CVE-2024-23551

HCL BigFix Compliance (9.x–11.x) is affected by CVE-2024-23551 due to database scanning using a username/password that stores credentials in plaintext or encoded form on the endpoint. This can lead to unauthorized access and data exposure. Prior to a confirmed patch (not provided in the documents...

CVE-2024-30674

CVE-2024-30674 entry is rejected/not used and does not represent an active vulnerability.

CVE-2023-7006

The unlockKey character in a lock using Sciener firmware can be brute forced through repeated challenge requests, compromising the locks integrity...

Information disclosure

NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information disclosure...

CVE-2023-0201

NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information disclosure...

CVE-2023-24329

A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity...

CVE-2022-42281

NVIDIA DGX A100 contains a vulnerability in SBIOS in the FsRecovery, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure...

Information disclosure

NVIDIA DGX A100 contains a vulnerability in SBIOS in the FsRecovery, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure...

CVE-2022-42281

The CVE-2022-42281 entry involves the NVIDIA DGX A100 SBIOS FsRecovery vulnerability. A highly privileged local attacker could trigger an out-of-bounds write in SBIOS FsRecovery, potentially enabling code execution, DoS, integrity compromise, or information disclosure. NVIDIA’s security bulletin ...

CVE-2022-42281

NVIDIA DGX A100 contains a vulnerability in SBIOS in the FsRecovery, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure...

CVE-2022-31601

NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmbiosPei, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure...

Information disclosure

NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmbiosPei, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure...

Integer overflow

NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmmCore, where a user with high privileges can chain another vulnerability to this vulnerability, causing an integer overflow, possibly leading to code execution, escalation of privileges, denial of service, compromised integrity, and...

CVE-2022-31601

NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmbiosPei, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure...

CVE-2022-31601

NVIDIA DGX A100 firmware vulnerability CVE-2022-31601 affects SBIOS in the SmbiosPei. A highly privileged local attacker may trigger an out-of-bounds write, potentially enabling code execution, denial of service, compromised integrity, and information disclosure. The issue is addressed in a NVIDI...

CVE-2022-31600

NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmmCore, where a user with high privileges can chain another vulnerability to this vulnerability, causing an integer overflow, possibly leading to code execution, escalation of privileges, denial of service, compromised integrity, and...

CVE-2022-29165

A flaw was found in the ArgoCD component of Red Hat GitOps, where an unauthenticated attacker can craft a malicious JWT token while ArgoCD's anonymous access is enabled and gains full access to the ArgoCD instance. This flaw allows the attacker to impersonate any ArgoCD user or role, fully...

CVE-2021-34401

NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVGPUIOCTLCHANNELSETERRORNOTIFIER, where improper access control may lead to code execution, compromised integrity, or denial of service...

CVE-2021-34401

NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVGPUIOCTLCHANNELSETERRORNOTIFIER, where improper access control may lead to code execution, compromised integrity, or denial of service...

Improper access control

NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAPIOCWRITE paths, where improper access controls may lead to code execution, complete denial of service, and seriously compromised integrity of all system components...