CVSS: 6.3EPSS: 0%CPEs: 6EXPL: 0CVE-2021-1061
https://notcve.org/view.php?id=CVE-2021-1061
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which a race condition may cause the vGPU plugin to continue using a previously validated resource that has since changed, which may lead to denial of service or information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5142 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-1059
https://notcve.org/view.php?id=CVE-2021-1059
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input index is not validated, which may lead to integer overflow, which in turn may cause tampering of data, information disclosure, or denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5142 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-1057
https://notcve.org/view.php?id=CVE-2021-1057
NVIDIA Virtual GPU Manager NVIDIA vGPU manager contains a vulnerability in the vGPU plugin in which it allows guests to allocate some resources for which the guest is not authorized, which may lead to integrity and confidentiality loss, denial of service, or information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5142 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-4003
https://notcve.org/view.php?id=CVE-2020-4003
VMware SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 was found to be vulnerable to SQL-injection attacks allowing for potential information disclosure. An authenticated SD-WAN Orchestrator user may inject code into SQL queries which may lead to information disclosure. Se detectó que VMware SD-WAN Orchestrator versiones 3.3.2 anteriores a 3.3.2 P3, versiones 3.4.x anteriores a 3.4.4 y versiones 4.0.x anteriores a 4.0.1, eran vulnerables a ataques de inyección SQL permitiendo una potencial divulgación de información. • http://www.vmware.com/security/advisories/VMSA-2020-0025.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-3998
https://notcve.org/view.php?id=CVE-2020-3998
VMware Horizon Client for Windows (5.x prior to 5.5.0) contains an information disclosure vulnerability. ... VMware Horizon Client para Windows (versiones 5.x anteriores a 5.5.0), contiene una vulnerabilidad de divulgación de información. • https://www.vmware.com/security/advisories/VMSA-2020-0024.html •