| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger a crash of the FW running on the GPU freezing graphics output. |
| Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address. |
| Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset. |
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler which may lead to denial of service, escalation of privileges, information disclosure, and data tampering. |
| A memory corruption vulnerability in SdHost and SdMmcDevice in Insyde InsydeH2O kernel 5.2 before 05.29.09, kernel 5.3 before 05.38.09, kernel 5.4 before 05.46.09, kernel 5.5 before 05.54.09, and kernel 5.6 before 05.61.09 could lead to escalating privileges in SMM. |
| Untrusted Pointer Dereference in I/O subsystem for some Intel(R) QAT software before version 2.0.5 may allow authenticated user to potentially enable information disclosure via local operating system access. |
| Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace. |
| Visual Studio Elevation of Privilege Vulnerability |
| Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability |
| Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability |
| Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability |
| Memory corruption when PAL client calls PAL service APIs by passing a random value as handle and the handle is not validated by the service. |
| Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine. |
|
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure.
|
| There is an elevation of privilege vulnerability in server
and client components of Absolute Secure Access prior to version 13.07.
Attackers with local access and valid desktop user credentials can elevate
their privilege to system level by passing invalid address data to the vulnerable
component. This could be used to
manipulate process tokens to elevate the privilege of a normal process to
System. The scope is changed, the impact to system confidentiality and
integrity is high, the impact to the availability of the effected component is
none. |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering. |
