CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-21989 – VMware Workstation ThinPrint TTCHeader Integer Overflow Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-21989
24 May 2021 — VMware Workstation (versiones 16.x anteriores a 16.1.2) y Horizon Client para Windows (versiones 5.x anteriores a 5.5.2) contienen una vulnerabilidad de lectura fuera de límites en el componente Cortado ThinPrint (TTC Parser). Un actor malicioso con acceso a una máquina virtual o un escritorio remoto puede ser capaz de explotar estos problemas conllevando a una divulgación de información del proceso TPView que se ejecuta en el sistema donde está instalado Workstation o Horizon Client para Window... • https://www.vmware.com/security/advisories/VMSA-2021-0009.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-21988 – VMware Workstation ThinPrint JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-21988
24 May 2021 — VMware Workstation (versiones 16.x anteriores a 16.1.2) y Horizon Client para Windows (versiones 5.x anteriores a 5.5.2) contienen una vulnerabilidad de lectura fuera de límites en el componente Cortado ThinPrint (JPEG2000 Parser). Un actor malicioso con acceso a una máquina virtual o escritorio remoto puede explotar estos problemas que conllevan a una divulgación de información del proceso TPView que se ejecuta en el sistema donde está instalado Workstation o Horizon Client para Windows This vu... • https://www.vmware.com/security/advisories/VMSA-2021-0009.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-21987 – VMware Workstation ThinPrint TTCHeader Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-21987
24 May 2021 — VMware Workstation (16.x versiones anteriores a 16.1.2) y Horizon Client para Windows (5.x versiones anteriores a 5.5.2) contienen una vulnerabilidad de lectura fuera de límites en el componente Cortado ThinPrint (TTC Parser). Un actor malicioso con acceso a una máquina virtual o escritorio remoto puede explotar estos problemas que conllevan a la divulgación de información del proceso TPView que se ejecuta en el sistema donde está instalado Workstation o Horizon Client para Windows This vulnerab... • https://www.vmware.com/security/advisories/VMSA-2021-0009.html • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2021-1086
https://notcve.org/view.php?id=CVE-2021-1086
29 Apr 2021 — NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it allows guests to control unauthorized resources, which may lead to integrity and confidentiality loss or information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5172 • CWE-863: Incorrect Authorization •
CVSS: 7.3EPSS: 0%CPEs: 10EXPL: 0CVE-2021-1085
https://notcve.org/view.php?id=CVE-2021-1085
29 Apr 2021 — NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to write to a shared memory location and manipulate the data after the data has been validated, which may lead to denial of service and escalation of privileges and information disclosure but attacker doesn't have control over what information is obtained. • https://nvidia.custhelp.com/app/answers/detail/a_id/5172 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-1084
https://notcve.org/view.php?id=CVE-2021-1084
29 Apr 2021 — NVIDIA vGPU driver contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data or denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5172 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-1083
https://notcve.org/view.php?id=CVE-2021-1083
29 Apr 2021 — NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5172 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2021-1081
https://notcve.org/view.php?id=CVE-2021-1081
29 Apr 2021 — NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5172 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-1082
https://notcve.org/view.php?id=CVE-2021-1082
29 Apr 2021 — NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5172 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-1080
https://notcve.org/view.php?id=CVE-2021-1080
29 Apr 2021 — NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which certain input data is not validated, which may lead to information disclosure, tampering of data, or denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5172 • CWE-20: Improper Input Validation •