Lucene search
K

121 matches found

CNNVD
CNNVD
added 2022/11/04 12:0 a.m.3 views

Nokia ASIK AirScale 5G Common System Module 安全漏洞

The Nokia ASIK AirScale 5G Common System Module is a common system unit from Nokia of Finland. A security vulnerability exists in the Nokia ASIK AirScale 5G Common System Module, which arises from incorrect access control of its volatile memory containing boot code that could allow an attacker to...

8.8CVSS8.7AI score0.00207EPSS
Exploits0References3
OSV
OSV
added 2022/07/26 10:15 p.m.2 views

CVE-2022-31207

The Omron SYSMAC Cx product family PLCs CS series, CJ series, and CP series through 2022-05-18 lack cryptographic authentication. They utilize the Omron FINS 9600/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. This protocol has authentication...

9.8CVSS6.1AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/26 10:15 p.m.10 views

CVE-2022-31207

The Omron SYSMAC Cx product family PLCs CS series, CJ series, and CP series through 2022-05-18 lack cryptographic authentication. They utilize the Omron FINS 9600/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. This protocol has authentication...

9.8CVSS7.6AI score0.00733EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/04/22 9:15 p.m.5 views

CVE-2021-4210

A potential vulnerability in the SMI callback function used in the NVME driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code...

7.2CVSS7AI score0.00245EPSS
Exploits0References2
OSV
OSV
added 2022/02/18 6:15 p.m.2 views

DEBIAN-CVE-2021-3947

A stack-buffer-overflow was found in QEMU in the NVME component. The flaw lies in nvmechangednslist where a malicious guest controlling certain input can read out of bounds memory. A malicious user could use this flaw leading to disclosure of sensitive information...

5.5CVSS6.5AI score0.00312EPSS
Exploits1References1
Kitploit
Kitploit
added 2022/02/14 11:30 a.m.28 views

Autotimeliner - Automagically Extract Forensic Timeline From Volatile Memory Dump

Automagically extract forensic timeline from volatile memory dumps. Requirements Python 3 Volatility mactime from SleuthKit Developed and tested on Debian 9.6 with Volatility 2.6-1 and sleuthkit 4.4.0-5 How it works AutoTimeline automates this workflow: Identify correct volatility profile for the...

7.2AI score
Exploits0References2
OSV
OSV
added 2021/06/14 7:15 p.m.2 views

CVE-2021-21555

Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service...

6.7CVSS6.2AI score0.00314EPSS
Exploits0References1
Prion
Prion
added 2021/06/08 5:15 p.m.8 views

Design/Logic Flaw

In Nuvoton NPCT75x TPM 1.2 firmware 7.4.0.0, a local authenticated malicious user with high privileges could potentially gain unauthorized access to TPM non-volatile memory. NOTE: Upgrading to firmware version 7.4.0.1 will mitigate against the vulnerability, but version 7.4.0.1 is not TCG or Comm...

3.6CVSS5.9AI score0.00222EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/08 4:58 p.m.14 views

CVE-2021-32015

In Nuvoton NPCT75x TPM 1.2 firmware 7.4.0.0, a local authenticated malicious user with high privileges could potentially gain unauthorized access to TPM non-volatile memory. NOTE: Upgrading to firmware version 7.4.0.1 will mitigate against the vulnerability, but version 7.4.0.1 is not TCG or Comm...

6.1AI score0.00222EPSS
Exploits0References1
Lenovo
Lenovo
added 2021/06/08 2:44 p.m.32 views

Nuvoton TPM 1.2 Vulnerability - Lenovo Support US

No description provided...

6CVSS6AI score0.00222EPSS
Exploits0
NVD
NVD
added 2020/04/28 8:15 p.m.20 views

CVE-2019-15877

In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-RELEASE-p3, driver specific ioctl command handlers in the ixl network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to trigger updates to the device's non-volatile memory...

5.5CVSS5.5AI score0.00246EPSS
Exploits0References1
OSV
OSV
added 2020/04/28 8:15 p.m.4 views

CVE-2019-15877

In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-RELEASE-p3, driver specific ioctl command handlers in the ixl network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to trigger updates to the device's non-volatile memory...

5.5CVSS5.8AI score0.00246EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/04/28 7:11 p.m.23 views

CVE-2019-15877

In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-RELEASE-p3, driver specific ioctl command handlers in the ixl network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to trigger updates to the device's non-volatile memory...

5.5AI score0.00246EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/03/20 12:0 a.m.35 views

FreeBSD : FreeBSD -- Insufficient ixl(4) ioctl(2) privilege checking (b2b83761-6a09-11ea-92ab-00163e433440)

The driver-specific ioctl2 command handlers in ixl4 failed to check whether the caller has sufficient privileges to perform the corresponding operation. Impact : The ixl4 handler permits unprivileged users to trigger updates to the device's non-volatile memory NVM. C Tenable Network Security, Inc...

5.5CVSS5.7AI score0.00246EPSS
Exploits0References2
FreeBSD Advisory
FreeBSD Advisory
added 2020/03/19 12:0 a.m.7 views

FreeBSD-SA-20:06.if_ixl_ioctl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:06.ifixlioctl Security Advisory The FreeBSD Project Topic: Insufficient ixl4 ioctl2 privilege checking Category: core Module: ixl4 Announced: 2020-03-19...

5.5CVSS6.2AI score0.00246EPSS
Exploits0
OSV
OSV
added 2019/06/18 7:15 p.m.4 views

CVE-2017-8335

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of setting name for wireless network. These values are stored by the device in NVRAM Non-volatile RAM. It seems that the POST parameters passed in thi...

8CVSS6AI score0.02077EPSS
Exploits1References3
CNVD
CNVD
added 2018/11/07 12:0 a.m.2 views

QEMU NVM Express Controller Heap Buffer Overflow Vulnerability

QEMU is a suite of analog processor software developed by French programmer Fabrice Bellard.NVM Express Controller is one of the NVMe Non-Volatile Memory Host Controller Interface Specification controller components. The NVM Express Controller emulation in QEMU suffers from a heap buffer overflow...

7.8CVSS7AI score0.00542EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2018/09/13 12:27 p.m.64 views

New Cold Boot Attack Unlocks Disk Encryption On Nearly All Modern PCs

Security researchers have revealed a new attack to steal passwords, encryption keys and other sensitive information stored on most modern computers, even those with full disk encryption. The attack is a new variation of a traditional Cold Boot Attack, which is around since 2008 and lets attackers...

0.7AI score
Exploits0
NVD
NVD
added 2017/11/16 10:29 p.m.19 views

CVE-2017-9701

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing OEM unlock/unlock-go fastboot commands data leak may occur, resulting from writing uninitialized stack structure to non-volatile memory...

7.5CVSS7.3AI score0.00412EPSS
Exploits0References1
Prion
Prion
added 2017/11/16 10:29 p.m.12 views

Design/Logic Flaw

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing OEM unlock/unlock-go fastboot commands data leak may occur, resulting from writing uninitialized stack structure to non-volatile memory...

5CVSS7.2AI score0.00412EPSS
Exploits0References1
Rows per page
Query Builder