Page 444 of 45876 results (0.069 seconds)

CVSS: 7.1EPSS: 0%CPEs: -EXPL: 0

An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the hgfsVMCI_fileread function. The issue results from the lack of proper initialization of memory prior to accessing it.An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24280 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.1EPSS: 0%CPEs: -EXPL: 0

An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the UrbBuf_getDataBuf function. ... An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of hypervisor. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24280 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.6EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware Workstation. ... An attacker can leverage this vulnerability to execute code in the context of the hypervisor. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24280 •

CVSS: 9.3EPSS: 0%CPEs: -EXPL: 0

A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. ... An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the VBluetoothHCI_PacketOut method. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24280 •

CVSS: 6.3EPSS: 0%CPEs: -EXPL: 0

There is a buffer overflow over the encrypted token parsing logic in the HTTP service that allows remote code execution. • https://latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks https://nuki.io/en/security-updates https://research.nccgroup.com/2022/07/25/technical-advisory-multiple-vulnerabilities-in-nuki-smart-locks-cve-2022-32509-cve-2022-32504-cve-2022-32502-cve-2022-32507-cve-2022-32503-cve-2022-32510-cve-2022-32506-cve-2022-32508-cve-2 https://www.hackread.com/nuki-smart-locks-vulnerabilities-plethora-attack-options • CWE-121: Stack-based Buffer Overflow •