| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption may occur due to improper input validation in clock device. |
| Memory corruption may occur while validating ports and channels in Audio driver. |
| Memory corruption may occur during communication between primary and guest VM. |
| Memory corruption may occur while accessing a variable during extended back to back tests. |
| Memory corruption in display driver while detaching a device. |
| Memory corruption may occur while processing message from frontend during allocation. |
| Memory corruption while reading a value from a buffer controlled by the Guest Virtual Machine. |
| Memory corruption while processing input message passed from FE driver. |
| Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine. |
| Memory corruption may occur in keyboard virtual device due to guest VM interaction. |
| Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address. |
| Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset. |
| Memory corruption while calling the NPU driver APIs concurrently. |
| IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a user to download a malicious file without verifying the integrity of the code. |
| VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox. |
| VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process. |
| Out of bounds read in V8 in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) |
| Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted Chrome Extension. (Chromium security severity: Medium) |
| Use after free in Profiles in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
| Out of bounds read in PDFium in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Medium) |
