CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2023-25517
https://notcve.org/view.php?id=CVE-2023-25517
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a guest OS may be able to control resources for which it is not authorized, which may lead to information disclosure and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5468 • CWE-285: Improper Authorization •
CVSS: 7.5EPSS: 11%CPEs: 1EXPL: 0CVE-2023-20889 – VMware Aria Operations for Networks exportPDF Code Injection Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-20889
Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in information disclosure. This vulnerability allows remote attackers to disclose sensitive information on affected installations of VMware Aria Operations for Networks. • https://www.vmware.com/security/advisories/VMSA-2023-0012.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-20884
https://notcve.org/view.php?id=CVE-2023-20884
VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure. • https://www.vmware.com/security/advisories/VMSA-2023-0011.html • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-20870 – VMware Workstation UHCI Component Uninitialized Variable Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-20870
VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. • https://www.vmware.com/security/advisories/VMSA-2023-0008.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-0198
https://notcve.org/view.php?id=CVE-2023-0198
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where improper restriction of operations within the bounds of a memory buffer can lead to denial of service, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://security.gentoo.org/glsa/202310-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •