A vulnerability, which was classified as problematic, was found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX....
6.5CVSS
6.6AI Score
0.001EPSS
A vulnerability classified as problematic has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX 250,...
5.9CVSS
5.8AI Score
0.001EPSS
A vulnerability, which was classified as critical, has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201,...
7.2CVSS
7.4AI Score
0.002EPSS
Out-of-bounds read in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via adjacent...
8CVSS
7.8AI Score
0.0004EPSS
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via adjacent...
3.5CVSS
4.8AI Score
0.0004EPSS
A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the....
5.3CVSS
5.4AI Score
0.001EPSS
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via adjacent...
8CVSS
7.8AI Score
0.0004EPSS
Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local...
4.4CVSS
4.3AI Score
0.0004EPSS
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
6.5CVSS
6.9AI Score
0.001EPSS
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network...
8.6CVSS
7.4AI Score
0.001EPSS
Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
Exposure of resource to wrong sphere in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local...
5.5CVSS
5AI Score
0.0004EPSS
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...
7.8CVSS
7.6AI Score
0.0004EPSS
In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused...
7CVSS
6.9AI Score
0.0004EPSS
Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local...
6.5CVSS
6.3AI Score
0.001EPSS
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local...
5.5CVSS
6.2AI Score
0.0004EPSS
Improper isolation of shared resources in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local...
5.5CVSS
5AI Score
0.001EPSS
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped...
5.5CVSS
6.2AI Score
0.0004EPSS
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under...
6.5CVSS
6.9AI Score
0.001EPSS
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there....
9.8CVSS
10AI Score
0.106EPSS
Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local...
5.5CVSS
5.8AI Score
0.0004EPSS
Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical...
6.8CVSS
6.8AI Score
0.001EPSS
Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical...
2.4CVSS
4AI Score
0.001EPSS
Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
5.5CVSS
5.2AI Score
0.0005EPSS
Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local...
6.7CVSS
6.3AI Score
0.0004EPSS
Improper access control in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local...
7.8CVSS
7.4AI Score
0.0004EPSS
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP...
7.8CVSS
7.7AI Score
0.001EPSS
The function OCSP_basic_verify verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the response signing certificate fails to verify. It is...
5.3CVSS
6.8AI Score
0.002EPSS
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the.....
9.8CVSS
10AI Score
0.106EPSS
The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its memory usage will....
7.5CVSS
8AI Score
0.003EPSS
The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an OpenSSL 3.0...
5.9CVSS
7.1AI Score
0.001EPSS
Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit...
9.1CVSS
7.3AI Score
0.003EPSS
Insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK before version 16.0.3, Intel(R) SCS before version 12.2 and Intel(R) MEBx before versions 11.0.0.0012, 12.0.0.0011, 14.0.0.0004 and 15.0.0.0004 may allow an unauthenticated user to potentially enable information...
4.6CVSS
4.4AI Score
0.001EPSS
Pointer issues in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local...
7.8CVSS
7.5AI Score
0.0004EPSS
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical...
6.2CVSS
6.4AI Score
0.0004EPSS
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical...
6.6CVSS
6.5AI Score
0.0004EPSS
Out-of-bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local...
7.8CVSS
7.5AI Score
0.0004EPSS
Buffer overflow in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...
6.7CVSS
6.9AI Score
0.0004EPSS
Out-of-bounds read in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local...
6.7CVSS
6.6AI Score
0.0004EPSS
Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical...
6.6CVSS
6.6AI Score
0.0004EPSS
Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local...
7.8CVSS
7.6AI Score
0.0004EPSS
Incorrect default permissions in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local...
4.4CVSS
4.6AI Score
0.0004EPSS
Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local...
4.4CVSS
4.6AI Score
0.0004EPSS
NULL pointer dereference in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local...
6.7CVSS
6.6AI Score
0.0004EPSS
Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...
6.7CVSS
6.6AI Score
0.0004EPSS
Insufficient control flow management in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local...
6.7CVSS
6.6AI Score
0.0004EPSS
Insufficient control flow management in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local...
7.8CVSS
7.6AI Score
0.0004EPSS
Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local...
7.8CVSS
7.8AI Score
0.0004EPSS
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source...
7.5CVSS
7.2AI Score
0.001EPSS
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...
6.7CVSS
6.6AI Score
0.0004EPSS