Rockwell Automation FactoryTalk Services Platform 授权问题漏洞

Rockwell Automation FactoryTalk Services Platform is a suite of services platforms from Rockwell Automation, Inc. that consists of multiple products that provide applications with routine services such as diagnostic information, health monitoring, and real-time data access. A security vulnerabili...

CVE-2022-42878

Null pointer dereference for some IntelR Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access...

Intel NUC 代码问题漏洞

The Intel NUC is a small minicomputer from Intel Corporation USA. A security vulnerability exists in Intel NUC P14E Laptop Element software prior to version 1.1.44, which stems from the presence of an uncontrolled search path element that could allow an authenticated user to potentially enable...

Intel VTune Profiler 安全漏洞

Intel VTune Profiler is a performance testing tool for optimized software from Intel USA. The software performs performance testing of IoT embedded applications, media software, Java applications, and high-performance computing applications. A security vulnerability exists in versions prior to...

PT-2023-13904 · Intel · Intel Nuc Hdmi Firmware Update Tool

Name of the Vulnerable Software and Affected Versions: IntelR HDMI Firmware Update Tool for NUC versions prior to 1.79.1.1 Description: The issue is related to incorrect default permissions that may allow an authenticated user to potentially enable escalation of privilege via local access...

PT-2023-13004 · Intel · Intel Vroc

Name of the Vulnerable Software and Affected Versions: IntelR VROC software versions prior to 7.7.6.1003 Description: The issue is related to incorrect default permissions in the IntelR VROC software, which may allow an authenticated user to potentially enable escalation of privilege via local...

PT-2023-13771 · Intel · Intel Dcm

Name of the Vulnerable Software and Affected Versions: Intel DCM software versions prior to 5.0.1 Description: The issue concerns the exposure of a data element to the wrong session, potentially allowing an authenticated user to escalate privileges via local access. Recommendations: For versions...

CVE-2023-20098

A vulnerability in the CLI of Cisco SDWAN vManage Software could allow an authenticated, local attacker to delete arbitrary files. This vulnerability is due to improper filtering of directory traversal character sequences within system commands. An attacker with administrative privileges could...

PT-2023-2530 · Cisco · Cisco Sdwan Vmanage

Name of the Vulnerable Software and Affected Versions: Cisco SDWAN vManage Software affected versions not specified Description: A vulnerability in the CLI of Cisco SDWAN vManage Software could allow an authenticated, local attacker to delete arbitrary files. This issue arises from improper...

PT-2023-2512 · Cisco · Cisco Industrial Network Director

Name of the Vulnerable Software and Affected Versions: Cisco Industrial Network Director affected versions not specified Description: A vulnerability in the Cisco Industrial Network Director could allow an authenticated, local attacker to read application data due to insufficient default file...

GLPI Activity 信息泄露漏洞

GLPI is an open source IT and asset management software for individual developers. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and ink...

CVE-2023-20029

A vulnerability in the Meraki onboarding feature of Cisco IOS XE Software could allow an authenticated, local attacker to gain root level privileges on an affected device. This vulnerability is due to insufficient memory protection in the Meraki onboarding feature of an affected device. An attack...

CVE-2023-20097

A vulnerability in Cisco access points AP software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker...

CVE-2023-25536

Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover...

PT-2023-20146 · Dell · Dell Powerscale Onefs

Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS version 9.4.0.x Description: The issue concerns exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this in certificate management, leading to a...

CVE-2023-20015

A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input...

UBUNTU-CVE-2022-34841

Improper buffer restrictions in the IntelR Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-37329

Uncontrolled search path in some IntelR QuartusR Prime Pro and Standard Edition software may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-34153

Improper initialization in the IntelR Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-33892

Path traversal in the IntelR Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access...