3787 matches found
CVE-2020-8720
CVE-2020-8720: Buffer overflow in the subsystem of Intel® Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to cause a denial of service via local access. Affected products include Intel® Server Boards S2600WT, S2600CW, S2600KP/TP families, S1200SP ...
CVE-2020-8714
The CVE-2020-8714 entry corresponds to an Intel advisory issue for Intel® Server Boards, Server Systems and Compute Modules, describing an improper authentication vulnerability that before firmware version 1.59 could permit an authenticated user to potentially escalate privileges via local access...
CVE-2020-8716
CVE-2020-8716 pertains to Intel® Server Boards, Server Systems and Compute Modules prior to firmware version 1.59, where improper access control could allow an authenticated local user to potentially cause a denial of service. The Intel advisory (Intel SA-00384) lists multiple related CVEs and up...
CVE-2020-8715
CVE-2020-8715 affects Intel® Server Boards, Server Systems and Compute Modules prior to version 1.59. An invalid pointer may allow an unauthenticated user to cause denial of service via local access. Intel advisory INTEL-SA-00384 documents this family, providing firmware updates to mitigate (upda...
CVE-2020-8729
CVE-2020-8729 corresponds to a buffer copy issue in Intel® Server Boards, Server Systems and Compute Modules prior to firmware version 1.59 that may allow an authenticated local user to escalate privileges. The Intel advisory INTEL-SA-00384 documents this family of vulnerabilities and lists CVE-2...
CVE-2020-8706
Responsive summary: CVE-2020-8706 is a buffer overflow in the daemon of Intel® Server Boards, Server Systems and Compute Modules prior to version 1.59 that may allow an unauthenticated user to escalate privileges via adjacent access. The issue affects multiple Intel product families (server board...
CVE-2020-8713
CVE-2020-8713 affects Intel® Server Boards, Server Systems and Compute Modules prior to firmware version 1.59, where improper authentication may let an unauthenticated user potentially escalate privileges via adjacent access. NVD reports a CVSS v3.1 base score of 8.8 (High) with ADJACENT attack v...
CVE-2020-8723
Cross-site scripting for some IntelR Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access...
CVE-2020-8722
CVE-2020-8722 affects Intel Server Boards, Server Systems and Compute Modules, where a Buffer overflow in a subsystem before version 1.59 may allow a privileged user to escalate privileges via local access. Multiple connected sources (NVD entry, Red Hat advisory, and Intel’s Intel-SA-00384 adviso...
CVE-2020-8718
CVE-2020-8718: Buffer overflow in a subsystem of Intel® Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to escalate privileges via local access. Affected components are the Intel server hardware family; exploitation is local with low attack co...
CVE-2020-8721
CVE-2020-8721 describes improper input validation in Intel Server Boards, Server Systems and Compute Modules prior to firmware version 1.59, which may allow a privileged user to escalate privileges via local access. The issue affects Intel’s firmware for several server product families; the docum...
CVE-2020-8707
CVE-2020-8707 affects Intel Server Boards, Server Systems and Compute Modules. The issue is a buffer overflow in the daemon before version 1.59, which may allow an unauthenticated user to escalate privileges via adjacent access. Impact: potential privilege escalation. Affected products include In...
CVE-2020-8731
CVE-2020-8731 affects Intel® Server Boards, Server Systems and Compute Modules prior to firmware version 1.59. The issue is described as incorrect execution-assigned permissions in the file system, which may allow an authenticated user to escalate privileges via local access. Intel’s advisory (In...
CVE-2020-8730
CVE-2020-8730 affects Intel® Server Boards, Server Systems and Compute Modules. The issue is a heap-based overflow in firmware prior to version 1.59, which may allow an authenticated user to potentially escalate privileges via local access. Intel’s advisory confirms affected families (R1000WT/R20...
Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules
Intel is warning of a rare critical-severity vulnerability affecting several of its motherboards, server systems and compute modules. The flaw could allow an unauthenticated, remote attacker to achieve escalated privileges. The recently patched flaw CVE-2020-8708 ranks 9.6 out of 10 on the CVSS...
SUSE-SU-2020:2200-1 Security update for google-compute-engine
This update for google-compute-engine fixes the following issues: - Do not add the created user to the adm CVE-2020-8903, docker CVE-2020-8907, or lxd CVE-2020-8933 groups if they exist bsc1173258. - Don't enable and start google-network-daemon.service when it's already installed bsc1169978...
Intel® Server Boards, Server Systems and Compute Modules Advisory
Summary: Potential security vulnerabilities in some Intel® Server Boards, Server Systems and Compute Modules may allow escalation of privilege or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2020-8708...
Huawei FusionCompute Information Disclosure Vulnerability (CNVD-2020-46462)
Huawei FusionCompute is a computer virtualization engine from Huawei China. The product provides Virtual Resource Manager VRM and Compute Node Agent CNA, among others. An information disclosure vulnerability exists in Huawei FusionCompute version 8.0.0, which originates from the program failing t...
Huawei FusionCompute Information Disclosure Vulnerability (CNVD-2020-46464)
Huawei FusionCompute is a computer virtualization engine from Huawei China. The product provides Virtual Resource Manager VRM and Compute Node Agent CNA, among others. An information disclosure vulnerability exists in Huawei FusionCompute version 8.0.0, which originates from the program failing t...
Cloudsplaining - An AWS IAM Security Assessment Tool That Identifies Violations Of Least Privilege And Generates A Risk-Prioritized Report
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. Example report Documentation For full documentation, please visit the project on ReadTheDocs. Installation Cheat sheet Example report Overview...