CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-0181 – Gentoo Linux Security Advisory 202310-02
https://notcve.org/view.php?id=CVE-2023-0181
01 Apr 2023 — NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data tampering. Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in root privilege escalation. Versions greater than or equal to 470.182.03 are affected. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 • CWE-276: Incorrect Default Permissions CWE-280: Improper Handling of Insufficient Permissions or Privileges •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-0180 – Gentoo Linux Security Advisory 202310-02
https://notcve.org/view.php?id=CVE-2023-0180
01 Apr 2023 — NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode layer handler, which may lead to denial of service or information disclosure. Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in root privilege escalation. Versions greater than or equal to 470.182.03 are affected. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2023-24485 – Privilege Escalation on the system running a vulnerable version of Citrix Workspace app for Windows
https://notcve.org/view.php?id=CVE-2023-24485
16 Feb 2023 — Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app. • https://support.citrix.com/article/CTX477617/citrix-workspace-app-for-windows-security-bulletin-for-cve202324484-cve202324485 • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-24483 – Privilege Escalation to NT AUTHORITY\SYSTEM on the vulnerable VDA
https://notcve.org/view.php?id=CVE-2023-24483
16 Feb 2023 — A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA. • https://support.citrix.com/article/CTX477616/citrix-virtual-apps-and-desktops-security-bulletin-for-cve202324483 • CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2023-24484 – A malicious user can cause log files to be written to a directory that they do not have permission to write to.
https://notcve.org/view.php?id=CVE-2023-24484
16 Feb 2023 — A malicious user can cause log files to be written to a directory that they do not have permission to write to. • https://support.citrix.com/article/CTX477617/citrix-workspace-app-for-windows-security-bulletin-for-cve202324484-cve202324485 • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-27507 – Authenticated denial of service
https://notcve.org/view.php?id=CVE-2022-27507
24 Jan 2023 — Authenticated denial of service Denegación de servicio autenticada • https://support.citrix.com/article/CTX457048/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202227507-and-cve202227508 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-27508 – Unauthenticated denial of service
https://notcve.org/view.php?id=CVE-2022-27508
24 Jan 2023 — Unauthenticated denial of service Denegación de servicio no autenticada • https://support.citrix.com/article/CTX457048/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202227507-and-cve202227508 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2022-42255 – Gentoo Linux Security Advisory 202310-02
https://notcve.org/view.php?id=CVE-2022-42255
30 Dec 2022 — NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering. NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en la capa del modo kernel (nvidia.ko), donde un acceso a la matriz fuera de los límites puede provocar Denegación de Servicio (DoS), divulgación de información o manipulación de datos. Multiple vulnerabilities have been discovered in NVI... • https://nvidia.custhelp.com/app/answers/detail/a_id/5415 • CWE-129: Improper Validation of Array Index CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2022-42260 – Gentoo Linux Security Advisory 202310-02
https://notcve.org/view.php?id=CVE-2022-42260
30 Dec 2022 — NVIDIA vGPU Display Driver for Linux guest contains a vulnerability in a D-Bus configuration file, where an unauthorized user in the guest VM can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. NVIDIA vGPU Display Driver para los invitados de Linux contiene una vulnerabilidad en un archivo de configuración de D-Bus, donde un usuario no autorizado en la máquina virtual invitada puede afectar los endpoi... • https://nvidia.custhelp.com/app/answers/detail/a_id/5415 • CWE-281: Improper Preservation of Permissions •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-42261 – Gentoo Linux Security Advisory 202310-02
https://notcve.org/view.php?id=CVE-2022-42261
30 Dec 2022 — NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service. NVIDIA vGPU software contiene una vulnerabilidad en Virtual GPU Manager (complemento vGPU), donde un índice de entrada no se valida, lo que puede provocar una saturación del búfer, lo que a su vez puede causar manipulación de datos, divulgación de información o Den... • https://nvidia.custhelp.com/app/answers/detail/a_id/5415 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •