CVE-2021-0055

Insecure inherited permissions for some IntelR NUC 9 Extreme Laptop Kit LAN Drivers before version 10.42 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2020-24473

Out of bounds write in the BMC firmware for some IntelR Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via local access...

DEBIAN-CVE-2020-24489

Incomplete cleanup in some IntelR VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access...

DEBIAN-CVE-2020-24513

Domain-bypass transient execution vulnerability in some Intel AtomR Processors may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2020-24513

Domain-bypass transient execution vulnerability in some Intel AtomR Processors may allow an authenticated user to potentially enable information disclosure via local access...

hw: vt-d related privilege escalation

A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is...

hw: information disclosure on some Intel Atom processors

A potential domain bypass transient execution vulnerability was discovered on some Intel Atom® processors that uses a microarchitectural incidental channel. Currently this channel can reveal supervisor data in the L1 cache and the contents of recent stores. As a consequence, this issue may allow ...

Intel Unite 安全漏洞

Intel Unite is an enterprise meeting collaboration solution from Intel Corporation USA. A security vulnerability exists in Intel Unite 4.2.25031, which stems from incorrect access control that could allow authenticated users to enable privilege escalation via local access...

Intel Unite 代码问题漏洞

Intel Unite is a suite of enterprise meeting collaboration solutions from Intel Corporation. A security vulnerability exists in Intel UniteR Client versions prior to 4.2.25031, which stems from an uncontrolled search path that could allow authenticated users to potentially enable privilege...

UBUNTU-CVE-2020-24489

Incomplete cleanup in some IntelR VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2021-1536

A vulnerability in Cisco Webex Meetings Desktop App for Windows, Cisco Webex Meetings Server, Cisco Webex Network Recording Player for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. To exploit this...

Cisco SD-WAN Software 安全漏洞

Cisco SD-WAN is a highly secure cloud-scale architecture that is open, programmable, and scalable from Cisco USA. A security vulnerability exists in the Cisco SD-WAN Software that allows an authenticated, local attacker to gain elevated privileges on an affected system...

CVE-2021-1306

A vulnerability in the restricted shell of Cisco Evolved Programmable Network EPN Manager, Cisco Identity Services Engine ISE, and Cisco Prime Infrastructure could allow an authenticated, local attacker to identify directories and write arbitrary files to the file system. This vulnerability is du...

Dell Wyse Management Suite 安全漏洞

Wyse Management Suite is a scalable solution for managing and optimizing Wyse endpoints from Dell, USA. The product includes features such as centralized management of Wyse endpoints, asset tracking and automated device discovery. A security vulnerability exists in Wyse Management Suite in Dell,...

CVE-2021-1447

A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Management Appliance SMA could allow an authenticated, local attacker to elevate their privileges to root. This vulnerability is due to a procedural flaw in the password generation algorithm. An...

CVE-2021-1421

A vulnerability in Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, local attacker to perform a command injection attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input to a configuration command. An attacker could...

CVE-2021-1430

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execut...

Cisco AnyConnect Secure Mobility Client for Windows 代码问题漏洞

Cisco AnyConnect Secure Mobility Client for Windows is a Windows-based secure mobility client from Cisco that provides secure access to networks and applications from any device. A security vulnerability exists in Cisco AnyConnect Secure Mobility Client for Windows that could allow an...

PT-2021-3256 · Cisco · Cisco Sd-Wan

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN Software affected versions not specified Description: A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected...

PT-2021-2834 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the upgrade process could allow an authenticated, local attacker to inject commands...