Lucene search
K

9106 matches found

OSV
OSV
added 2023/02/16 8:15 p.m.6 views

CVE-2022-34153

Improper initialization in the IntelR Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2023/02/16 8:15 p.m.17 views

Input validation

Improper initialization in the IntelR Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

4.3CVSS7.8AI score0.00198EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/02/16 8:15 p.m.22 views

Input validation

Improper initialization in the IntelR TXT SINIT ACM for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access...

4CVSS6.6AI score0.00212EPSS
Exploits0References1
CVE
CVE
added 2023/02/16 7:59 p.m.90 views

CVE-2022-30704

The CVE-2022-30704 issue relates to improper initialization in the Intel TXT SINIT ACM for certain Intel processors. The underlying effect is a potential privilege escalation via local access by a privileged user. Documents specify the affected component as the Intel TXT SINIT ACM within BIOS/fir...

7.2CVSS6.6AI score0.00212EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/02/16 10:6 a.m.14 views

SUSE-SU-2023:0435-1 Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Updated to version jdk-17.0.6.0+10: - CVE-2023-21835: Fixed handshake DoS attack against DTLS connections bsc1207246. - CVE-2023-21843: Fixed soundbank URL remote loading bsc1207248. Bugfixes: - Avoid calling CGetInfo too early, before...

5.3CVSS5.1AI score0.01836EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/16 3:2 a.m.3 views

SUSE CVE-2022-46397

FP.io VPP Vector Packet Processor 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates a Predictable IV with CBC Mode...

7.5CVSS7AI score0.0062EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/02/16 12:0 a.m.4 views

Intel Processors 安全漏洞

Intel Processors are U.S.-based Intel Corporation's offerings for interpreting computer instructions and processing data in computer software. A security vulnerability exists in the IntelR Processors BIOS firmware that originates from an incorrect initialization in the firmware and could allow a...

7.5CVSS7.1AI score0.00211EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/02/16 12:0 a.m.6 views

PT-2023-13017 · Intel · Intel Txt Sinit Acm

Name of the Vulnerable Software and Affected Versions: IntelR TXT SINIT ACM for some IntelR Processors affected versions not specified Description: The issue is related to improper initialization in the IntelR TXT SINIT ACM for some IntelR Processors. This may allow a privileged user to potential...

7.2CVSS6.7AI score0.00212EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/02/16 12:0 a.m.17 views

Intel Processors 安全漏洞

Intel Processors are U.S.-based companies of Intel Corporation that provide for the interpretation of computer instructions and the processing of data in computer software. A security vulnerability exists in Intel Processors that originates from an incorrect initialization in the IntelR TXT SINIT...

7.2CVSS7.1AI score0.00212EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.3 views

SUSE CVE-2004-1392

PHP 4.0 with cURL functions allows remote attackers to bypass the openbasedir setting and read arbitrary files via a file: URL argument to the curlinit function...

5CVSS7.1AI score0.10394EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.4 views

SUSE CVE-2006-4514

Heap-based buffer overflow in the oleinforeadmetabat function in Gnome Structured File library libgsf 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large nummetabat value in an OLE document, which causes the oleinitinfo function to...

7.5CVSS8.2AI score0.04065EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.2 views

SUSE CVE-2006-5749

The isdnpppccpresetallocstate function in drivers/isdn/isdnppp.c in the Linux 2.4 kernel before 2.4.34-rc4 does not call the inittimer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash...

1.7CVSS6.7AI score0.00355EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.2 views

SUSE CVE-2006-5754

The aiosetupring function in Linux kernel does not properly initialize a variable, which allows local users to cause a denial of service crash via an unspecified error path that causes an incorrect free operation...

4.9CVSS6.5AI score0.00395EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.1 views

SUSE CVE-2007-2525

Memory leak in the PPP over Ethernet PPPoE socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service memory consumption by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized...

4.9CVSS6.1AI score0.00405EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.3 views

SUSE CVE-2007-2727

The mcryptcreateiv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls phprandr with an uninitialized seed variable and therefore always generates the same initialization vector IV, which might allow context-dependent attackers to decrypt...

2.6CVSS7.1AI score0.0186EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.4 views

SUSE CVE-2007-3528

The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...

5CVSS6.9AI score0.0176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.2 views

SUSE CVE-2007-3806

The glob function in PHP 5.2.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter, probably related to memory corruption or an invalid read on win32 platforms, and possibly related to lack of initializati...

6.8CVSS8.1AI score0.10744EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.3 views

SUSE CVE-2007-5471

libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in SUSE Linux Enterprise Server 10 SP 1, terminates upon an initialization error, which allows remote attackers to cause a denial of service daemon exit via a GSS-TSIG request. NOTE: this issue probably affects other daemons that...

7.8CVSS6.9AI score0.02603EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:6 a.m.2 views

SUSE CVE-2008-5624

PHP 5 before 5.2.7 does not properly initialize the pageuid and pagegid global variables for use by the SAPI phpgetuid function, which allows context-dependent attackers to bypass safemode restrictions via variable settings that are intended to be restricted to root, as demonstrated by a setting ...

7.5CVSS7AI score0.02222EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.3 views

SUSE CVE-2009-0360

Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid...

6.2CVSS7AI score0.00695EPSS
Exploits6References3
Rows per page
Query Builder