24 matches found
EUVD-2023-57442
Malicious code in bioql PyPI...
CVE-2022-46299
Insufficient control flow management for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2022-21128
Insufficient control flow management in the IntelR Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access...
Insufficient Control Flow Management
Vyper is vulnerable to Insufficient Control Flow Management. The vulnerability is due to improper handling of iterator expressions in for loops due to the ability of iterators to consume side effects produced in the loop body, potentially leading to unexpected program behavior...
Zoom Client < 5.16.0 Multiple Vulnerabilities (ZSB-23047, ZSB-23049, ZSB-23050, ZSB-23051, ZSB-23052, ZSB-23055) - Windows
The Zoom Client is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:zoom:zoom"; ifdescription...
CVE-2022-46299
CVE-2022-46299 — Affected Intel Unison clients suffer from insufficient control flow management, enabling an authenticated user to potentially disclose information via local access. Impact limited to local access scenarios with a high confidentiality impact, per the CVE details. Affected products...
CVE-2023-5102
CVE-2023-5102 affects SICK APU’s RDT400 component. The root cause is insufficient control flow management, which could let an unprivileged remote attacker enable hidden functionality via HTTP requests. Impact is described as potential hidden functionality exposure. No public exploit details or re...
CVE-2023-20558
CVE-2023-20558 involves AMD Secure Processor/SMU SMM code. The root cause is insufficient control flow management in AmdCpmOemSmm, which could allow a privileged attacker to tamper with the SMM handler and escalate privileges. Affected software/hardware: AMD Ryzen 2000 series desktop processors (...
CVE-2023-20559
The CVE-2023-20559 entry concerns AMD Ryzen 2000-series CPUs with a vulnerability in the System Management Mode (SMM) component. Specifically, insufficient control flow management in AmdCpmGpioInitSmm could allow a privileged attacker to tamper with the SMM handler, potentially leading to privile...
K56213806: Intel SSD INTEL-SA-00563 vulnerabilities
Security Advisory Description CVE-2021-33069 Improper resource shutdown or release in firmware for some IntelR SSD, IntelR SSD DC, IntelR OptaneTM SSD and IntelR OptaneTM SSD DC may allow a privileged user to potentially enable denial of service via local access. CVE-2021-33074 Protection mechani...
K43877335: Intel software vulnerabilities CVE-2020-8751, CVE-2020-8755, CVE-2020-8761, CVE-2020-12303
Security Advisory Description CVE-2020-8751 Insufficient control flow management in subsystem for IntelR CSME versions before 11.8.80, IntelR TXE versions before 3.1.80 may allow an unauthenticated user to potentially enable information disclosure via physical access. CVE-2020-8755 Race condition...
CVE-2022-36278
Insufficient control flow management in the IntelR Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2022-33902
CVE-2022-33902 concerns Intel Quartus Prime Pro and Standard edition software, where insufficient control flow management could allow an authenticated user to escalate privileges via local access. The Intel advisory INTEL-SA-00714 documents this CVE alongside related issues and provides mitigatio...
CVE-2022-21793
CVE-2022-21793 is a vulnerability in Intel® Ethernet VMware drivers. The issue is caused by insufficient control flow management in the Intel® Ethernet 500 Series Controller drivers for VMware before version 1.11.4.0 and in the Intel® Ethernet 700 Series Controller drivers for VMware before versi...
Ubuntu 16.04 ESM : Intel Microcode vulnerabilities (USN-5535-1)
The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5535-1 advisory. Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive...
2020.2 IPU – Intel® CSME, SPS, TXE, and AMT Advisory
Summary: Potential security vulnerabilities in Intel® Converged Security and Manageability Engine CSME, Server Platform Services SPS, Intel® Trusted Execution Engine TXE, Intel® Dynamic Application Loader DAL, Intel® Active Management Technology AMT, Intel® Standard Manageability ISM and Intel®...
Security Bulletin: Multiple Vulnerabilities in Intel Processors affect Cloud Pak System
Summary Multiple Vulnerabilities in Intel Processors affect Cloud Pak System. Cloud Pak System has addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2020-8700 DESCRIPTION: Intel Processors could allow a local authenticated attacker to gain elevated privileges on the system, caused...
CVE-2021-33061
Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access...
CVE-2021-33061
CVE-2021-33061 is described in connected advisories as an issue of insufficient control flow management in the Intel 82599 Ethernet Controllers and Adapters. The vulnerability could allow an authenticated local attacker to potentially cause a denial of service. The primary details provided indica...
CVE-2021-0103
Insufficient control flow management in the firmware for some IntelR Processors may allow a privileged user to potentially enable an escalation of privilege via local access...