CVE-2019-2312

CVE-2019-2312 describes a potential buffer overflow in vendor command handling due to insufficient input validation on data buffers across Snapdragon platforms ( Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, S...

Bug in NVIDIA’s Tegra Chipset Opens Door to Malicious Code Execution

A flaw impacting millions of mobile and internet of things IoT devices running NVIDIA’s Tegra processor opens the door for a variety of attacks, including device hijacking or siphoning of data. The warning comes from researcher Triszka Balázs, who discovered the flaw and asserts that the bug...

Intel Chipset Device Software Elevation of Privilege Vulnerability

Intel Chipset Device Software is a chipset firmware update utility from Intel Corporation USA. A security vulnerability exists in the installer in Intel Chipset Device Software INF Update Utility versions prior to 10.1.1.45. A local attacker can exploit the vulnerability to elevate privileges...

The vulnerability of the i5100_init_one handler in Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the i5100initone implementation drivers/edac/i5100edac.ko in the Linux kernel is related to a memory leak. Exploiting this vulnerability can allow an attacker to cause a system failure by disabling ADDI-DATA GmbH communication cards with the identifier PCIDEVICEIDINTEL510019...

The vulnerability of the Intel Chipset Device installation program lies in its insecure handling of privileges, allowing an attacker to escalate their privileges.

The vulnerability of the Intel Chipset Device installation program is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

Design/Logic Flaw

Lack of check on length of reason-code fetched from payload may lead driver access the memory not allocated to the frame and results in out of bound read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdrago...

CVE-2019-0128

Improper permissions in the installer for IntelR Chipset Device Software INF Update Utility before version 10.1.1.45 may allow an authenticated user to escalate privilege via local access...

Input validation

Improper permissions in the installer for IntelR Chipset Device Software INF Update Utility before version 10.1.1.45 may allow an authenticated user to escalate privilege via local access...

CVE-2019-0128

Improper permissions in the installer for IntelR Chipset Device Software INF Update Utility before version 10.1.1.45 may allow an authenticated user to escalate privilege via local access...

CVE-2019-0128

Improper permissions in the installer for IntelR Chipset Device Software INF Update Utility before version 10.1.1.45 may allow an authenticated user to escalate privilege via local access...

CVE-2019-0128

CVE-2019-0128 affects Intel Chipset Device Software (INF Update Utility) before version 10.1.1.45. The root cause is improper permissions in the installer, allowing an authenticated user to escalate privileges via local access. Reported impact is local elevation of privileges with partial confide...

Microsoft HoloLens Remote Code Execution Vulnerabilities

Executive Summary Microsoft is aware of vulnerabilities that affect the Broadcom wireless chipset included in the Microsoft HoloLens device. The vulnerabilities could allow an unauthenticated attacker in physical proximity to cause a denial of service condition or execute code on a target system...

PT-2019-2464 · Intel · Intel Chipset Device

Name of the Vulnerable Software and Affected Versions: IntelR Chipset Device Software INF Update Utility versions prior to 10.1.1.45 Description: The issue is related to improper permissions in the installer, which may allow an authenticated user to escalate privileges via local access. This is d...

Intel® Chipset Device Software (INF Update Utility) Advisory

Summary: A potential security vulnerability in the Intel® Chipset Device Software INF Update Utility may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2019-0128 Description: Improper permissions in th...

Intel Chipset Device Software Vulnerability - Lenovo Support US

No description provided...

Intel Chipset Device Software Vulnerability - Lenovo Support US

Lenovo Security Advisory: LEN-27840 Potential Impact: Privilege escalation Severity: Low Scope of Impact: Industry-wide CVE Identifier: CVE-2019-0128 Summary Description: A potential security vulnerability in the Intel Chipset Device Software INF Update Utility may allow escalation of privilege...

CVE-2018-4029

An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code execution...

CVE-2018-4028

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. The HTTP server could allow an attacker to overwrite the root directory of the server, resulting in a denial of service. An attacker can send an HTTP POS...

CVE-2018-4029

An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code execution...

CVE-2018-4028

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. The HTTP server could allow an attacker to overwrite the root directory of the server, resulting in a denial of service. An attacker can send an HTTP POS...