE-2017-14489
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.27% / 50.42%
||
7 Day CHG~0.00%
Published-15 Sep, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-25976
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.53%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-virtual_raid_on_cpuIntel(R) VROC software
CWE ID-CWE-20
Improper Input Validation
CVE-2024-25116
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.13% / 32.97%
||
7 Day CHG~0.00%
Published-09 Apr, 2024 | 17:35
Updated-01 Aug, 2024 | 23:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Specially crafted CF.RESERVE command can lead to denial-of-service

RedisBloom adds a set of probabilistic data structures to Redis. Starting in version 2.0.0 and prior to version 2.4.7 and 2.6.10, authenticated users can use the `CF.RESERVE` command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in RedisBloom 2.4.7 and 2.6.10.

Action-Not Available
Vendor-RedisBloom
Product-RedisBloom
CWE ID-CWE-20
Improper Input Validation
CVE-2024-26181
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.31% / 53.75%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 16:58
Updated-03 May, 2025 | 00:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Denial of Service Vulnerability

Windows Kernel Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 11 version 22H3Windows Server 2012 (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2016Windows 10 Version 1507Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows 10 Version 21H2Windows 10 Version 1607Windows 11 version 22H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2Windows Server 2022Windows 11 version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-20
Improper Input Validation
CVE-2022-23403
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.13% / 33.33%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:55
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managerIntel(R) Data Center Manager software
CWE ID-CWE-20
Improper Input Validation
CVE-2022-22423
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.02% / 3.29%
||
7 Day CHG~0.00%
Published-23 Sep, 2022 | 17:35
Updated-22 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service due to improper input validation. IBM X-Force ID: 223596.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, Inc
Product-common_cryptographic_architectureipowerlinuxlinux_kernelaixCCA for MTM 4767
CWE ID-CWE-20
Improper Input Validation
CVE-2022-21180
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 26.83%
||
7 Day CHG~0.00%
Published-15 Jun, 2022 | 20:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_e3-1565l_v5core_i7-6870hqxeon_e-2286gcore_i7-8670t_firmwarepentium_gold_g5500tcore_i7-7700t_firmwarecore_i3-10100core_i3-7320t_firmwarecore_i7-8850h_firmwarecore_i5-11400core_i7-10510yceleron_g5900t_firmwarexeon_e3-1220_v5core_i5-7y57_firmwarexeon_e-2174g_firmwarecore_i7-10710u_firmwarecore_i9-11900_firmwarexeon_e-2276ml_firmwarexeon_e3-1505m_v5_firmwarexeon_w-1270p_firmwarexeon_e3-1578l_v5_firmwarexeon_e-2246gcore_i9-10900_firmwarecore_i5-6350hqcore_i3-6300txeon_e-2374gcore_i5-8500t_firmwarecore_i7-9700k_firmwarexeon_e-2254ml_firmwarexeon_e-2236xeon_e3-1220_v5_firmwarexeon_e-2374g_firmwarecore_i7-8709g_firmwarepentium_gold_g6605pentium_gold_g6405u_firmwarepentium_gold_g5400tcore_i5-6500tcore_i5-7500core_i7-10875h_firmwarecore_i9-9900kf_firmwarecore_4415uxeon_e3-1545m_v5_firmwarecore_i3-6120core_i7-8709gcore_i5-7440hqxeon_w-10855mxeon_e-2278gepentium_gold_g5600_firmwarecore_i9-11900kfcore_i5-10600t_firmwarepentium_gold_g6505xeon_w-1270xeon_e3-1505l_v6xeon_e-2254me_firmwarecore_i7-11700k_firmwarecore_i5-10300h_firmwarepentium_gold_g6400core_i9-10900tpentium_gold_g5400_firmwarexeon_e-2126gcore_i5-8200ycore_i5-10500t_firmwarecore_i9-10900kcore_i5-10600_firmwarecore_i7-10700tecore_i7-8809g_firmwarecore_i5-11400fcore_i5-10400txeon_w-1290exeon_e3-1235l_v5core_i3-7110u_firmwarecore_5405u_firmwarecore_i7-6820eq_firmwareceleron_g5925_firmwarecore_i7-9700kfpentium_g4420t_firmwarepentium_g4520_firmwarecore_i5-7287u_firmwarexeon_w-1290te_firmwarecore_i3-8000tcore_i5-7600k_firmwarecore_i5-8305g_firmwarecore_i5-10110y_firmwarecore_i5-8650k_firmwarecore_i9-10900te_firmwarecore_i9-11900kcore_i3-8300t_firmwarecore_i3-7167u_firmwarecore_i5-10600kfxeon_w-10855_firmwarecore_i7-10700_firmwarepentium_gold_g6600_firmwarexeon_e-2146gcore_i9-10850hcore_i7-7820eq_firmwarecore_i5-8210y_firmwarecore_i5-9400fpentium_gold_g5420tcore_i7-10700kf_firmwarexeon_e-2286g_firmwarexeon_e3-1515m_v5core_i7-7560uceleron_g3920t_firmwarecore_i7-8550u_firmwarecore_i5-7600txeon_e-2284g_firmwarecore_i5-11600kfcore_i5-8365uceleron_g5900_firmwarexeon_e3-1260l_v5_firmwarexeon_e3-1240l_v5core_i5-9600kfpentium_g4500xeon_e-2288g_firmwarexeon_e-2276mxeon_e-2224gcore_i5-8600_firmwarecore_i5-8269ucore_i3-8100_firmwarepentium_g4500txeon_e3-1505m_v5core_i5-7600t_firmwarepentium_g4500_firmwarecore_i7-7510uxeon_e3-1535m_v6_firmwarecore_i7-10810ucore_i3-10300tcore_i7-7820hq_firmwarecore_i3-8100pentium_gold_g5500_firmwarepentium_gold_g5500t_firmwarexeon_e-2378g_firmwarecore_i9-11900core_i5-9600kcore_i5-8265ucore_i9-9900kfxeon_e-2246g_firmwarecore_i7-10700tcore_i5-8650core_i5-6300hqcore_i7-7600u_firmwarecore_i3-6120_firmwarecore_i7-9700kf_firmwarecore_i5-9300hcore_i7-10750hcore_i9-10850kceleron_g3920core_i5-6600t_firmwarecore_i3-7100e_firmwarecore_i5-8500bcore_3865u_firmwarepentium_gold_g6405xeon_e3-1225_v6_firmwarecore_i5-8250u_firmwarecore_i7-7820hk_firmwarexeon_w-1390_firmwarecore_4415ycore_i5-6600core_i3-8100hcore_i5-8400b_firmwarecore_i7-8706gceleron_g3940_firmwarepentium_gold_g6400tcore_i3-6300celeron_g3900core_i3-8120core_i5-7400t_firmwarecore_i9-11900fxeon_e3-1270_v5_firmwarecore_i5-8365u_firmwareceleron_g3902ecore_3865uxeon_w-1300_firmwarecore_i3-8130u_firmwarecore_i9-10885hcore_i7-8557ucore_i5-7440eqcore_i3-6320xeon_e-2386gcore_i3-8350k_firmwarecore_i5-11400_firmwarepentium_gold_g6605_firmwarexeon_e-2134core_i7-10750h_firmwarexeon_w-1290tecore_i7-8557u_firmwarecore_i5-6440eqcore_i9-10980hkxeon_e-2176mcore_i9-10900t_firmwarecore_i7-10700k_firmwarepentium_gold_g6505_firmwarecore_i5-11400f_firmwarecore_i3-10305_firmwarecore_i3-7100u_firmwarexeon_e-2274gcore_i3-10325_firmwarecore_i7-10510y_firmwarecore_i9-11900k_firmwareceleron_g5905t_firmwarexeon_e-2134_firmwarecore_i3-7007u_firmwarecore_i5-7267u_firmwarecore_i7-8500ycore_i5-7640x_firmwarecore_i9-11900t_firmwarexeon_e-2226g_firmwarepentium_g4520core_i5-7400_firmwarecore_i7-6700te_firmwarexeon_w-1370pentium_g4400_firmwareceleron_g3900te_firmwarexeon_e-2174gcore_i5-8600tcore_i7-8510y_firmwarexeon_e3-1585_v5_firmwarecore_i5-7200u_firmwarexeon_e3-1220_v6pentium_gold_g5420_firmwarecore_i7-7y75_firmwarepentium_gold_g6405t_firmwarexeon_e3-1220_v6_firmwareceleron_g3930ecore_i3-10320_firmwareceleron_g4900t_firmwarexeon_e-2176gxeon_e-2288gcore_i3-6100hcore_i7-7500uxeon_e-2274g_firmwarexeon_e3-1225_v6xeon_w-1370pcore_i3-6320t_firmwarexeon_e3-1280_v6core_i3-10320core_i5-8420t_firmwarepentium_gold_g5400xeon_e-2124g_firmwarecore_i3-10105fcore_i3-7120_firmwarexeon_w-1390t_firmwarexeon_e-2224_firmwarecore_i5-6400core_4415u_firmwarecore_i7-10875hcore_i5-6300hq_firmwarepentium_g4420tcore_i3-7101tecore_i7-7700core_i5-10400hcore_i5-6440eq_firmwarecore_i5-7300hqcore_i5-9600kf_firmwarecore_i5-10505_firmwarexeon_w-10885mxeon_e-2224g_firmwarexeon_e3-1505m_v6pentium_gold_g6500_firmwarecore_4410y_firmwarexeon_e3-1535m_v5core_i5-6600kcore_i5-10110yxeon_e3-1505m_v6_firmwarecore_i3-7007uxeon_e-2254mecore_i9-11900kf_firmwarexeon_e3-1505l_v5core_i7-8500y_firmwarecore_i7-6700t_firmwarecore_i7-6700tcore_i7-6822eq_firmwarecore_i5-6442eq_firmwarecore_i3-6102e_firmwarecore_i3-10105tcore_i9-9900k_firmwarecore_i7-6820hk_firmwarecore_i5-6500tecore_i7-10510u_firmwarecore_i7-7700_firmwarecore_i3-8100h_firmwareceleron_g5905_firmwarecore_i5-6500core_i3-10105t_firmwarecore_i5-10400h_firmwarecore_i9-10900kfcore_i9-9980hk_firmwarexeon_e-2144gcore_i3-10100tpentium_gold_g6600core_i7-7700hq_firmwarecore_i5-8300h_firmwarexeon_e3-1270_v6_firmwarecore_i9-9980hkcore_3965y_firmwarecore_i5-8500b_firmwarexeon_e-2244gcore_i3-6102exeon_w-1390tceleron_g3902e_firmwarecore_i7-6770hqcore_i7-10610uxeon_e3-1235l_v5_firmwarecore_i7-9850h_firmwarecore_i7-11700kfpentium_gold_g5420core_i7-11700_firmwarecore_i7-7740xcore_i7-7y75core_i7-8559ucore_i9-10850h_firmwarexeon_e3-1575m_v5core_i5-7210ucore_i5-8550_firmwarexeon_e-2124gcore_i5-11500tcore_i7-8670_firmwarecore_i7-8560ucore_i5-9400pentium_gold_g5600core_i3-6320_firmwarecore_i3-6100e_firmwarexeon_e3-1285_v6_firmwarexeon_w-1290t_firmwarecore_i3-10325xeon_e-2356gcore_i5-8500_firmwarecore_i7-8700core_i3-7130uxeon_e3-1585l_v5_firmwarecore_i5-8400xeon_e3-1585_v5core_i3-10105f_firmwarexeon_e-2334core_i5-7440hq_firmwarecore_i7-9850hcore_i5-7300hq_firmwarecore_i5-8650kxeon_w-1350core_i3-10110u_firmwarecore_i5-7600xeon_e3-1505l_v5_firmwarecore_i7-8750hfxeon_e3-1280_v5_firmwarexeon_w-1290core_i9-11900f_firmwarexeon_e-2186gxeon_e-2314_firmwarecore_i5-8310y_firmwarecore_i3-10110ucore_i7-8665u_firmwarecore_i9-10885h_firmwarexeon_e3-1280_v5core_i7-7567u_firmwarecore_i5-7442eq_firmwarecore_i5-11500_firmwarecore_i7-6770hq_firmwarecore_i7-8569u_firmwarecore_3965ycore_i5-8420_firmwarexeon_w-1350pcore_i9-10900xeon_e3-1230_v6_firmwarexeon_e3-1565l_v5_firmwarexeon_e3-1275_v6core_i5-7360uxeon_w-1250core_i5-7300ucore_i3-10300xeon_w-1290p_firmwareceleron_g5925core_i5-7600_firmwarecore_i5-6600tcore_i3-8100t_firmwarexeon_w-1250p_firmwarexeon_e3-1230_v5_firmwarecore_i5-6500t_firmwareceleron_g5920core_i3-7100h_firmwarecore_i7-8565ucore_i7-8670core_4205uxeon_e3-1578l_v5core_3965ucore_i5-8400_firmwarexeon_e-2104g_firmwarexeon_e-2234_firmwarecore_i7-7700kcore_i7-8510ycore_i7-10870hceleron_g3900t_firmwarecore_i7-10510ucore_i3-7320tcore_i3-6300t_firmwarecore_i3-10100fxeon_w-1290ppentium_gold_g5500core_i7-7920hq_firmwareceleron_5305u_firmwareceleron_g4900_firmwareceleron_g3940core_i5-8310ycore_i3-10300_firmwarecore_i5-6440hqcore_i7-9750hf_firmwarexeon_e-2324gcore_i7-6870hq_firmwarecore_i3-6100ecore_i5-7200uxeon_e3-1270_v5core_i3-8000t_firmwarecore_i5-8265u_firmwarecore_i7-6970hq_firmwarepentium_g4520t_firmwarexeon_e-2186m_firmwarecore_i7-6820hqcore_i5-10210ucore_i3-8000_firmwarexeon_e-2234pentium_gold_g5400t_firmwarecore_i5-10500core_i7-7740x_firmwarecore_i5-8400bpentium_gold_g6405tceleron_g5900tcore_i7-8850hcore_i3-7100hcore_i9-8950hk_firmwarecore_i5-8400h_firmwarecore_i5-11600_firmwarexeon_e3-1240_v6_firmwarecore_i5-10400t_firmwarecore_i5-6350hq_firmwarecore_i3-10100_firmwarecore_i9-8950hkxeon_e3-1230_v6core_i9-10900tecore_i5-11600kxeon_e3-1501l_v6xeon_e-2378core_i5-10600tcore_i5-10600kf_firmwarecore_i7-7700k_firmwarecore_i5-7640xcore_i5-7500uxeon_w-1290_firmwarexeon_e-2386g_firmwarexeon_e-2176m_firmwarecore_i5-9400hcore_i9-10900e_firmwarexeon_e-2278g_firmwarexeon_e3-1240_v6celeron_g5205u_firmwarexeon_e3-1230_v5xeon_e3-1240_v5_firmwarepentium_gold_g6505tcore_i7-7660uxeon_e3-1275_v5_firmwarexeon_e-2278gel_firmwarecore_i3-6320tcore_i7-7700hqcore_i7-6820hq_firmwarexeon_e-2236_firmwarexeon_e-2244g_firmwarepentium_gold_g6500tcore_i3-10100t_firmwarecore_i7-10700f_firmwarecore_m3-7y30core_i5-8269u_firmwarecore_i3-6100t_firmwarecore_i3-10105xeon_e3-1505l_v6_firmwarexeon_e3-1285_v6pentium_g4400te_firmwareceleron_g4900tceleron_g3900tcore_i5-11400tcore_i7-11700kcore_i9-10900kf_firmwarecore_i7-8550uxeon_e-2276mlxeon_e3-1225_v5_firmwarecore_i7-10810u_firmwarexeon_e3-1245_v6_firmwarexeon_w-1350_firmwarecore_i3-7101e_firmwarecore_i9-9880h_firmwarexeon_e3-1270_v6core_i7-6700hqxeon_e3-1545m_v5core_i5-6500_firmwarecore_i3-7102e_firmwarexeon_e3-1515m_v5_firmwarecore_i3-8300pentium_gold_g6400t_firmwarexeon_e-2334_firmwarexeon_e-2276me_firmwarepentium_g4520tcore_i7-10700kfcore_i5-8400tcore_i5-6440hq_firmwarecore_i5-7500tceleron_g5905xeon_w-1370p_firmwarecore_i5-11600kf_firmwarexeon_e-2136_firmwarexeon_w-1270_firmwarexeon_e-2276mecore_i5-7y54core_i5-7400core_i3-6100te_firmwarecore_i7-8700b_firmwarecore_i5-9400f_firmwarexeon_e-2356g_firmwarecore_i7-8706g_firmwarecore_i3-10305t_firmwarecore_i5-7287uxeon_w-10855m_firmwarexeon_e-2146g_firmwarecore_i7-7660u_firmwarecore_i9-10850k_firmwarecore_i7-7920hqcore_i7-10700core_i5-6600_firmwarexeon_e-2126g_firmwarexeon_w-1350p_firmwarecore_i7-10610u_firmwareceleron_g4920_firmwareceleron_g3920_firmwarecore_i3-7020ucore_i5-11600k_firmwarecore_i3-8145u_firmwarecore_i5-8600k_firmwarexeon_e-2136xeon_w-1270pxeon_e-2378_firmwarecore_i3-8145ucore_i5-10400core_i3-7020u_firmwarecore_i7-7567uxeon_w-1250pcore_i7-8700kcore_i3-7130u_firmwarecore_i7-10870h_firmwarepentium_g4500t_firmwarecore_i7-7820eqcore_i3-6120tcore_i7-7820hqcore_i7-9700kceleron_g4920core_i7-11700kf_firmwarepentium_gold_g6405_firmwarepentium_g4420core_i7-6920hq_firmwarecore_i3-8109ucore_5405ucore_i5-8420tpentium_g4540core_i5-8200y_firmwarexeon_e-2144g_firmwarecore_i7-10700te_firmwarecore_i7-10700exeon_e3-1585l_v5core_i5-8350uceleron_g5305uxeon_e3-1275_v5core_i7-8750h_firmwarecore_i3-10100teceleron_g5205uxeon_e3-1558l_v5_firmwarepentium_gold_g5420t_firmwarecore_i5-10210u_firmwarexeon_e-2388gxeon_e-2226gcore_i5-7y57core_i7-6700teceleron_g5905tcore_i3-10100te_firmwarecore_i3-6120t_firmwarecore_i5-7260uxeon_e-2278gcore_i5-10600k_firmwarecore_i9-10900ecore_i5-8259u_firmwarexeon_e-2124core_i5-8250ucore_i5-8600xeon_e-2186g_firmwarepentium_g4540_firmwarecore_m3-8100y_firmwarecore_3965u_firmwarecore_i5-10500tecore_i7-6700_firmwarecore_i7-8559u_firmwarecore_i5-7500_firmwarecore_4205u_firmwarecore_i7-7500u_firmwarecore_i5-10210y_firmwarecore_i7-8700k_firmwarexeon_e-2184g_firmwarecore_i3-6100tecore_i3-8000core_i7-11700core_i5-11500celeron_g3900tecore_i7-8700bpentium_g4400t_firmwarecore_i5-10500tcore_i5-10600xeon_e3-1240l_v5_firmwarecore_i5-10500_firmwarexeon_e3-1501l_v6_firmwarexeon_e3-1260l_v5core_i5-10310ycore_i5-10310y_firmwarepentium_gold_g6500t_firmwarecore_i5-8259ucore_i5-11500t_firmwarexeon_e-2388g_firmwarepentium_gold_g6405ucore_i7-10700kxeon_e-2336xeon_e3-1575m_v5_firmwarexeon_e3-1225_v5core_i3-8109u_firmwarexeon_e-2186mxeon_e3-1558l_v5core_i5-11600t_firmwarecore_i9-9880hcore_i7-8705g_firmwarexeon_e-2286mcore_i5-7442eqxeon_w-1300core_i5-6400_firmwarecore_i3-8130ucore_i5-7500u_firmwarecore_i3-7167ucore_i3-8300tcore_i3-7340core_i5-11600tcore_i7-8650ucore_i5-10200hxeon_e3-1268l_v5xeon_e-2284gcore_i7-8705gcore_i9-9900kcore_i5-10400fxeon_e-2324g_firmwarecore_i7-7600uxeon_e-2278ge_firmwarecore_i3-7100epentium_gold_g6400_firmwarexeon_w-10855core_i5-9400_firmwarecore_i7-7510u_firmwarexeon_e3-1535m_v6core_i3-7101exeon_w-10885m_firmwarexeon_e-2276m_firmwarecore_i5-8400t_firmwarecore_i5-8400hxeon_e-2286m_firmwarexeon_e3-1245_v5core_i3-7120xeon_e3-1501m_v6_firmwarecore_i7-9750hfxeon_e-2176g_firmwarecore_i7-7820hkcore_i5-9300h_firmwarexeon_e-2254mlcore_i5-8305gcore_i3-6100celeron_g5900xeon_w-1390celeron_g3930tecore_i7-11700t_firmwarecore_i5-7400tcore_i5-11600core_i7-8750hcore_i3-6100tcore_i7-11700fcore_i7-8665ucore_i3-10305tcore_i5-7210u_firmwarexeon_e3-1275_v6_firmwarecore_i5-8300hxeon_w-1370_firmwarecore_i3-7101te_firmwarecore_i5-7440eq_firmwarecore_i5-8420core_i5-7360u_firmwarecore_i3-8350kcore_i5-10600kcore_i7-10850hcore_i3-7120tcore_i3-8120_firmwarecore_i7-8560u_firmwarecore_i5-10500te_firmwarecore_i3-8020_firmwarexeon_w-1290e_firmwarecore_i5-7y54_firmwarecore_i3-10300t_firmwarexeon_e3-1280_v6_firmwarexeon_w-1390p_firmwarecore_i5-8550core_i3-10100f_firmwarecore_i9-10900f_firmwarecore_m3-8100ycore_i5-7267ucore_i5-8600kcore_i3-7100ucore_i5-6442eqcore_i7-8700tcore_i7-6700k_firmwarecore_i5-7260u_firmwarecore_i7-11700txeon_e3-1245_v5_firmwarecore_i5-7300u_firmwarecore_i7-8700t_firmwarecore_i7-10700e_firmwarecore_i5-6500te_firmwarecore_i3-7120t_firmwarecore_i5-8600t_firmwarecore_i7-6700kcore_i7-6970hqcore_i3-7340_firmwarecore_i7-6822eqcore_i5-8500xeon_e-2184gcore_i9-11900tcore_i5-9400h_firmwarecore_i5-8210ycore_i5-10400f_firmwarepentium_g4420_firmwarecore_i7-8565u_firmwarecore_i7-8569ucore_i5-11400t_firmwarecore_i7-10700t_firmwarecore_i7-7700txeon_e3-1240_v5xeon_e-2336_firmwarexeon_w-1290tceleron_g3930te_firmwarecore_i7-8809gcore_i5-8500tcore_i3-10105_firmwarecore_i7-8650u_firmwarexeon_e3-1501m_v6core_i5-6400t_firmwarecore_i3-6300_firmwarecore_i7-10850h_firmwarexeon_e3-1535m_v5_firmwarexeon_e-2314core_i3-7110ucore_i5-6400tcore_i3-10305pentium_g4400tecore_i3-6100h_firmwarecore_i7-8700_firmwarexeon_w-1390pcore_i3-8300_firmwarecore_i5-8650_firmwareceleron_g3920tcore_i5-10505core_i7-6700core_i7-6820eqcore_i7-6920hqpentium_g4400tcore_i7-6820hkcore_i7-7560u_firmwarecore_i5-7600kpentium_g4400core_m3-7y30_firmwarecore_i7-10710ucore_i5-10210ycore_i5-10300hcore_i5-8350u_firmwarexeon_e-2276g_firmwarecore_i3-8020celeron_g5920_firmwareceleron_g3930e_firmwarexeon_e-2224pentium_gold_g6500xeon_e-2124_firmwareceleron_5305ucore_i7-11700f_firmwarexeon_w-1250_firmwarecore_i5-7500t_firmwarecore_i9-10900fceleron_g4900xeon_e-2278gelxeon_e3-1245_v6xeon_e-2378gcore_i3-8100tcore_i5-10200h_firmwarecore_i3-6100_firmwarecore_4410ycore_i9-10980hk_firmwarecore_i7-8670tcore_i5-10400_firmwarecore_i5-6600k_firmwarecore_i7-6700hq_firmwarexeon_e-2104gcore_i3-7102epentium_gold_g6505t_firmwarexeon_e3-1268l_v5_firmwarecore_4415y_firmwarexeon_e-2276gceleron_g5305u_firmwareceleron_g3900_firmwarecore_i7-10700fcore_i5-9600k_firmwarecore_i9-10900k_firmwarecore_i7-8750hf_firmwareIntel(R) Processors
CWE ID-CWE-20
Improper Input Validation
CVE-2022-21136
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 10.92%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:35
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_gold_5215xeon_silver_4109txeon_bronze_3106_firmwarecore_i9-7900xxeon_bronze_3106xeon_platinum_8260ycore_i9-7920xxeon_d-2173it_firmwarexeon_d-2145nt_firmwarexeon_platinum_8153xeon_silver_4108_firmwarecore_i9-7960x_firmwarexeon_platinum_8260y_firmwarexeon_gold_5218txeon_gold_6126_firmwarexeon_platinum_8280_firmwarexeon_gold_5218nxeon_d-2163it_firmwarexeon_silver_4209t_firmwarexeon_gold_6250lxeon_gold_6209uxeon_bronze_3104_firmwarexeon_platinum_8253xeon_d-2146nt_firmwarexeon_gold_6252nxeon_silver_4214yxeon_platinum_8156xeon_gold_6142fxeon_d-2177ntxeon_platinum_8158xeon_platinum_8270_firmwarexeon_gold_6230txeon_silver_4210rxeon_platinum_8280xeon_platinum_8180_firmwarexeon_gold_6238l_firmwarexeon_gold_5220t_firmwarexeon_gold_6252xeon_gold_5220rxeon_gold_6246xeon_gold_6226r_firmwarexeon_silver_4214rxeon_silver_4116_firmwarexeon_silver_4210r_firmwarexeon_gold_6256_firmwarexeon_gold_5122_firmwarexeon_platinum_9221xeon_gold_6230rxeon_d-2142itxeon_platinum_9222_firmwarexeon_gold_6132_firmwarexeon_d-2187ntxeon_silver_4116txeon_silver_4208xeon_gold_6150_firmwarexeon_gold_6210u_firmwarexeon_gold_6126txeon_silver_4116xeon_silver_4210t_firmwarexeon_gold_5218t_firmwarexeon_silver_4112xeon_gold_6140xeon_platinum_8160fxeon_platinum_8164xeon_platinum_8176fxeon_gold_5215lxeon_gold_5115_firmwarexeon_platinum_8168xeon_gold_6154_firmwarexeon_platinum_8168_firmwarexeon_gold_6126f_firmwarexeon_platinum_8253_firmwarexeon_gold_5120xeon_gold_6238xeon_gold_6240lxeon_gold_6248xeon_gold_6258rxeon_d-2145ntxeon_platinum_8176f_firmwarexeon_gold_6130fxeon_gold_6240l_firmwarexeon_platinum_8256xeon_platinum_9282xeon_d-2173itxeon_d-2161ixeon_d-2163itxeon_silver_4215_firmwarexeon_platinum_8160_firmwarexeon_gold_6254_firmwarexeon_gold_5220_firmwarexeon_d-2123itxeon_platinum_8160txeon_gold_6252_firmwarexeon_gold_6142xeon_gold_6230n_firmwarexeon_bronze_3206rxeon_silver_4208_firmwarexeon_gold_6148xeon_gold_6140_firmwarexeon_gold_6240xeon_d-2161i_firmwarexeon_gold_5220xeon_gold_6126fxeon_platinum_8256_firmwarexeon_gold_6144xeon_platinum_8160f_firmwarexeon_platinum_8170_firmwarexeon_gold_5218r_firmwarexeon_platinum_8176_firmwarexeon_platinum_8268xeon_gold_5118xeon_silver_4114txeon_gold_6240rxeon_silver_4214y_firmwarexeon_gold_6238_firmwarexeon_d-2143itxeon_silver_4209txeon_gold_6152_firmwarexeon_gold_6134_firmwarexeon_silver_4215rxeon_gold_6212ucore_i9-7980xe_firmwarexeon_silver_4215xeon_d-2177nt_firmwarexeon_gold_6230nxeon_gold_6126t_firmwarexeon_gold_6138pxeon_platinum_8160xeon_platinum_8280l_firmwarexeon_gold_5119txeon_gold_6148fxeon_gold_6208uxeon_gold_6130f_firmwarexeon_gold_6242_firmwarexeon_gold_6230r_firmwarexeon_gold_6242xeon_d-2142it_firmwarexeon_gold_6246_firmwarexeon_silver_4112_firmwarexeon_platinum_8260_firmwarexeon_gold_6230t_firmwarexeon_gold_6250_firmwarexeon_gold_5218_firmwarexeon_gold_6130xeon_platinum_8158_firmwarexeon_silver_4210txeon_gold_6244_firmwarexeon_gold_6138t_firmwarexeon_gold_6138_firmwarexeon_gold_6136xeon_platinum_8276_firmwarexeon_platinum_8276xeon_gold_6240_firmwarecore_i9-7960xxeon_gold_5220txeon_gold_6244xeon_gold_6242rxeon_platinum_9242_firmwarexeon_gold_6134xeon_gold_6226rxeon_gold_6258r_firmwarexeon_bronze_3204xeon_gold_6142_firmwarexeon_gold_6230_firmwarexeon_gold_5218b_firmwarexeon_gold_5218bxeon_gold_6248_firmwarexeon_d-2141ixeon_gold_6128xeon_gold_6146xeon_d-2141i_firmwarexeon_silver_4214r_firmwarexeon_silver_4108xeon_gold_6148f_firmwarexeon_gold_6254xeon_gold_5218rxeon_gold_6138p_firmwarexeon_gold_6240yxeon_platinum_8160t_firmwarexeon_gold_5218n_firmwarexeon_gold_6238lxeon_gold_6148_firmwarexeon_platinum_8156_firmwarexeon_gold_6246r_firmwarexeon_gold_6246rxeon_d-2183itxeon_d-2123it_firmwarexeon_gold_6130t_firmwarexeon_gold_6234_firmwarexeon_silver_4114_firmwarecore_i9-7940x_firmwarexeon_gold_6126core_i9-7940xcore_i9-7900x_firmwarexeon_gold_5220r_firmwarexeon_gold_5222xeon_gold_6256xeon_platinum_8260l_firmwarexeon_gold_6248rxeon_silver_4214xeon_gold_6130txeon_platinum_9222xeon_d-2187nt_firmwarexeon_gold_5220sxeon_platinum_8260xeon_platinum_8280lxeon_gold_5118_firmwarexeon_gold_5120t_firmwarexeon_d-2146ntxeon_gold_6138f_firmwarexeon_gold_6128_firmwarexeon_silver_4114xeon_gold_5119t_firmwarexeon_gold_5222_firmwarexeon_platinum_9242xeon_silver_4216xeon_platinum_8180xeon_platinum_8276lxeon_gold_6138txeon_gold_6238txeon_platinum_9221_firmwarexeon_gold_6240r_firmwarexeon_gold_6138xeon_gold_6212u_firmwarexeon_gold_6208u_firmwarexeon_gold_6146_firmwarexeon_gold_6138fcore_i9-7920x_firmwarexeon_gold_6209u_firmwarexeon_platinum_9282_firmwarexeon_gold_5120_firmwarexeon_platinum_8276l_firmwarexeon_gold_6250xeon_platinum_8260lxeon_platinum_8270xeon_gold_6248r_firmwarexeon_gold_6262v_firmwarexeon_gold_6226xeon_gold_6132xeon_silver_4214_firmwarexeon_platinum_8268_firmwarexeon_d-2166ntxeon_gold_6226_firmwarexeon_silver_4210xeon_gold_6250l_firmwarexeon_gold_6234xeon_gold_6142f_firmwarexeon_gold_6130_firmwarexeon_silver_4114t_firmwarexeon_gold_6136_firmwarexeon_gold_6252n_firmwarexeon_gold_6262vxeon_gold_6240y_firmwarexeon_gold_5215_firmwarexeon_gold_5220s_firmwarexeon_d-2143it_firmwarexeon_gold_6144_firmwarexeon_silver_4116t_firmwarexeon_silver_4210_firmwarexeon_gold_5218xeon_gold_6238rxeon_silver_4110_firmwarexeon_bronze_3204_firmwarexeon_silver_4109t_firmwarexeon_platinum_8170xeon_gold_6222v_firmwarexeon_gold_6154xeon_silver_4110xeon_bronze_3206r_firmwarexeon_gold_6238r_firmwarexeon_platinum_8176xeon_d-2166nt_firmwarexeon_silver_4215r_firmwarexeon_platinum_8164_firmwarexeon_bronze_3104xeon_gold_6242r_firmwarexeon_gold_6152xeon_gold_5217xeon_d-2183it_firmwarexeon_platinum_8153_firmwarexeon_gold_5120txeon_gold_6150core_i9-7980xexeon_gold_6210uxeon_gold_6222vxeon_silver_4216_firmwarexeon_gold_5115xeon_gold_5122xeon_gold_5215l_firmwarexeon_gold_6238t_firmwarexeon_gold_5217_firmwarexeon_gold_6230Intel(R) Xeon(R) Processors
CWE ID-CWE-20
Improper Input Validation
CVE-2022-20355
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.05%
||
7 Day CHG~0.00%
Published-09 Aug, 2022 | 20:23
Updated-03 Aug, 2024 | 02:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In get of PacProxyService.java, there is a possible system service crash due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-219498290

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2022-20129
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 1.99%
||
7 Day CHG~0.00%
Published-15 Jun, 2022 | 13:00
Updated-03 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In registerPhoneAccount of PhoneAccountRegistrar.java, there is a possible way to prevent the user from selecting a phone account due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-217934478

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2023-4753
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-3.9||LOW
EPSS-0.02% / 4.71%
||
7 Day CHG~0.00%
Published-21 Sep, 2023 | 09:16
Updated-09 Sep, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenHarmony v3.2.1 and prior version has a system call function usage error

OpenHarmony v3.2.1 and prior version has a system call function usage error. Local attackers can crash kernel by the error input.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-20
Improper Input Validation
CVE-2023-45167
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.01% / 1.65%
||
7 Day CHG~0.00%
Published-10 Nov, 2023 | 03:52
Updated-03 Sep, 2024 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM AIX denial of service

IBM AIX's 7.3 Python implementation could allow a non-privileged local user to exploit a vulnerability to cause a denial of service. IBM X-Force ID: 267965.

Action-Not Available
Vendor-IBM Corporation
Product-aixviosAIX
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-20
Improper Input Validation
CVE-2023-45165
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.02% / 4.95%
||
7 Day CHG~0.00%
Published-22 Dec, 2023 | 15:51
Updated-17 Apr, 2025 | 20:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM AIX denial of service

IBM AIX 7.2 and 7.3 could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. IBM X-Force ID: 267963.

Action-Not Available
Vendor-IBM Corporation
Product-aixAIX
CWE ID-CWE-20
Improper Input Validation
CVE-2023-45171
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.02% / 4.95%
||
7 Day CHG~0.00%
Published-11 Jan, 2024 | 02:07
Updated-17 Jun, 2025 | 21:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM AIX denial of service

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to cause a denial of service. IBM X-Force ID: 267969.

Action-Not Available
Vendor-IBM Corporation
Product-aixviosAIX
CWE ID-CWE-20
Improper Input Validation
CVE-2023-45175
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.02% / 2.75%
||
7 Day CHG~0.00%
Published-11 Jan, 2024 | 01:57
Updated-17 Jun, 2025 | 21:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM AIX denial of service

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extension to cause a denial of service. IBM X-Force ID: 267973.

Action-Not Available
Vendor-IBM Corporation
Product-aixviosAIX
CWE ID-CWE-20
Improper Input Validation
CVE-2023-45172
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.02% / 2.24%
||
7 Day CHG~0.00%
Published-19 Dec, 2023 | 22:12
Updated-02 Aug, 2024 | 20:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM AIX denial of service

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in AIX windows to cause a denial of service. IBM X-Force ID: 267970.

Action-Not Available
Vendor-IBM Corporation
Product-aixviosAIX
CWE ID-CWE-20
Improper Input Validation
CVE-2017-10674
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.26%
||
7 Day CHG~0.00%
Published-30 Jun, 2017 | 13:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Antiy Antivirus Engine 5.0.0.06281654 allows local users to cause a denial of service (BSOD) via a long third argument in a DeviceIoControl call.

Action-Not Available
Vendor-antiyn/a
Product-antivirus_enginen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2023-42012
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.02% / 3.48%
||
7 Day CHG~0.00%
Published-19 Dec, 2023 | 23:49
Updated-02 Aug, 2024 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM UrbanCode Deploy denial of service

An IBM UrbanCode Deploy Agent 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts. IBM X-Force ID: 265509.

Action-Not Available
Vendor-IBM Corporation
Product-urbancode_deployUrbanCode Deploy
CWE ID-CWE-20
Improper Input Validation
CVE-2021-37692
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.45%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 23:00
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Segfault on strings tensors with mistmatched dimensions in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions under certain conditions, Go code can trigger a segfault in string deallocation. For string tensors, `C.TF_TString_Dealloc` is called during garbage collection within a finalizer function. However, tensor structure isn't checked until encoding to avoid a performance penalty. The current method for dealloc assumes that encoding succeeded, but segfaults when a string tensor is garbage collected whose encoding failed (e.g., due to mismatched dimensions). To fix this, the call to set the finalizer function is deferred until `NewTensor` returns and, if encoding failed for a string tensor, deallocs are determined based on bytes written. We have patched the issue in GitHub commit 8721ba96e5760c229217b594f6d2ba332beedf22. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, which is the other affected version.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-20
Improper Input Validation
CVE-2021-37677
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 0.42%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 22:35
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing validation in shape inference for `Dequantize` in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the shape inference code for `tf.raw_ops.Dequantize` has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inference [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/ops/array_ops.cc#L2999-L3014) uses `axis` to select between two different values for `minmax_rank` which is then used to retrieve tensor dimensions. However, code assumes that `axis` can be either `-1` or a value greater than `-1`, with no validation for the other values. We have patched the issue in GitHub commit da857cfa0fde8f79ad0afdbc94e88b5d4bbec764. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2021-37673
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 1.06%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 22:55
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`CHECK`-fail in `MapStage` in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.MapStage`. The [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/map_stage_op.cc#L513) does not check that the `key` input is a valid non-empty tensor. We have patched the issue in GitHub commit d7de67733925de196ec8863a33445b73f9562d1d. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-20
Improper Input Validation
CVE-2021-37674
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.45%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 22:40
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incomplete validation in `MaxPoolGrad` in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a denial of service via a segmentation fault in `tf.raw_ops.MaxPoolGrad` caused by missing validation. The [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/maxpooling_op.cc) misses some validation for the `orig_input` and `orig_output` tensors. The fixes for CVE-2021-29579 were incomplete. We have patched the issue in GitHub commit 136b51f10903e044308cf77117c0ed9871350475. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2017-0318
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.31%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 23:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

All versions of NVIDIA Linux GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper validation of an input parameter may cause a denial of service on the system.

Action-Not Available
Vendor-Oracle CorporationNVIDIA CorporationFreeBSD FoundationMicrosoft Corporation
Product-freebsdgpu_driversolariswindowsLinux GPU Display Driver
CWE ID-CWE-20
Improper Input Validation
CVE-2025-27242
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-3.3||LOW
EPSS-0.03% / 6.54%
||
7 Day CHG~0.00%
Published-08 Jun, 2025 | 11:47
Updated-09 Jun, 2025 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ssecurity_component_manager has an improper input vulnerability

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-20
Improper Input Validation
CVE-2017-0355
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.31%
||
7 Day CHG~0.00%
Published-09 May, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgkDdiEscape where it may access paged memory while holding a spinlock, leading to a denial of service.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-gpu_driverwindowsGPU Display Driver
CWE ID-CWE-20
Improper Input Validation
CVE-2025-27131
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-6.1||MEDIUM
EPSS-0.03% / 6.54%
||
7 Day CHG~0.00%
Published-08 Jun, 2025 | 11:46
Updated-09 Jun, 2025 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
kernel_liteos_m has an improper input vulnerability

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-20
Improper Input Validation
CVE-2016-9191
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-28 Nov, 2016 | 03:01
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application, as demonstrated by trinity.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-8944
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.54%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM AIX 7.1 and 7.2 allows a local user to open a file with a specially crafted argument that would crash the system. IBM APARs: IV91488, IV91487, IV91456, IV90234.

Action-Not Available
Vendor-IBM Corporation
Product-aixAIX
CWE ID-CWE-20
Improper Input Validation
CVE-2016-9385
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.10% / 29.07%
||
7 Day CHG~0.00%
Published-23 Jan, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks.

Action-Not Available
Vendor-n/aXen ProjectCitrix (Cloud Software Group, Inc.)
Product-xenxenservern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-8650
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.96%
||
7 Day CHG~0.00%
Published-28 Nov, 2016 | 03:01
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-10054
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.93%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:31
Updated-04 Aug, 2024 | 10:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application does not properly handle the import of large configuration files. A local attacker could import a specially crafted file which could lead to a denial-of-service condition of the application service.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rtls_locating_managerSIMATIC RTLS Locating Manager
CWE ID-CWE-20
Improper Input Validation
CVE-2016-7795
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.16% / 37.37%
||
7 Day CHG~0.00%
Published-13 Oct, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.

Action-Not Available
Vendor-systemd_projectn/aCanonical Ltd.
Product-systemdubuntu_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-7796
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.39% / 58.94%
||
7 Day CHG~0.00%
Published-13 Oct, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.

Action-Not Available
Vendor-systemd_projectn/aRed Hat, Inc.Novell
Product-enterprise_linux_serverenterprise_linux_hpc_nodeenterprise_linux_desktopsuse_linux_enterprise_serversystemdenterprise_linux_workstationsuse_linux_enterprise_desktopsuse_linux_enterprise_software_development_kitsuse_linux_enterprise_server_for_sapn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-6197
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 9.56%
||
7 Day CHG~0.00%
Published-06 Aug, 2016 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.

Action-Not Available
Vendor-n/aOracle CorporationLinux Kernel Organization, Inc
Product-linux_kernellinuxvm_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-6247
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.23%
||
7 Day CHG~0.00%
Published-07 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist.

Action-Not Available
Vendor-n/aOpenBSD
Product-openbsdn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-6243
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.23%
||
7 Day CHG~0.00%
Published-07 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call.

Action-Not Available
Vendor-n/aOpenBSD
Product-openbsdn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-6259
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.19% / 41.59%
||
7 Day CHG~0.00%
Published-02 Aug, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.

Action-Not Available
Vendor-n/aXen ProjectCitrix (Cloud Software Group, Inc.)
Product-xenserverxenn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-6246
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 13.46%
||
7 Day CHG~0.00%
Published-07 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node.

Action-Not Available
Vendor-n/aOpenBSD
Product-openbsdn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-4961
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.72%
||
7 Day CHG~0.00%
Published-08 Nov, 2016 | 20:37
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.

Action-Not Available
Vendor-n/aNVIDIA Corporation
Product-geforce_gtx_965mquadro_m600mgeforce_gt_710quadro_k420geforce_945mquadro_m2000mquadro_m500mquadro_m6000quadro_m1000mgeforce_930mquadro_m5000mquadro_p5000geforce_gtx_950mnvs_315geforce_gt_730geforce_gtx_960mquadro_m4000mquadro_m4000quadro_m3000mgeforce_gtx_1060geforce_930mxgeforce_940mgeforce_experiencegeforce_gtx_1050nvs_510quadro_k620quadro_k1200quadro_m2000geforce_920mxquadro_p6000geforce_920mgeforce_910mnvs_810quadro_m5500quadro_m5000titan_xgeforce_940mxgeforce_gtx_1070geforce_gtx_1080nvs_310Quadro, NVS, GeForce (all versions)
CWE ID-CWE-20
Improper Input Validation
CVE-2016-6239
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.13% / 33.09%
||
7 Day CHG~0.00%
Published-07 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mmap extension __MAP_NOFAULT in OpenBSD 5.8 and 5.9 allows attackers to cause a denial of service (kernel panic and crash) via a large size value.

Action-Not Available
Vendor-n/aOpenBSD
Product-openbsdn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-8507
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 18.62%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 17:33
Updated-04 Aug, 2024 | 21:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.4. Processing malicious data may lead to unexpected application termination.

Action-Not Available
Vendor-Apple Inc.
Product-mac_os_xmacOS
CWE ID-CWE-20
Improper Input Validation
CVE-2023-31366
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-3.3||LOW
EPSS-0.04% / 9.96%
||
7 Day CHG~0.00%
Published-13 Aug, 2024 | 16:57
Updated-12 Dec, 2024 | 01:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-uprofμProf Tool
CWE ID-CWE-20
Improper Input Validation
CVE-2013-1029
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.50% / 64.76%
||
7 Day CHG~0.00%
Published-16 Sep, 2013 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kernel in Apple Mac OS X before 10.8.5 allows remote attackers to cause a denial of service (panic) via crafted IGMP packets that leverage incorrect, extraneous code in the IGMP parser.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-6647
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 13.44%
||
7 Day CHG~0.00%
Published-26 May, 2014 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The futex_wait_requeue_pi function in kernel/futex.c in the Linux kernel before 3.5.1 does not ensure that calls have two different futex addresses, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted FUTEX_WAIT_REQUEUE_PI command.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found