Lucene search
+L

112 matches found

OSV
OSV
added 2021/12/30 2:45 a.m.11 views

GSD-2021-1002834 platform/x86: intel_pmc_core: fix memleak on registration failure

platform/x86: intelpmccore: fix memleak on registration failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.12 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2021/12/30 2:44 a.m.15 views

GSD-2021-1002808 platform/x86: intel_pmc_core: fix memleak on registration failure

platform/x86: intelpmccore: fix memleak on registration failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.89 by commit...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2021/12/23 12:0 a.m.11 views

PT-2021-8124 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a memory leak in the Linux kernel's platform/x86 component, specifically in the intel pmc core, when device registration fails during module initialization. The...

7.8CVSS6.5AI score0.08555EPSS
Exploits7References1090
OSV
OSV
added 2021/09/09 7:15 p.m.4 views

CVE-2021-38322

The Twitter Friends Widget WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the pmcTFuser and pmcTFpassword parameter found in the /twitter-friends-widget.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.1...

6.1CVSS5.8AI score0.00895EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/09/09 12:0 a.m.4 views

WordPress 插件跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability in the WordPress plugin Twitter Friends Widget, which originate...

6.1CVSS6.1AI score0.00895EPSS
Exploits1References4
Lenovo
Lenovo
added 2020/11/14 2:24 a.m.47 views

Intel® PMC Advisory - Lenovo Support US

No description provided...

6.7CVSS6.5AI score0.0033EPSS
Exploits0
Intel
Intel
added 2020/11/10 12:0 a.m.34 views

Intel® PMC Advisory

Summary: A potential security vulnerability in the Power Management Controller PMC for some Intel® Processors may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2020-0599 Description: Improper access...

6.7CVSS6.6AI score0.0033EPSS
Exploits0
Openbugbounty
Openbugbounty
added 2020/06/25 2:56 p.m.5 views

pmc-assurances.fr Cross Site Scripting vulnerability OBB-1206764

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
OSV
OSV
added 2018/09/12 7:29 p.m.4 views

CVE-2018-3643

A vulnerability in Power Management Controller firmware in systems using specific IntelR Converged Security and Management Engine CSME before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or IntelR Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative...

8.2CVSS6AI score0.00501EPSS
Exploits0References3
Hewlett-Packard
Hewlett-Packard
added 2018/09/11 12:0 a.m.38 views

HPSBHF03592 rev. 3 - Intel Converged Security and Management Engine (CSME) and Power Management Controller (PMC) Security Updates

Potential Security Impact Elevation of privilege, information disclosure, denial of service Source: Intel Reported By: Intel VULNERABILITY SUMMARY Potential security vulnerabilities with Intel CSME firmware and PMC firmware have been identified that could potentially place impacted platforms at...

8.2CVSS1.7AI score0.03303EPSS
Exploits0
FreeBSD
FreeBSD
added 2017/11/14 12:0 a.m.30 views

couchdb -- multiple vulnerabilities

Apache CouchDB PMC reports: Database Administrator could achieve privilege escalation to the account that CouchDB runs under, by abusing insufficient validation in the HTTP API, escaping security controls implemented in previous releases...

10CVSS1.7AI score0.99838EPSS
Exploits24References3
Packet Storm
Packet Storm
added 2016/09/16 12:0 a.m.22 views

Cisco ASA 9.2(3) EXTRABACON Module / Authentication Bypass

Cisco ASA 9.23 Authentication Bypass EXTRABACON Module Copyright: c 2016 RiskSense, Inc. https://risksense.com License: http://opensource.org/licenses/MIT Release Date: September 15, 2016 Authors: Sean Dillon 2E3C8D72353C9B8C9FF797E753EC4C9876D5727B Zachary Harding...

0.8AI score
Exploits0
Rows per page
Query Builder