Page 2 of 37 results (0.006 seconds)

CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0

29 Apr 2021 — NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2) and version 11.x (prior to 11.4). El software NVIDIA vGPU contiene una vulnerabilidad en el controlador del modo kernel invitado y el Virtual GPU Manager (plugin vGPU), en el que la longitud de la entrada no es comprobada,... • https://nvidia.custhelp.com/app/answers/detail/a_id/5172 • CWE-1284: Improper Validation of Specified Quantity in Input •

CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0

29 Apr 2021 — NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior 8.7). El software NVIDIA vGPU contiene una vulnerabilidad en el controlador de modo de kernel invitado y el administrador de Virtual GPU (plugin vGPU), en el que la long... • https://nvidia.custhelp.com/app/answers/detail/a_id/5172 • CWE-1284: Improper Validation of Specified Quantity in Input •

CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0

08 Jan 2021 — NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input index is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3). El software NVIDIA vGPU contiene una vulnerabilidad en el controlador del modo kernel invitado y en el plugin vGPU, en el que un índice de entrada no es comprobado, lo que puede conllevar a una alteración de los datos o a una denegación d... • https://nvidia.custhelp.com/app/answers/detail/a_id/5142 • CWE-20: Improper Input Validation •

CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0

08 Jan 2021 — NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input data size is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3). El software NVIDIA vGPU contiene una vulnerabilidad en el controlador del modo kernel invitado y en el plugin vGPU, en el que el tamaño de los datos de entrada no es comprobado, lo que puede conllevar a una alteración de los datos o a... • https://nvidia.custhelp.com/app/answers/detail/a_id/5142 • CWE-1284: Improper Validation of Specified Quantity in Input •

CVSS: 7.8EPSS: 3%CPEs: 1EXPL: 0

11 Feb 2015 — Microsoft System Center Virtual Machine Manager (VMM) 2012 R2 Update Rollup 4 does not properly validate the roles of users, which allows local users to obtain server and virtual-machine administrative privileges by establishing a server session with Active Directory credentials, aka "Virtual Machine Manager Elevation of Privilege Vulnerability." Microsoft System Center Virtual Machine Manager (VMM) 2012 R2 Update Rollup 4 no valida correctamente los roles de los usuarios, lo que permite a usuarios locales ... • http://www.securityfocus.com/bid/72473 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 1

23 Jul 2004 — Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java." La máquina virtual (VM) Java de Microsoft 5.0.0.3810 permite a atacantes remotos saltarse restricciones de la caja de arena o escribir ciertos datos entre applets de diferentes dominios mediante órdenes "GET/Key" y "PUT/Key/Value". Vulnerabilidad también conocidad como ... • http://marc.info/?l=bugtraq&m=108948405808522&w=2 •

CVSS: 9.8EPSS: 26%CPEs: 11EXPL: 1

15 Apr 2003 — The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise." El componente Verificador de ByteCode de la Máquina Virtual (VW) de Microsoft compilación 5.0.3809 y anteriores, usada en en Windows y en Internet Explorer, permite a atacantes remotos eludir comprobaciones de s... • https://www.exploit-db.com/exploits/22027 •

CVSS: 7.5EPSS: 7%CPEs: 1EXPL: 0

14 Nov 2002 — The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to steal cookies and execute script in a different security context via a URL that contains a colon in the domain portion, which is not properly parsed and loads an applet from a malicious site within the security context of the site that is being visited by the user. La implementación de Java de Microsoft, como la usada en Internet Explorer, permite a atacantes remotos robar cookies y ejecutar script en un contexto de ... • http://marc.info/?l=bugtraq&m=103682630823080&w=2 •

CVSS: 7.5EPSS: 6%CPEs: 1EXPL: 0

14 Nov 2002 — Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service via a long class name through (1) Class.forName or (2) ClassLoader.loadClass. • http://marc.info/?l=bugtraq&m=103682630823080&w=2 •

CVSS: 5.0EPSS: 5%CPEs: 1EXPL: 0

14 Nov 2002 — The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to determine the current directory of the Internet Explorer process via the getAbsolutePath() method in a File() call. • http://marc.info/?l=bugtraq&m=103682630823080&w=2 •