Lucene search
+L

253 matches found

CNNVD
CNNVD
added 2022/11/09 12:0 a.m.6 views

多款Intel产品代码问题漏洞

Intel Converged Security and Management Engine CSME, etc. are products of Intel Corporation, USA. Intel Converged Security and Management Engine is a security management engine. Intel Server Platform Services SPS is a server platform service program. Intel Converged Security and Management Engine...

8.6CVSS7.3AI score0.00654EPSS
Exploits0References4
OSV
OSV
added 2022/02/09 11:15 p.m.6 views

CVE-2021-0060

Insufficient compartmentalization in HECI subsystem for the IntelR SPS before versions SPSE504.01.04.516.0, SPSE504.04.04.033.0, SPSE504.04.03.281.0, SPSE503.01.03.116.0, SPSE305.01.04.309.0, SPS02.04.00.101.0, SPSSoC-A05.00.03.114.0, SPSSoC-X04.00.04.326.0, SPSSoC-X03.00.03.117.0,...

6.6CVSS6.6AI score0.00323EPSS
Exploits0References2
NVD
NVD
added 2021/06/09 8:15 p.m.35 views

CVE-2021-0132

Missing release of resource after effective lifetime in an API for the IntelR Security Library before version 3.3 may allow a privileged user to potentially enable denial of service via network access...

4.9CVSS0.00825EPSS
Exploits0References1
OSV
OSV
added 2021/06/09 8:15 p.m.4 views

CVE-2021-0131

Use of cryptographically weak pseudo-random number generator PRNG in an API for the IntelR Security Library before version 3.3 may allow an authenticated user to potentially enable information disclosure via network access...

6.5CVSS5.8AI score0.0081EPSS
Exploits0References1
NVD
NVD
added 2021/06/09 8:15 p.m.22 views

CVE-2021-0131

Use of cryptographically weak pseudo-random number generator PRNG in an API for the IntelR Security Library before version 3.3 may allow an authenticated user to potentially enable information disclosure via network access...

6.5CVSS0.0081EPSS
Exploits0References1
NVD
NVD
added 2021/06/09 8:15 p.m.33 views

CVE-2021-0133

Key exchange without entity authentication in the IntelR Security Library before version 3.3 may allow an authenticated user to potentially enable escalation of privilege via network access...

8.1CVSS0.0085EPSS
Exploits0References1
NVD
NVD
added 2021/06/09 8:15 p.m.31 views

CVE-2021-0134

Improper input validation in an API for the IntelR Security Library before version 3.3 may allow a privileged user to potentially enable denial of service via network access...

4.9CVSS0.00825EPSS
Exploits0References1
OSV
OSV
added 2021/06/09 8:15 p.m.4 views

CVE-2021-0133

Key exchange without entity authentication in the IntelR Security Library before version 3.3 may allow an authenticated user to potentially enable escalation of privilege via network access...

8.1CVSS5.8AI score0.0085EPSS
Exploits0References1
OSV
OSV
added 2021/06/09 8:15 p.m.6 views

CVE-2021-0132

Missing release of resource after effective lifetime in an API for the IntelR Security Library before version 3.3 may allow a privileged user to potentially enable denial of service via network access...

4.9CVSS5.8AI score0.00825EPSS
Exploits0References1
Prion
Prion
added 2021/06/09 8:15 p.m.27 views

Authentication flaw

Key exchange without entity authentication in the IntelR Security Library before version 3.3 may allow an authenticated user to potentially enable escalation of privilege via network access...

5.5CVSS8.3AI score0.0085EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/06/09 8:15 p.m.31 views

Input validation

Improper input validation in an API for the IntelR Security Library before version 3.3 may allow a privileged user to potentially enable denial of service via network access...

4CVSS5AI score0.00825EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/06/09 8:15 p.m.18 views

Information disclosure

Use of cryptographically weak pseudo-random number generator PRNG in an API for the IntelR Security Library before version 3.3 may allow an authenticated user to potentially enable information disclosure via network access...

4CVSS6.2AI score0.0081EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/06/09 8:15 p.m.2 views

CVE-2021-0051

Improper input validation in the IntelR SPS versions before SPSE504.04.04.023.0, SPSE504.04.03.228.0 or SPSSoC-A05.00.03.098.0 may allow a privileged user to potentially enable denial of service via local access...

4.4CVSS5.3AI score0.0023EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/06/09 7:10 p.m.34 views

CVE-2021-0134

Improper input validation in an API for the IntelR Security Library before version 3.3 may allow a privileged user to potentially enable denial of service via network access...

5.3AI score0.00825EPSS
Exploits0References1
CVE
CVE
added 2021/06/09 7:10 p.m.79 views

CVE-2021-0131

The CVE-2021-0131 issue is documented across multiple sources as a vulnerability in the Intel® Security Library prior to version 3.3, caused by the use of a cryptographically weak pseudo-random number generator (PRNG). An authenticated user could potentially disclose information over the network ...

6.5CVSS6.2AI score0.0081EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/09 7:10 p.m.32 views

CVE-2021-0132

Missing release of resource after effective lifetime in an API for the IntelR Security Library before version 3.3 may allow a privileged user to potentially enable denial of service via network access...

5.3AI score0.00825EPSS
Exploits0References1
CVE
CVE
added 2021/06/09 7:10 p.m.92 views

CVE-2021-0132

The CVE-2021-0132 entry concerns the Intel® Security Library prior to version 3.3, where a missing release of resources after their effective lifetime in an API may let a privileged user cause a denial of service over the network. Affected products include Intel Security Library components used i...

4.9CVSS4.9AI score0.00825EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/06/09 7:10 p.m.90 views

CVE-2021-0133

The CVE-2021-0133 issue affects Intel® Security Library prior to 3.3. It is caused by a key exchange that is not entity-authenticated, which may allow an authenticated user to escalate privileges via network access. Documents consistently identify the vulnerable component as the Intel Security Li...

8.1CVSS8.3AI score0.0085EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/09 7:10 p.m.36 views

CVE-2021-0133

Key exchange without entity authentication in the IntelR Security Library before version 3.3 may allow an authenticated user to potentially enable escalation of privilege via network access...

8.6AI score0.0085EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/06/09 1:45 a.m.83 views

Important: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update

An update for microcodectl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.8CVSS6.6AI score0.00472EPSS
Exploits0References5
Rows per page
Query Builder