76 matches found
CVE-2026-23893
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
EUVD-2025-14548
Malicious code in bioql PyPI...
CVE-2024-21828
Improper access control in some IntelR Ethernet Controller Administrative Tools software before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2021-33058
Improper access control in the installer IntelRAdministrative Tools for IntelR Network Adaptersfor Windowsbefore version 1.4.0.21 may allow an unauthenticated user to potentially enable escalation of privilege via local access...
CVE-2019-0159
Insufficient memory protection in the Linux Administrative Tools for IntelR Network Adapters before version 24.3 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2025-20104
Race condition in some Administrative Tools for some IntelR Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2025-20104
Race condition in some Administrative Tools for some IntelR Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2025-20104
CVE-2025-20104 describes a race condition in Intel Network Adapters software, specifically affecting Intel Network Adapters package and Administrative Tools for Intel Network Adapters before version 29.4. The underlying issue allows an authenticated local user to potentially escalate privileges. ...
CVE-2024-21828
Improper access control in some IntelR Ethernet Controller Administrative Tools software before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access...
PT-2024-10051 · Intel · Intel Ethernet Controller Administrative Tools
Name of the Vulnerable Software and Affected Versions: IntelR Ethernet Controller Administrative Tools versions prior to 28.3 Description: The issue is related to improper access control in the IntelR Ethernet Controller Administrative Tools software. This may allow an authenticated user to...
Updates for Skype for Business Server 2019 (KB4470124)
Updates for Skype for Business Server 2019 KB4470124 This article specifies the applicability of Microsoft Skype for Business Server 2019 updates for each server role. Note: Skype for Business Server 2019, August 2025 update includes critical security updates for the Skype meetings application...
CVE-2022-27808
Insufficient control flow management in some IntelR Ethernet Controller Administrative Tools drivers for Windows before version 1.5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access...
Design/Logic Flaw
Insufficient control flow management in some IntelR Ethernet Controller Administrative Tools drivers for Windows before version 1.5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2022-27808
Insufficient control flow management in some IntelR Ethernet Controller Administrative Tools drivers for Windows before version 1.5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2022-27808
Affected software : Intel® Ethernet Controller Administrative Tools drivers for Windows (pre-1.5.0.2). Root cause : Insufficient control flow management within the affected drivers. Impact : An authenticated user with local access may potentially escalate privileges. Evidence : CVE-2022-27808 des...
CVE-2022-41266
Due to a lack of proper input validation, SAP Commerce Webservices 2.0 Swagger UI - versions 1905, 2005, 2105, 2011, 2205, allows malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a DOM Cross-Site Scripting XSS attack. As a result, an attacker may be able t...
CVE-2022-41266
Due to a lack of proper input validation, SAP Commerce Webservices 2.0 Swagger UI - versions 1905, 2005, 2105, 2011, 2205, allows malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a DOM Cross-Site Scripting XSS attack. As a result, an attacker may be able t...
CVE-2021-33059
Improper input validation in the IntelR Administrative Tools for IntelR Network Adapters driver for Windows before version 1.4.0.15, may allow a privileged user to potentially enable escalation of privilege via local access...
CVE-2021-33059
Improper input validation in the IntelR Administrative Tools for IntelR Network Adapters driver for Windows before version 1.4.0.15, may allow a privileged user to potentially enable escalation of privilege via local access...
CVE-2021-33058
Improper access control in the installer IntelRAdministrative Tools for IntelR Network Adaptersfor Windowsbefore version 1.4.0.21 may allow an unauthenticated user to potentially enable escalation of privilege via local access...