Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-17397

Summary
Assigner-zdi
Assigner Org ID-99f1926a-a320-47d8-bbb5-42feb611262e
Published At-25 Aug, 2020 | 20:20
Updated At-04 Aug, 2024 | 13:53
Rejected At-
Credits

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the handling of network packets. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-11253.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:zdi
Assigner Org ID:99f1926a-a320-47d8-bbb5-42feb611262e
Published At:25 Aug, 2020 | 20:20
Updated At:04 Aug, 2024 | 13:53
Rejected At:
▼CVE Numbering Authority (CNA)

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the handling of network packets. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-11253.

Affected Products
Vendor
Parallels International GmbhParallels
Product
Desktop
Versions
Affected
  • 15.1.4
Problem Types
TypeCWE IDDescription
CWECWE-119CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
Type: CWE
CWE ID: CWE-119
Description: CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
Metrics
VersionBase scoreBase severityVector
3.07.5HIGH
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
ziming zhang from Codesafe Team of Legendsec at Qi'anxin Group
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kb.parallels.com/en/125013
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-20-1015/
x_refsource_MISC
Hyperlink: https://kb.parallels.com/en/125013
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-20-1015/
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kb.parallels.com/en/125013
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-20-1015/
x_refsource_MISC
x_transferred
Hyperlink: https://kb.parallels.com/en/125013
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-20-1015/
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:zdi-disclosures@trendmicro.com
Published At:25 Aug, 2020 | 21:15
Updated At:31 Aug, 2020 | 15:33

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the handling of network packets. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-11253.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.2HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Secondary3.07.5HIGH
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Type: Secondary
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Parallels International Gmbh
parallels
>>parallels_desktop>>Versions before 16.0.0(exclusive)
cpe:2.3:a:parallels:parallels_desktop:*:*:*:*:*:macos:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primaryzdi-disclosures@trendmicro.com
CWE ID: CWE-119
Type: Primary
Source: zdi-disclosures@trendmicro.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://kb.parallels.com/en/125013zdi-disclosures@trendmicro.com
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-20-1015/zdi-disclosures@trendmicro.com
Third Party Advisory
VDB Entry
Hyperlink: https://kb.parallels.com/en/125013
Source: zdi-disclosures@trendmicro.com
Resource:
Vendor Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-20-1015/
Source: zdi-disclosures@trendmicro.com
Resource:
Third Party Advisory
VDB Entry

Change History

0
Information is not available yet

Similar CVEs

442Records found
CVE-2021-34856
Matching Score-10
Assigner-Zero Day Initiative
ShareView Details
Matching Score-10
Assigner-Zero Day Initiative
CVSS Score-8.2||HIGH
EPSS-0.18% / 39.33%
||
7 Day CHG~0.00%
Published-25 Oct, 2021 | 17:10
Updated-04 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the virtio-gpu virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13581.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-27327
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-7.5||HIGH
EPSS-0.04% / 12.31%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:55
Updated-06 Aug, 2025 | 21:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. Was ZDI-CAN-18964.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktopparallels_desktop
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2020-17390
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-3.8||LOW
EPSS-0.08% / 25.14%
||
7 Day CHG~0.00%
Published-25 Aug, 2020 | 20:20
Updated-04 Aug, 2024 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the hypervisor kernel extension. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-10030.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-17392
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.10% / 28.19%
||
7 Day CHG~0.00%
Published-25 Aug, 2020 | 20:20
Updated-04 Aug, 2024 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handler for HOST_IOCTL_SET_KERNEL_SYMBOLS in the prl_hypervisor kext. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. Was ZDI-CAN-10519.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-822
Untrusted Pointer Dereference
CVE-2020-17400
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.10% / 28.19%
||
7 Day CHG~0.00%
Published-25 Aug, 2020 | 20:20
Updated-04 Aug, 2024 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prl_hypervisor kext. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-11304.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2020-17396
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.10% / 28.19%
||
7 Day CHG~0.00%
Published-25 Aug, 2020 | 20:20
Updated-04 Aug, 2024 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prl_hypervisor module. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. Was ZDI-CAN-11217.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-17399
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.10% / 28.19%
||
7 Day CHG~0.00%
Published-25 Aug, 2020 | 20:20
Updated-04 Aug, 2024 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prl_hypervisor kext. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. Was ZDI-CAN-11303.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2020-17395
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-7.5||HIGH
EPSS-0.11% / 29.75%
||
7 Day CHG~0.00%
Published-25 Aug, 2020 | 20:20
Updated-04 Aug, 2024 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the prl_naptd process. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-11134.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2021-27243
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.09% / 27.04%
||
7 Day CHG~0.00%
Published-29 Mar, 2021 | 21:05
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-11924.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-34864
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.10% / 27.88%
||
7 Day CHG~0.00%
Published-25 Oct, 2021 | 17:10
Updated-04 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the WinAppHelper component. The issue results from the lack of proper access control. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13543.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-284
Improper Access Control
CVE-2021-34867
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-7.5||HIGH
EPSS-0.07% / 21.61%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 15:30
Updated-04 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in an uncontrolled memory allocation. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13672.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallelsDesktop
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CVE-2021-34987
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.2||HIGH
EPSS-0.24% / 46.22%
||
7 Day CHG~0.00%
Published-15 Jul, 2022 | 19:05
Updated-04 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.1 (49187). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the HDAudio virtual device. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-14969.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-31422
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-7.5||HIGH
EPSS-0.08% / 25.24%
||
7 Day CHG~0.00%
Published-29 Apr, 2021 | 16:31
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the e1000e virtual device. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-12527.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE ID-CWE-667
Improper Locking
CVE-2020-8874
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-7.5||HIGH
EPSS-0.12% / 32.29%
||
7 Day CHG~0.00%
Published-23 Mar, 2020 | 17:30
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the xHCI component. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-10032.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-8871
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.2||HIGH
EPSS-0.12% / 32.29%
||
7 Day CHG~0.00%
Published-23 Mar, 2020 | 17:30
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.0-47107 . An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the VGA virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-9403.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-34857
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.2||HIGH
EPSS-0.07% / 23.11%
||
7 Day CHG~0.00%
Published-25 Oct, 2021 | 17:10
Updated-04 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13601.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-31420
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.10% / 28.19%
||
7 Day CHG~0.00%
Published-29 Apr, 2021 | 16:31
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.0-48950. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-12220.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-31429
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.2||HIGH
EPSS-0.11% / 29.75%
||
7 Day CHG~0.00%
Published-29 Apr, 2021 | 16:31
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the IDE virtual device. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13187.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2022-34889
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.2||HIGH
EPSS-0.10% / 28.32%
||
7 Day CHG~0.00%
Published-15 Jul, 2022 | 20:10
Updated-03 Aug, 2024 | 09:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 17.1.1 (51537). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the ACPI virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-16554.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-31424
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.10% / 28.19%
||
7 Day CHG~0.00%
Published-29 Apr, 2021 | 16:31
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Open Tools Gate component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-12848.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2021-31428
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.2||HIGH
EPSS-0.11% / 29.75%
||
7 Day CHG~0.00%
Published-29 Apr, 2021 | 16:31
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the IDE virtual device. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13186.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2021-27278
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.2||HIGH
EPSS-0.05% / 15.85%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 17:50
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the current user on the host system. Was ZDI-CAN-12130.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-27242
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-0.19% / 41.35%
||
7 Day CHG~0.00%
Published-29 Mar, 2021 | 21:05
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-11926.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-8873
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-8.2||HIGH
EPSS-0.09% / 26.18%
||
7 Day CHG~0.00%
Published-23 Mar, 2020 | 17:30
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the xHCI component. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-10031.

Action-Not Available
Vendor-Parallels International Gmbh
Product-parallels_desktopDesktop
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-24420
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.40%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 21:45
Updated-17 Sep, 2024 | 00:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_m17_r4_firmwarealienware_x17_r1alienware_15_r3inspiron_3465latitude_3379_firmwareedge_gateway_3000alienware_m17_r3inspiron_15_5566vostro_3669edge_gateway_5100_firmwarewyse_7040_thin_client_firmwarevostro_3268_firmwareinspiron_3482_firmwarevostro_3660alienware_aurora_r8alienware_x15_r1_firmwarealienware_x15_r1embedded_box_pc_3000inspiron_3277wyse_7040_thin_clientvostro_14_5468_firmwarealienware_15_r3_firmwarealienware_15_r4vostro_3572_firmwareinspiron_3482alienware_m17_r4alienware_area_51m_r1_firmwarealienware_m17_r2inspiron_3510_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarealienware_aurora_r8_firmwarexps_8930vostro_3572vostro_3669_firmwarealienware_m15_r3_firmwarealienware_13_r3_firmwareinspiron_3782_firmwarealienware_m17_r3_firmwareedge_gateway_5000vostro_14_5468alienware_m15_r4vostro_3668_firmwareinspiron_3565_firmwareinspiron_3477alienware_13_r3vostro_3667inspiron_3510latitude_3379edge_gateway_3000_firmwareinspiron_3277_firmwarevostro_3660_firmwarevostro_15_5568_firmwarevostro_15_5568alienware_17_r5alienware_m15_r2_firmwareinspiron_15_3573_firmwarealienware_area_51m_r1inspiron_3782inspiron_3582alienware_17_r4_firmwarealienware_m15_r2inspiron_3565edge_gateway_5000_firmwarevostro_3582_firmwareinspiron_3582_firmwarealienware_m17_r2_firmwareinspiron_3465_firmwareinspiron_3502_firmwarevostro_3267edge_gateway_5100xps_8930_firmwareinspiron_3477_firmwarealienware_17_r4inspiron_15_3573inspiron_14_3473vostro_3268embedded_box_pc_5000_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarealienware_m15_r3inspiron_3502vostro_3267_firmwareinspiron_14_3473_firmwarealienware_15_r4_firmwarevostro_3582vostro_3667_firmwareinspiron_15_5566_firmwarealienware_area_51m_r2_firmwarealienware_17_r5_firmwarevostro_3668CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14568
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.63%
||
7 Day CHG~0.00%
Published-18 Sep, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x000000000297024c called from STDUXPSFile!DllUnregisterServer+0x0000000000025630."

Action-Not Available
Vendor-n/aSTDUtility
Product-stdu_viewern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-24416
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.11% / 29.99%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 21:45
Updated-16 Sep, 2024 | 17:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_m17_r4_firmwarealienware_x17_r1alienware_15_r3inspiron_3465latitude_3379_firmwareedge_gateway_3000alienware_m17_r3inspiron_15_5566vostro_3669edge_gateway_5100_firmwarewyse_7040_thin_client_firmwarevostro_3268_firmwareinspiron_3482_firmwarevostro_3660alienware_aurora_r8alienware_x15_r1_firmwarealienware_x15_r1embedded_box_pc_3000inspiron_3277wyse_7040_thin_clientvostro_14_5468_firmwarealienware_15_r3_firmwarealienware_15_r4vostro_3572_firmwareinspiron_3482alienware_m17_r4alienware_area_51m_r1_firmwarealienware_m17_r2inspiron_3510_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarealienware_aurora_r8_firmwarexps_8930vostro_3572vostro_3669_firmwarealienware_m15_r3_firmwarealienware_13_r3_firmwareinspiron_3782_firmwarealienware_m17_r3_firmwareedge_gateway_5000vostro_14_5468alienware_m15_r4vostro_3668_firmwareinspiron_3565_firmwareinspiron_3477alienware_13_r3vostro_3667inspiron_3510latitude_3379edge_gateway_3000_firmwareinspiron_3277_firmwarevostro_3660_firmwarevostro_15_5568_firmwarevostro_15_5568alienware_17_r5alienware_m15_r2_firmwareinspiron_15_3573_firmwarealienware_area_51m_r1inspiron_3782inspiron_3582alienware_17_r4_firmwarealienware_m15_r2inspiron_3565edge_gateway_5000_firmwarevostro_3582_firmwareinspiron_3582_firmwarealienware_m17_r2_firmwareinspiron_3465_firmwareinspiron_3502_firmwarevostro_3267edge_gateway_5100xps_8930_firmwareinspiron_3477_firmwarealienware_17_r4inspiron_15_3573inspiron_14_3473vostro_3268embedded_box_pc_5000_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarealienware_m15_r3inspiron_3502vostro_3267_firmwareinspiron_14_3473_firmwarealienware_15_r4_firmwarevostro_3582vostro_3667_firmwareinspiron_15_5566_firmwarealienware_area_51m_r2_firmwarealienware_17_r5_firmwarevostro_3668CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-5332
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.6||MEDIUM
EPSS-0.10% / 29.23%
||
7 Day CHG~0.00%
Published-27 Jul, 2019 | 21:38
Updated-07 Aug, 2024 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 2.6.37, an out of bounds array access happened in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4_register_vlan() or mlx4_register_mac(), and there is no free entry, the loop terminates without updating the local variable free thus causing out of array bounds access.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-24421
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.40%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 21:45
Updated-17 Sep, 2024 | 03:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_m17_r4_firmwarealienware_x17_r1alienware_15_r3inspiron_3465latitude_3379_firmwareedge_gateway_3000alienware_m17_r3inspiron_15_5566vostro_3669edge_gateway_5100_firmwarewyse_7040_thin_client_firmwarevostro_3268_firmwareinspiron_3482_firmwarevostro_3660alienware_aurora_r8alienware_x15_r1_firmwarealienware_x15_r1embedded_box_pc_3000inspiron_3277wyse_7040_thin_clientvostro_14_5468_firmwarealienware_15_r3_firmwarealienware_15_r4vostro_3572_firmwareinspiron_3482alienware_m17_r4alienware_area_51m_r1_firmwarealienware_m17_r2inspiron_3510_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarealienware_aurora_r8_firmwarexps_8930vostro_3572vostro_3669_firmwarealienware_m15_r3_firmwarealienware_13_r3_firmwareinspiron_3782_firmwarealienware_m17_r3_firmwareedge_gateway_5000vostro_14_5468alienware_m15_r4vostro_3668_firmwareinspiron_3565_firmwareinspiron_3477alienware_13_r3vostro_3667inspiron_3510latitude_3379edge_gateway_3000_firmwareinspiron_3277_firmwarevostro_3660_firmwarevostro_15_5568_firmwarevostro_15_5568alienware_17_r5alienware_m15_r2_firmwareinspiron_15_3573_firmwarealienware_area_51m_r1inspiron_3782inspiron_3582alienware_17_r4_firmwarealienware_m15_r2inspiron_3565edge_gateway_5000_firmwarevostro_3582_firmwareinspiron_3582_firmwarealienware_m17_r2_firmwareinspiron_3465_firmwareinspiron_3502_firmwarevostro_3267edge_gateway_5100xps_8930_firmwareinspiron_3477_firmwarealienware_17_r4inspiron_15_3573inspiron_14_3473vostro_3268embedded_box_pc_5000_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarealienware_m15_r3inspiron_3502vostro_3267_firmwareinspiron_14_3473_firmwarealienware_15_r4_firmwarevostro_3582vostro_3667_firmwareinspiron_15_5566_firmwarealienware_area_51m_r2_firmwarealienware_17_r5_firmwarevostro_3668CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-24415
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.40%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 21:45
Updated-17 Sep, 2024 | 02:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_m17_r4_firmwarealienware_x17_r1alienware_15_r3inspiron_3465latitude_3379_firmwareedge_gateway_3000alienware_m17_r3inspiron_15_5566vostro_3669edge_gateway_5100_firmwarewyse_7040_thin_client_firmwarevostro_3268_firmwareinspiron_3482_firmwarevostro_3660alienware_aurora_r8alienware_x15_r1_firmwarealienware_x15_r1embedded_box_pc_3000inspiron_3277wyse_7040_thin_clientvostro_14_5468_firmwarealienware_15_r3_firmwarealienware_15_r4vostro_3572_firmwareinspiron_3482alienware_m17_r4alienware_area_51m_r1_firmwarealienware_m17_r2inspiron_3510_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarealienware_aurora_r8_firmwarexps_8930vostro_3572vostro_3669_firmwarealienware_m15_r3_firmwarealienware_13_r3_firmwareinspiron_3782_firmwarealienware_m17_r3_firmwareedge_gateway_5000vostro_14_5468alienware_m15_r4vostro_3668_firmwareinspiron_3565_firmwareinspiron_3477alienware_13_r3vostro_3667inspiron_3510latitude_3379edge_gateway_3000_firmwareinspiron_3277_firmwarevostro_3660_firmwarevostro_15_5568_firmwarevostro_15_5568alienware_17_r5alienware_m15_r2_firmwareinspiron_15_3573_firmwarealienware_area_51m_r1inspiron_3782inspiron_3582alienware_17_r4_firmwarealienware_m15_r2inspiron_3565edge_gateway_5000_firmwarevostro_3582_firmwareinspiron_3582_firmwarealienware_m17_r2_firmwareinspiron_3465_firmwareinspiron_3502_firmwarevostro_3267edge_gateway_5100xps_8930_firmwareinspiron_3477_firmwarealienware_17_r4inspiron_15_3573inspiron_14_3473vostro_3268embedded_box_pc_5000_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarealienware_m15_r3inspiron_3502vostro_3267_firmwareinspiron_14_3473_firmwarealienware_15_r4_firmwarevostro_3582vostro_3667_firmwareinspiron_15_5566_firmwarealienware_area_51m_r2_firmwarealienware_17_r5_firmwarevostro_3668CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-24419
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.40%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 21:45
Updated-16 Sep, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_m17_r4_firmwarealienware_x17_r1alienware_15_r3inspiron_3465latitude_3379_firmwareedge_gateway_3000alienware_m17_r3inspiron_15_5566vostro_3669edge_gateway_5100_firmwarewyse_7040_thin_client_firmwarevostro_3268_firmwareinspiron_3482_firmwarevostro_3660alienware_aurora_r8alienware_x15_r1_firmwarealienware_x15_r1embedded_box_pc_3000inspiron_3277wyse_7040_thin_clientvostro_14_5468_firmwarealienware_15_r3_firmwarealienware_15_r4vostro_3572_firmwareinspiron_3482alienware_m17_r4alienware_area_51m_r1_firmwarealienware_m17_r2inspiron_3510_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarealienware_aurora_r8_firmwarexps_8930vostro_3572vostro_3669_firmwarealienware_m15_r3_firmwarealienware_13_r3_firmwareinspiron_3782_firmwarealienware_m17_r3_firmwareedge_gateway_5000vostro_14_5468alienware_m15_r4vostro_3668_firmwareinspiron_3565_firmwareinspiron_3477alienware_13_r3vostro_3667inspiron_3510latitude_3379edge_gateway_3000_firmwareinspiron_3277_firmwarevostro_3660_firmwarevostro_15_5568_firmwarevostro_15_5568alienware_17_r5alienware_m15_r2_firmwareinspiron_15_3573_firmwarealienware_area_51m_r1inspiron_3782inspiron_3582alienware_17_r4_firmwarealienware_m15_r2inspiron_3565edge_gateway_5000_firmwarevostro_3582_firmwareinspiron_3582_firmwarealienware_m17_r2_firmwareinspiron_3465_firmwareinspiron_3502_firmwarevostro_3267edge_gateway_5100xps_8930_firmwareinspiron_3477_firmwarealienware_17_r4inspiron_15_3573inspiron_14_3473vostro_3268embedded_box_pc_5000_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarealienware_m15_r3inspiron_3502vostro_3267_firmwareinspiron_14_3473_firmwarealienware_15_r4_firmwarevostro_3582vostro_3667_firmwareinspiron_15_5566_firmwarealienware_area_51m_r2_firmwarealienware_17_r5_firmwarevostro_3668CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14561
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.63%
||
7 Day CHG~0.00%
Published-18 Sep, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x00000000048c024d called from STDUXPSFile!DllUnregisterServer+0x0000000000025638."

Action-Not Available
Vendor-n/aSTDUtility
Product-stdu_viewern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-4650
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.08% / 25.04%
||
7 Day CHG~0.00%
Published-21 Jun, 2012 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the fuse_do_ioctl function in fs/fuse/file.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging the ability to operate a CUSE server.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-22706
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.22%
||
7 Day CHG~0.00%
Published-03 Mar, 2022 | 14:27
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-04-20||Apply updates per vendor instructions.

Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0.

Action-Not Available
Vendor-n/aArm Limited
Product-midgard_gpu_kernel_driverbifrost_gpu_kernel_drivervalhall_gpu_kernel_drivern/aMali Graphics Processing Unit (GPU)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-28585
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.11%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:03
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow to Buffer Overflow in TZ Secure OS

Memory corruption while loading an ELF segment in TEE Kernel.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwaresd865_5gqcs8155_firmwareqca6595snapdragon_xr1_platformipq6028_firmwareqca8081_firmwaresnapdragon_x50_5g_modem-rf_systemwcd9340_firmwarewcd9395_firmwaresnapdragon_730_mobile_platformqcn6024snapdragon_sc8180xp-aa_firmwareqcc710_firmwareqca6426fastconnect_6700snapdragon_768g_5g_mobile_platform_firmwaresa4150pwsa8832_firmwareqca8337qca6426_firmwarewcd9395snapdragon_460_mobile_platformqca6574au_firmwareqcn7606_firmwareqca6564_firmwareqam8295pwcd9341wsa8810_firmwaresd730_firmwarewsa8845h_firmwaresa9000p_firmwarefastconnect_6800_firmwareqcs5430snapdragon_4_gen_2_mobile_platform_firmwareqcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_778g\+_5g_mobile_platformsa8770pqcn9000sa8540psnapdragon_480\+_5g_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqsm8250_firmwareqsm8350_firmwaresnapdragon_765g_5g_mobile_platformvideo_collaboration_vc1_platformwcd9385_firmwareqca6421qca6310wcd9360snapdragon_ar2_gen_1_platform_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_7c_compute_platformimmersive_home_3210_platform_firmwaresnapdragon_685_4g_mobile_platformsa6155psnapdragon_sc8180x-aaqca6564au_firmwaresnapdragon_768g_5g_mobile_platformqca8075qam8650pvideo_collaboration_vc5_platform_firmwaresa9000psa6155p_firmwaresnapdragon_870_5g_mobile_platform_firmwareqca6436_firmwaresnapdragon_8\+_gen_1_mobile_platformqcn5021_firmwareqcn9070snapdragon_7c_compute_platform_firmwaresnapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwareqts110qca8084sm4125_firmwareqca6420snapdragon_7c_gen_2_compute_platform_firmwarewcn3910mdm9205s_firmwarecsrb31024snapdragon_x70_modem-rf_system_firmwaresnapdragon_845_mobile_platformsnapdragon_x55_5g_modem-rf_system_firmwareqca6574aqca6174awcd9340qcs8250_firmwareqcm2290qdu1210snapdragon_auto_5g_modem-rf_gen_2sm8550p_firmwareqcm8550wcn3988qcn5122_firmwareqcn9024snapdragon_460_mobile_platform_firmwareqca6574snapdragon_x75_5g_modem-rf_systemsdx57mqca8082qcs410qcm2290_firmwaresa8155pqca8072_firmwarewsa8830sm8550pqcf8000_firmwaresa6145psnapdragon_8\+_gen_1_mobile_platform_firmwaresa8255p_firmwareqrb5165m_firmwaresnapdragon_678_mobile_platform_firmwarewcn3950_firmwareqrb5165nmdm9205ssnapdragon_8_gen_1_mobile_platformfastconnect_6200snapdragon_710_mobile_platformsm7325p_firmwaresd460snapdragon_730g_mobile_platformwcd9360_firmwaresnapdragon_sc8280xp-ab_firmwareqdx1011smart_audio_400_platformsnapdragon_855\+\/860_mobile_platformvideo_collaboration_vc3_platform_firmwareqcn6023_firmwaresd670_firmwareimmersive_home_326_platform_firmwaresnapdragon_750g_5g_mobile_platformqcn9072qcn6224_firmwareqca6431qca8082_firmwaresdx57m_firmwaresxr2130_firmwarear8035_firmwaresnapdragon_730_mobile_platform_firmwareqrb5165msnapdragon_888_5g_mobile_platformsc8380xpipq6005snapdragon_w5\+_gen_1_wearable_platform_firmwareqca4024_firmwareqca0000_firmwaresd888_firmwaresnapdragon_712_mobile_platformsnapdragon_662_mobile_platform_firmwarewcd9306qcs6125_firmwareipq9008_firmwareqcn9074wsa8815_firmwareqca8337_firmwaresm7250p_firmwarewcn3999ipq6010_firmwarewcn3950snapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_765g_5g_mobile_platform_firmwareqcf8001_firmwareqcn9070_firmwaresnapdragon_780g_5g_mobile_platformsnapdragon_710_mobile_platform_firmwaresa8295p_firmwaresd_675_firmwaresa4155p_firmwareqca9984qcn9022_firmwaresnapdragon_720g_mobile_platformsm7250pcsrb31024_firmwareipq6018sa8155sd_8cx_firmwaresnapdragon_845_mobile_platform_firmwaresd888qru1062_firmwarefsm10056sd460_firmwaresnapdragon_4_gen_2_mobile_platformsc8380xp_firmwareqru1062qca6310_firmwarefastconnect_6800qcs7230snapdragon_685_4g_mobile_platform_firmwarewcd9371snapdragon_782g_mobile_platform_firmwarefastconnect_6900_firmwaresnapdragon_732g_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_sc8280xp-abqca8075_firmwarevision_intelligence_300_platform_firmwareqcf8000snapdragon_865\+_5g_mobile_platformsnapdragon_sc8180x-ad_firmwaresdx65m_firmwarevideo_collaboration_vc3_platformsnapdragon_sc8180xp-ad_firmwaresnapdragon_865_5g_mobile_platform_firmwareqca6431_firmware9205_lte_modem_firmwareqca6698aq_firmwareqcs2290qcn7606qcs2290_firmwarewcn3999_firmwareqca8084_firmwaresnapdragon_678_mobile_platformsa8255pqcs7230_firmwaresnapdragon_720g_mobile_platform_firmwarewcd9390_firmwaresnapdragon_690_5g_mobile_platformqca6430qdx1011_firmwaresnapdragon_auto_5g_modem-rfssg2125pqru1052csra6640_firmwareimmersive_home_326_platformqam8650p_firmwareqcn9013_firmwarevideo_collaboration_vc5_platformqca6420_firmwareqcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemsd855_firmwarewcd9335_firmwareqrb5165n_firmwareqca6436snapdragon_sc8180x-aa_firmwarewcn3980_firmwaresnapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmwareqdu1010_firmwaresnapdragon_732g_mobile_platformqcs4290_firmwaresnapdragon_865_5g_mobile_platformcsra6620qca8081wsa8815qam8775pqca9377qcm4325_firmwareqcm4290_firmwareqcn9274_firmwaresmart_audio_400_platform_firmwareqcs5430_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresg4150p_firmwaresnapdragon_480_5g_mobile_platformqru1052_firmwaresnapdragon_670_mobile_platformcsra6620_firmwareqcs8550qam8775p_firmwaresd865_5g_firmwarewcd9375sa8145psd_675snapdragon_888\+_5g_mobile_platform_firmwarecsr8811qdx1010qcm8550_firmwareqcs410_firmwaresa6150p_firmwaresw5100psxr1120ipq9574qcn9000_firmwarevision_intelligence_300_platformqcn9022qcs610_firmwarewcd9335wcd9370qca8072qca4004qca6696wcd9341_firmwarewcn6740_firmwareipq6018_firmwareqca9984_firmwareqcn6023qdu1110ipq6000snapdragon_auto_4g_modem9205_lte_modemqca6574auwcd9390csra6640qcn5122sd730snapdragon_730g_mobile_platform_firmwareqcn6024_firmwareqcm5430snapdragon_695_5g_mobile_platformqcm6125_firmwarec-v2x_9150ssg2115pqcc710snapdragon_850_mobile_compute_platformsxr1120_firmwarerobotics_rb3_platform315_5g_iot_modem_firmwarefastconnect_6900qru1032_firmwareipq5332_firmwareqcn5052fsm10056_firmwareqfw7114315_5g_iot_modemipq9574_firmwaresnapdragon_x55_5g_modem-rf_systemqam8255p_firmwaresa8155_firmwaresnapdragon_888_5g_mobile_platform_firmwaresnapdragon_wear_1300_platform_firmwareqca6335qcs4490snapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qca6421_firmwareqcm6125csr8811_firmwaresnapdragon_sc8180xp-aawsa8810qcn5021qdu1000_firmwareqca8085qsm8250snapdragon_8\+_gen_2_mobile_platformqca6595ausm7315_firmwareqdu1010wcd9326_firmwarewsa8840qcs8550_firmwareqdu1210_firmwareqfw7124_firmwareqcn9012snapdragon_sc8180x-adwcd9371_firmwareqcs4490_firmwareqcf8001wcn3910_firmwaresnapdragon_855\+\/860_mobile_platform_firmwaresdx65mwcd9370_firmwareqcn5121_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqdu1110_firmwareqdu1000ipq9570sa8195pqca6335_firmwareqcm6490sa8540p_firmwareimmersive_home_3210_platformqcn9274sa8775pipq9570_firmwaresxr2230p_firmwaresd675_firmwareqca6430_firmwaresnapdragon_870_5g_mobile_platformqcn9011sa8775p_firmwareqcn9024_firmwarewsa8845hsa6150pwcd9326sa8155p_firmwareqca6564asnapdragon_675_mobile_platformsnapdragon_sc8180x-acsnapdragon_wear_1300_platformsnapdragon_662_mobile_platformqcn9074_firmwarevision_intelligence_400_platform_firmwaresnapdragon_765_5g_mobile_platformsc8180x\+sdx55_firmwareflight_rb5_5g_platform_firmwaresnapdragon_665_mobile_platformar8035qca6564sa6155qcm4325robotics_rb5_platformqcn6224sc8180x\+sdx55qca6698aqsnapdragon_7c_gen_2_compute_platformsm6250ssg2125p_firmwaresd670sa8145p_firmwareqcs8155snapdragon_888\+_5g_mobile_platformsa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformfastconnect_6700_firmwarewcn3990snapdragon_680_4g_mobile_platform_firmwareqcs6490qcs8250ipq9554_firmwaresnapdragon_712_mobile_platform_firmwarefastconnect_6200_firmwarear8031_firmwaresnapdragon_sc8180xp-acwsa8830_firmwareqca8386_firmwaresnapdragon_850_mobile_compute_platform_firmwarewsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwaresnapdragon_675_mobile_platform_firmwareqcn5022_firmwaresa4150p_firmwareipq9008ipq9554qca6564ausm6250p_firmwaresa8195p_firmwareqcm4290ipq5332snapdragon_680_4g_mobile_platformqcn5121qcn9013ar8031sg8275p_firmwareqca9377_firmwareqcm6490_firmwaresm4125qcm4490_firmwaresnapdragon_855_mobile_platformqru1032robotics_rb3_platform_firmwareflight_rb5_5g_platformsnapdragon_xr2_5g_platformqcs6125snapdragon_7c\+_gen_3_computesnapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_670_mobile_platform_firmwareqca8085_firmwareipq6005_firmwareqca4004_firmwaresm6250_firmwaresnapdragon_780g_5g_mobile_platform_firmwareqca6584auqcn6274_firmwareqcn9011_firmwaresw5100_firmwaresnapdragon_765_5g_mobile_platform_firmwarewcn6740qfw7114_firmwareqca4024qca6595_firmwarefastconnect_7800_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwaresxr2230psnapdragon_4_gen_1_mobile_platformsa8150psnapdragon_778g_5g_mobile_platformsnapdragon_665_mobile_platform_firmwaresnapdragon_x24_lte_modemqcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwaresxr1230psd662_firmwareipq6010sw5100aqt1000wcd9306_firmwarec-v2x_9150_firmwareqam8295p_firmwaresd855wcn3990_firmwaresm7315qca6564a_firmwarewcd9385qsm8350sd662qcs4290sxr1230p_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwaresnapdragon_865\+_5g_mobile_platform_firmwaresg8275psm6250psdx55_firmwaresnapdragon_sc8180x-ac_firmwaresxr2130ipq6028qcm4490snapdragon_xr2\+_gen_1_platformqca6174a_firmwaresm7325psnapdragon_855_mobile_platform_firmwareaqt1000_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274snapdragon_480_5g_mobile_platform_firmwareqfw7124qca6595au_firmwareqca0000sw5100p_firmwaresnapdragon_sc8180xp-ac_firmwaresnapdragon_ar2_gen_1_platformsnapdragon_782g_mobile_platformqca6696_firmwarewcd9380_firmwareqca6574_firmwaresg4150psd_8_gen1_5gqca6797aqqcn5152vision_intelligence_400_platformqca6574a_firmwaresdx55qcn9072_firmwaresnapdragon_480\+_5g_mobile_platformsd675sd_8_gen1_5g_firmwarewcd9375_firmwareqca8386qca6391snapdragon_sc8180xp-adsnapdragon_x70_modem-rf_systemqts110_firmwareqcn9012_firmwaresa8770p_firmwaresa8295psnapdragon_8_gen_2_mobile_platform_firmwaresnapdragon_xr1_platform_firmwarerobotics_rb5_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareipq6000_firmwarefastconnect_7800wcn3988_firmwaresd_8cxwsa8835_firmwaressg2115p_firmwareqcn5022snapdragon_x75_5g_modem-rf_system_firmwarewcn3980snapdragon_690_5g_mobile_platform_firmwareqcs610Snapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CVE-2017-14288
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.63%
||
7 Day CHG~0.00%
Published-11 Sep, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllGetClassObject+0x0000000000002ff7."

Action-Not Available
Vendor-n/aSTDUtility
Product-stdu_viewern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-28545
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.11%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 05:26
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in TZ Secure OS

Memory corruption in TZ Secure OS while loading an app ELF.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqcm8550_firmwaresw5100pvision_intelligence_300_platformsd865_5gqca6595wcd9335wcd9370qca8081_firmwaresnapdragon_x50_5g_modem-rf_systemqca4004qca6696wcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcn6024qcc710_firmwareqca6426wcn6740_firmwarefastconnect_6700qca9984_firmwaresnapdragon_768g_5g_mobile_platform_firmwarewsa8832_firmwareqca8337qdu1110qca6426_firmwarewcd9395snapdragon_460_mobile_platform9205_lte_modemqca6574au_firmwaresnapdragon_8cx_gen_3_compute_platform_firmwareqcn7606_firmwareqam8295pwcd9341qca6574auwcd9390wsa8810_firmwarewsa8845h_firmwarecsra6640snapdragon_8cx_gen_2_5g_compute_platformsa9000p_firmwaresrv1hfastconnect_6800_firmwareqcn6024_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_695_5g_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_778g\+_5g_mobile_platformssg2115pqcc710snapdragon_850_mobile_compute_platformsnapdragon_8cx_compute_platform_firmwaresa8540psnapdragon_480\+_5g_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqsm8250_firmwareqsm8350_firmwarerobotics_rb3_platform315_5g_iot_modem_firmwarefastconnect_6900snapdragon_765g_5g_mobile_platformqru1032_firmwareqfw7114wcd9385_firmwareqca6421315_5g_iot_modemsnapdragon_x55_5g_modem-rf_systemqca6310qam8255p_firmwaresa8155_firmwarewcd9360snapdragon_888_5g_mobile_platform_firmwaresnapdragon_wear_1300_platform_firmwareqca6335snapdragon_ar2_gen_1_platform_firmwareqcs4490snapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_685_4g_mobile_platformsnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845sa6155pqca6421_firmwareqca6564au_firmwaresnapdragon_768g_5g_mobile_platformwsa8810qam8650pvideo_collaboration_vc5_platform_firmwaresa9000pqdu1000_firmwareqsm8250snapdragon_8\+_gen_2_mobile_platformsrv1h_firmwareqca6595ausm7315_firmwareqdu1010wcd9326_firmwaresa6155p_firmwarewsa8840qcs8550_firmwareqdu1210_firmwaresnapdragon_870_5g_mobile_platform_firmwareqfw7124_firmwareqca6436_firmwareqcn9012snapdragon_8\+_gen_1_mobile_platformqcs4490_firmwaresnapdragon_8_gen_2_mobile_platformwcn3910_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresm4125_firmwaresnapdragon_855\+\/860_mobile_platform_firmwareqca6420wcn3910wcd9370_firmwaresnapdragon_x70_modem-rf_system_firmwaresnapdragon_845_mobile_platformsnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqdu1110_firmwareqdu1000qca6574aqca6174awcd9340qcs8250_firmwareqcm2290qdu1210qca6335_firmwareqcm6490sa8540p_firmwaresm8550p_firmwareqcm8550wcn3988qcn9024snapdragon_460_mobile_platform_firmwareqca6574snapdragon_x75_5g_modem-rf_systemsxr2230p_firmwaresd675_firmwaresnapdragon_8cx_compute_platformqca6430_firmwaresnapdragon_870_5g_mobile_platformqcn9011qamsrv1hsdx57mqcn9024_firmwaresnapdragon_8cx_gen_3_compute_platformwsa8845hwcd9326qcm2290_firmwaresa8155p_firmwareqca6564asa8155pwsa8830snapdragon_675_mobile_platformsnapdragon_wear_1300_platformsnapdragon_662_mobile_platformsm8550psa6145psnapdragon_8\+_gen_1_mobile_platform_firmwarevision_intelligence_400_platform_firmwaresnapdragon_765_5g_mobile_platformsa8255p_firmwareflight_rb5_5g_platform_firmwaresnapdragon_665_mobile_platformar8035sa6155qrb5165m_firmwaresa8650p_firmwaresnapdragon_678_mobile_platform_firmwareqcm4325robotics_rb5_platformqcn6224qca6698aqwcn3950_firmwaressg2125p_firmwareqrb5165nsnapdragon_8c_compute_platform_firmwaresnapdragon_8_gen_1_mobile_platformfastconnect_6200sd670sm7325p_firmwaresd460wcd9360_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_firmwaresnapdragon_888\+_5g_mobile_platformqdx1011smart_audio_400_platformsnapdragon_855\+\/860_mobile_platformsa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformfastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990sd670_firmwaresnapdragon_680_4g_mobile_platform_firmwareqcs6490qcs8250snapdragon_750g_5g_mobile_platformfastconnect_6200_firmwarear8031_firmwarewsa8830_firmwareqcn6224_firmwareqca6431snapdragon_850_mobile_compute_platform_firmwarewsa8845_firmwarewsa8832sdx57m_firmwaresxr2130_firmwaresnapdragon_675_mobile_platform_firmwarear8035_firmwareqrb5165msnapdragon_888_5g_mobile_platformsc8380xpsnapdragon_w5\+_gen_1_wearable_platform_firmwaresd888_firmwaresnapdragon_662_mobile_platform_firmwarewcd9306qca6564auwsa8815_firmwareqca8337_firmwareqcm4290snapdragon_680_4g_mobile_platformar8031sg8275p_firmwareqca9377_firmwareqcm6490_firmwaresnapdragon_8c_compute_platformsm7250p_firmwarewcn3999sm4125qcm4490_firmwaresnapdragon_855_mobile_platformqru1032robotics_rb3_platform_firmwarewcn3950flight_rb5_5g_platformsnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_765g_5g_mobile_platform_firmwaresnapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_670_mobile_platform_firmwaresnapdragon_780g_5g_mobile_platformqca4004_firmwaresa8295p_firmwaresd_675_firmwareqca9984sm7250psa8155sd_8cx_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwaresd888qcn9011_firmwareqru1062_firmwaresd460_firmwaresnapdragon_4_gen_2_mobile_platformsw5100_firmwaresnapdragon_765_5g_mobile_platform_firmwarewcn6740sc8380xp_firmwareqru1062qca6310_firmwarefastconnect_6800qfw7114_firmwareqcs7230snapdragon_685_4g_mobile_platform_firmwareqca6595_firmwarefastconnect_7800_firmwaresnapdragon_782g_mobile_platform_firmwarefastconnect_6900_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwaresxr2230psnapdragon_xr2_5g_platform_firmwaresnapdragon_4_gen_1_mobile_platformsa8150pvision_intelligence_300_platform_firmwaresnapdragon_778g_5g_mobile_platformsnapdragon_665_mobile_platform_firmwaresnapdragon_x24_lte_modemsnapdragon_auto_5g_modem-rf_firmwaresxr1230psnapdragon_865\+_5g_mobile_platformsd662_firmwaresw5100video_collaboration_vc3_platformaqt1000wcd9306_firmwaresnapdragon_865_5g_mobile_platform_firmwareqam8295p_firmwaresd855qca6431_firmwarewcn3990_firmware9205_lte_modem_firmwaresm7315qca6698aq_firmwareqcs2290qca6564a_firmwareqcn7606wcd9385qcs2290_firmwareqsm8350wcn3999_firmwaresd662snapdragon_678_mobile_platformsa8255pqcs7230_firmwareqcs4290sxr1230p_firmwarewcd9390_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwaresnapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_690_5g_mobile_platformqca6430sg8275psdx55_firmwareqdx1011_firmwaresnapdragon_auto_5g_modem-rfssg2125pqru1052sxr2130qcm4490csra6640_firmwaresnapdragon_xr2\+_gen_1_platformqca6174a_firmwaresm7325pqam8650p_firmwarevideo_collaboration_vc5_platformsnapdragon_855_mobile_platform_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemsd855_firmwarewcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwareqcn6274snapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmwaresnapdragon_480_5g_mobile_platform_firmwareqfw7124qdu1010_firmwareqca6595au_firmwaresw5100p_firmwaresnapdragon_ar2_gen_1_platformsnapdragon_782g_mobile_platformqca6696_firmwareqcs4290_firmwaresnapdragon_865_5g_mobile_platformwcd9380_firmwareqca6574_firmwarecsra6620qca8081wsa8815sg4150psd_8_gen1_5gqam8775pqca9377qca6797aqqcm4325_firmwarevision_intelligence_400_platformqca6574a_firmwaresdx55qcm4290_firmwaresnapdragon_480\+_5g_mobile_platformsd675sd_8_gen1_5g_firmwarewcd9375_firmwareqca6391snapdragon_x70_modem-rf_systemsnapdragon_778g_5g_mobile_platform_firmwaresmart_audio_400_platform_firmwareqcn9012_firmwaresg4150p_firmwaresnapdragon_480_5g_mobile_platformqru1052_firmwaresnapdragon_670_mobile_platformcsra6620_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8295probotics_rb5_platform_firmwareqcs8550snapdragon_x50_5g_modem-rf_system_firmwarefastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwarewcd9375wcn3988_firmwareqamsrv1h_firmwaresd_675snapdragon_888\+_5g_mobile_platform_firmwaresd_8cxwsa8835_firmwaressg2115p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3980snapdragon_690_5g_mobile_platform_firmwareqdx1010Snapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-14574
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.63%
||
7 Day CHG~0.00%
Published-18 Sep, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV starting at Unknown Symbol @ 0x0000000004940490."

Action-Not Available
Vendor-n/aSTDUtility
Product-stdu_viewern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14308
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.39%
||
7 Day CHG~0.00%
Published-11 Sep, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at STDUJBIG2File!DllUnregisterServer+0x0000000000006ddd."

Action-Not Available
Vendor-n/aSTDUtility
Product-stdu_viewern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-25545
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.09% / 26.19%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_system_d50tnp1mhcpacserver_system_d50tnp2mhsvac_firmwareserver_system_m50cyp2ur312_firmwareserver_system_d50tnp2mhsvacserver_system_d50tnp1mhcrac_firmwareserver_system_d50tnp2mhstacserver_system_m50cyp2ur208server_system_d50tnp2mfalacserver_system_d50tnp1mhcrlc_firmwareserver_system_m50cyp1ur212_firmwareserver_system_m50cyp2ur208_firmwareserver_system_m50cyp2ur312server_system_m50cyp1ur204_firmwareserver_system_d50tnp1mhcracserver_system_d50tnp1mhcrlcserver_system_d50tnp2mhstac_firmwareserver_system_m50cyp1ur204server_system_d50tnp1mhcpac_firmwareserver_system_d50tnp2mfalac_firmwareserver_system_m50cyp1ur212Intel(R) Server Board BMC firmware
CWE ID-CWE-92
DEPRECATED: Improper Sanitization of Custom Special Characters
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14299
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.63%
||
7 Day CHG~0.00%
Published-11 Sep, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at STDUJBIG2File!DllGetClassObject+0x000000000000384b."

Action-Not Available
Vendor-n/aSTDUtility
Product-stdu_viewern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14690
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.63%
||
7 Day CHG~0.00%
Published-22 Sep, 2017 | 08:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at STDUJBIG2File!DllGetClassObject+0x00000000000064e7."

Action-Not Available
Vendor-n/aSTDUtility
Product-stdu_viewern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14549
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.63%
||
7 Day CHG~0.00%
Published-18 Sep, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .djvu file, related to a "Heap Corruption starting at wow64!Wow64NotifyDebugger+0x000000000000001d."

Action-Not Available
Vendor-n/aSTDUtility
Product-stdu_viewern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14562
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.39%
||
7 Day CHG~0.00%
Published-18 Sep, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to an "Error Code (0xe06d7363) starting at wow64!Wow64NotifyDebugger+0x000000000000001d."

Action-Not Available
Vendor-n/aSTDUtility
Product-stdu_viewern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-2905
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.08% / 23.85%
||
7 Day CHG~0.00%
Published-29 Sep, 2009 | 19:00
Updated-07 Aug, 2024 | 06:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0.52.2 allows local users to cause a denial of service (application crash) or possibly execute arbitrary code via a request to display a crafted text dialog box.

Action-Not Available
Vendor-fedorahostedn/a
Product-newtn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-22297
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.08% / 23.85%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Access of memory location after end of buffer in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_system_d50tnp1mhcpacserver_system_d50tnp2mhsvac_firmwareserver_system_m50cyp2ur312_firmwareserver_system_d50tnp2mhsvacserver_system_d50tnp1mhcrac_firmwareserver_system_d50tnp2mhstacserver_system_d50tnp2mfalacserver_system_m50cyp2ur208server_system_d50tnp1mhcrlc_firmwareserver_system_m50cyp1ur212_firmwareserver_system_m50cyp2ur208_firmwareserver_system_m50cyp2ur312server_system_m50cyp1ur204_firmwareserver_system_d50tnp1mhcracserver_system_d50tnp1mhcrlcserver_system_d50tnp2mhstac_firmwareserver_system_m50cyp1ur204server_system_d50tnp1mhcpac_firmwareserver_system_d50tnp2mfalac_firmwareserver_system_m50cyp1ur212Intel(R) Server Board BMC firmware
CWE ID-CWE-788
Access of Memory Location After End of Buffer
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14580
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.63%
||
7 Day CHG~0.00%
Published-18 Sep, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XnView Classic for Windows Version 2.41 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at jbig2dec+0x000000000000870f."

Action-Not Available
Vendor-n/aXnView (XnSoft)Microsoft Corporation
Product-xnviewwindowsn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14304
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.39%
||
7 Day CHG~0.00%
Published-11 Sep, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at STDUJBIG2File!DllGetClassObject+0x00000000000043e0."

Action-Not Available
Vendor-n/aSTDUtility
Product-stdu_viewern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14279
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.39%
||
7 Day CHG~0.00%
Published-11 Sep, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at jbig2dec+0x0000000000005643."

Action-Not Available
Vendor-n/aXnView (XnSoft)Microsoft Corporation
Product-xnviewwindowsn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14898
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.40%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE vendor command, in which attribute QCA_WLAN_VENDOR_ATTR_TXPOWER_SCALE contains fewer than 1 byte, a buffer overrun occurs.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 8
  • 9
  • Next
Details not found