680 Security Vulnerabilities

CVE-2021-29218

A local unquoted search path security vulnerability has been identified in HPE Agentless Management Service for Windows version(s): Prior to 1.44.0.0, 10.96.0.0. This vulnerability could be exploited locally by a user with high privileges to execute malware that may lead to a loss of...

CVE-2021-34400

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information...

CVE-2021-1125

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program...

CVE-2021-23219

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information...

CVE-2021-1105

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information...

CVE-2021-1088

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information...

CVE-2021-23217

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or...

CVE-2021-34399

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information...

CVE-2021-20107

There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. The vulnerability allows for unauthenticated kinetic effects and information disclosure on the faucets. It is possible to use the Bluetooth Low...

CVE-2021-3438

A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of...

CVE-2020-7205

A potential security vulnerability has been identified in HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. The vulnerability could be locally exploited to allow arbitrary code execution during the boot process. Note: This vulnerability is related to using insmod.....

CVE-2019-11136

Insufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information...

CVE-2019-11137

Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially...

CVE-2007-4213

Palm OS on Treo 650, 680, 700p, and 755p Smart phones allows remote attackers to cause a denial of service (device reset or hang) via a flood of large ICMP echo requests. NOTE: this is probably a different vulnerability than...