CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

402 matches found

CVE•added 2026/02/10 4:25 p.m.•21 views

CVE-2025-27708

The CVE-2025-27708 entry describes an out-of-bounds read in Intel CSME firmware (Ring 0) that may allow information disclosure. A local attacker with privileged user rights and high attack complexity could expose data without user interaction, with confidentiality impact High and no integrity/ava...

5.6CVSS5.3AI score0.00099EPSS

Exploits0References1

Positive Technologies•added 2026/02/10 12:0 a.m.•6 views

PT-2026-7295

Name of the Vulnerable Software and Affected Versions IntelR Converged Security and Management Engine CSME Firmware FW affected versions not specified Description An out-of-bounds read issue exists in the firmware within Ring 0: Kernel, potentially allowing information disclosure. A system softwa...

5.6CVSS5.2AI score0.00099EPSS

Exploits0References6

CNNVD•added 2026/02/10 12:0 a.m.•8 views

Intel Converged Security and Management Engine（CSME）缓冲区错误漏洞

The Intel Converged Security and Management Engine CSME is a security management engine developed by Intel Corporation in the United States. The Intel Converged Security and Management Engine Firmware contains a buffer overflow vulnerability, which stems from out-of-bounds reads, potentially...

5.6CVSS6.1AI score0.00099EPSS

Exploits0References1

Vulnrichment•added 2026/01/13 1:15 a.m.•3 views

CVE-2026-0510 Obsolete Encryption Algorithm Used in NW AS Java UME User Mapping

The User Management Engine UME in NetWeaver Application Server for Java NW AS Java utilizes an obsolete cryptographic algorithm for encrypting User Mapping data. This weakness could allow an attacker with high-privileged access to exploit the vulnerability under specific conditions potentially...

3CVSS6.1AI score0.00122EPSS

Exploits0References2

Cvelist•added 2026/01/13 1:15 a.m.•26 views

CVE-2026-0510 Obsolete Encryption Algorithm Used in NW AS Java UME User Mapping

3CVSS0.00122EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 10:12 a.m.•8 views

CVE-2019-11131

Logic issue in subsystem in IntelR AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access...

9.8CVSS7.4AI score0.01792EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:10 a.m.•6 views

CVE-2019-11097

Improper directory permissions in the installer for IntelR Management Engine Consumer Driver for Windows before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45,13.0.10 and 14.0.10; IntelR TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of...

7.8CVSS7.1AI score0.0031EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:57 a.m.•9 views

CVE-2020-12608

An issue was discovered in SolarWinds MSP PME Patch Management Engine Cache Service before 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds MSP\SolarWinds.MSP.CacheService\config\. This can lead to code execution by changing the...

9.3CVSS7.4AI score0.22404EPSS

Exploits4References1

UbuntuCve•added 2025/12/30 12:15 p.m.•4 views

CVE-2022-50784

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone If cloning the SKB fails, don't try to use it, but rather return as if we should pass it. Coverity CID: 1503456...

5.7AI score0.00155EPSS

Exploits0References5

Positive Technologies•added 2025/12/30 12:0 a.m.•4 views

PT-2025-53924

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's iwlwifi component related to the mei driver. Specifically, a potential NULL pointer dereference can occur after an attempt to clone an SKB Socket Buff...

6.4AI score0.00155EPSS

Exploits0References8