112 matches found
GSD-2021-1002834 platform/x86: intel_pmc_core: fix memleak on registration failure
platform/x86: intelpmccore: fix memleak on registration failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.12 by commit...
GSD-2021-1002808 platform/x86: intel_pmc_core: fix memleak on registration failure
platform/x86: intelpmccore: fix memleak on registration failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.89 by commit...
PT-2021-8124 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a memory leak in the Linux kernel's platform/x86 component, specifically in the intel pmc core, when device registration fails during module initialization. The...
CVE-2021-38322
The Twitter Friends Widget WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the pmcTFuser and pmcTFpassword parameter found in the /twitter-friends-widget.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.1...
WordPress 插件跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability in the WordPress plugin Twitter Friends Widget, which originate...
Intel® PMC Advisory - Lenovo Support US
No description provided...
Intel® PMC Advisory
Summary: A potential security vulnerability in the Power Management Controller PMC for some Intel® Processors may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2020-0599 Description: Improper access...
pmc-assurances.fr Cross Site Scripting vulnerability OBB-1206764
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
CVE-2018-3643
A vulnerability in Power Management Controller firmware in systems using specific IntelR Converged Security and Management Engine CSME before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or IntelR Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative...
HPSBHF03592 rev. 3 - Intel Converged Security and Management Engine (CSME) and Power Management Controller (PMC) Security Updates
Potential Security Impact Elevation of privilege, information disclosure, denial of service Source: Intel Reported By: Intel VULNERABILITY SUMMARY Potential security vulnerabilities with Intel CSME firmware and PMC firmware have been identified that could potentially place impacted platforms at...
couchdb -- multiple vulnerabilities
Apache CouchDB PMC reports: Database Administrator could achieve privilege escalation to the account that CouchDB runs under, by abusing insufficient validation in the HTTP API, escaping security controls implemented in previous releases...
Cisco ASA 9.2(3) EXTRABACON Module / Authentication Bypass
Cisco ASA 9.23 Authentication Bypass EXTRABACON Module Copyright: c 2016 RiskSense, Inc. https://risksense.com License: http://opensource.org/licenses/MIT Release Date: September 15, 2016 Authors: Sean Dillon 2E3C8D72353C9B8C9FF797E753EC4C9876D5727B Zachary Harding...