Lucene search
K

111 matches found

CVE
CVE
added 2021/11/17 6:56 p.m.49 views

CVE-2021-33089

CVE-2021-33089 affects the Intel NUC HDMI Firmware Update Tool for NUC8i3BE/NUC8i5BE/NUC8i7BE. The root cause is improper access control in the software installer, which may allow an authenticated local user to escalate privileges. Impact is described as privilege escalation with high confidentia...

7.8CVSS7.8AI score0.00238EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/11/17 6:55 p.m.34 views

CVE-2021-0096

CVE-2021-0096 concerns the Intel NUC HDMI Firmware Update Tool. The issue is described as improper authentication in the software installer for NUC7i3DN, NUC7i5DN, and NUC7i7DN before version 1.78.1.1, potentially allowing a locally authenticated user to escalate privileges. The Red Hat and Intel...

7.8CVSS7.9AI score0.00227EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/23 12:0 a.m.6 views

The vulnerability of the software installer for Intel Optane DC Persistent Memory, which allows a hacker to enhance their privileges.

The vulnerability of the software installer for Intel Optane DC Persistent Memory, which operates on non-volatile memory, is related to improper handling of the search path. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.7CVSS7.2AI score0.00273EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/12/13 12:0 a.m.11 views

The vulnerability of the installer of Intel Smart Connect Technology allows a perpetrator to enhance their privileges.

The vulnerability of the Intel Smart Connect Technology software installer is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.3CVSS7.2AI score0.00294EPSS
Exploits0References2
Prion
Prion
added 2019/10/11 6:15 p.m.16 views

Input validation

Improper file permission in software installer for IntelR Smart Connect Technology for IntelR NUC may allow an authenticated user to potentially enable escalation of privilege via local access...

4.6CVSS7.8AI score0.00294EPSS
Exploits0References1
CVE
CVE
added 2019/10/11 5:57 p.m.106 views

CVE-2019-11167

CVE-2019-11167 affects Intel Smart Connect Technology for Intel NUC. Root cause: improper file permissions in the software installer, enabling an authenticated local user to escalate privileges via local access. According to the Intel advisory, the vendor does not provide patches and recommends u...

7.8CVSS7.7AI score0.00294EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/10/11 5:57 p.m.18 views

CVE-2019-11167

Improper file permission in software installer for IntelR Smart Connect Technology for IntelR NUC may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8AI score0.00294EPSS
Exploits0References1
Prion
Prion
added 2019/08/19 5:15 p.m.21 views

Input validation

Improper permissions in the software installer for IntelR Authenticate before 3.8 may allow an authenticated user to potentially enable escalation of privilege via local access...

4.6CVSS6.8AI score0.00354EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/08/19 4:13 p.m.79 views

CVE-2019-11143

Summary : CVE-2019-11143 affects Intel® Authenticate prior to 3.8 due to improper permissions in the software installer, which could allow an authenticated local user to escalate privileges. Intel specifies updates to 3.8 or later as remediation. Other sources (Red Hat, CNVD, CNVD-derived listing...

6.7CVSS6.7AI score0.00354EPSS
Exploits0References1Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2019/02/18 12:0 a.m.139 views

JVN#50810870: Installer of Adobe Creative Cloud Desktop Application may insecurely load Dynamic Link Libraries

Installer of Creative Cloud Desktop Application provided by Adobe contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest...

7.8CVSS7.7AI score0.03279EPSS
Exploits0
CNVD
CNVD
added 2018/09/14 12:0 a.m.6 views

Intel Data Center Migration Center Software software installer DLL injection vulnerability

Intel Data Center Migration Center Software is a set of data center migration software from Intel Corporation in the U.S. The software installer is its installer. A DLL injection vulnerability exists in the software installer in Intel Data Center Migration Center Software 3.1 and earlier versions...

5.3CVSS5.8AI score0.00432EPSS
Exploits0References1
NVD
NVD
added 2018/09/12 7:29 p.m.15 views

CVE-2018-12160

DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access...

5.3CVSS5.5AI score0.00432EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/09/12 7:0 p.m.19 views

CVE-2018-12160

DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access...

5.5AI score0.00432EPSS
Exploits0References1
CVE
CVE
added 2018/09/12 7:0 p.m.71 views

CVE-2018-12160

CVE-2018-12160 is a DLL injection vulnerability in Intel Data Center Migration Center Software installer (v3.1 and earlier). The issue allows an authenticated local user to execute code with default directory permissions due to improper installer permissions. Affected product/versions: Intel Data...

5.3CVSS5.4AI score0.00432EPSS
Exploits0References1Affected Software1
CERT
CERT
added 2017/07/20 12:0 a.m.541 views

Inmarsat AmosConnect8 Mail Client Vulnerable to SQL Injection and Backdoor Account

Overview Inmarsat Solutions offers a shipboard email client service, AmosConnect 8 AC8, which was designed to be utilized over satellite networks in a highly optimized manner. IOActive has identified two security vulnerabilities in the client software: On-board ship network access could provide...

10CVSS10AI score0.07413EPSS
Exploits0References5
CVE
CVE
added 2017/04/28 4:0 p.m.49 views

CVE-2017-2149

The CVE-2017-2149 issue is an Untrusted search path vulnerability in Toshiba memory card installers, enabling a Trojan horse DLL to be loaded from an unspecified directory and allowing code execution with user privileges. Affected software includes several FlashAir/TransferJet related tools and c...

9.3CVSS8.8AI score0.0299EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2016/11/03 12:0 a.m.4 views

J-LIS The Public Certification Service for Individuals 'The JPKI user's software' Arbitrary Code Execution Vulnerability

J-LIS The Public Certification Service for Individuals "The JPKI user's software" is a set of public certification service software for individuals based on the PKI Public Key Infrastructure platform from Japan Agency for Local Authority Information Systems J-LIS. The JPKI user's software" is a...

9.3CVSS7.3AI score0.01829EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2014/06/15 9:1 p.m.12 views

DeviantArt Malwaretising Campaigns lead to Potentially Unwanted Apps

Today, the estimated number of known computer threats like viruses, worms, backdoors, exploits, Trojans, spyware, password stealer, and other variants of potentially unwanted software range into millions. It has the capability to create several different forms of itself dynamically in order to...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2010/07/18 12:0 a.m.75 views

[security bulletin] HPSBMA02550 SSRT100170 rev.2 - HP Insight Software Installer for Windows, Local Unauthorized Access to Data, Remote Cross Site Request Forgery (CSRF)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02282377 Version: 2 HPSBMA02550 SSRT100170 rev.2 - HP Insight Software Installer for Windows, Local Unauthorized Access to Data, Remote Cross Site Request Forgery CSRF NOTICE: The information in...

6.8CVSS0.6AI score0.00936EPSS
Exploits0
NVD
NVD
added 2010/07/15 12:57 p.m.30 views

CVE-2010-1971

Cross-site request forgery CSRF vulnerability in HP Insight Software Installer for Windows before 6.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, a different vulnerability than CVE-2010-1968...

6.8CVSS7AI score0.00936EPSS
Exploits0References4
Rows per page
Query Builder