2964 matches found
CVE-2025-35998
Missing protection mechanism for alternate hardware interface in the IntelR Quick Assist Technology for some IntelR Platforms within Ring 0: Kernel may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of...
CVE-2025-35998
The CVE-2025-35998 entry concerns Intel’s Quick Assist Technology. A missing protection mechanism for an alternate hardware interface in Intel Quick Assist on certain Intel platforms can allow a local, privilege escalation from Ring 0. The attack would require a privileged user, low complexity, n...
CVE-2025-30508
Improper authorization in the IntelR Quick Assist Technology for some IntelR Platforms within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially...
CVE-2025-30508
Improper authorization in the IntelR Quick Assist Technology for some IntelR Platforms within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially...
CVE-2025-30508
CVE-2025-30508 : Affected product: Intel Quick Assist Technology on some Intel platforms operating in Ring 0. Cause: improper authorization in the kernel may permit a local, authenticated user with low complexity attack to cause a denial of service. Impact: availability impact is high; confidenti...
PT-2026-7313
Name of the Vulnerable Software and Affected Versions Intel Quick Assist Technology affected versions not specified Description A missing protection mechanism for an alternate hardware interface within Ring 0 may allow an escalation of privilege. A system software adversary with privileged user...
Intel Quick Assist Technology 授权问题漏洞
Intel Quick Assist Technology is a hardware acceleration technology developed by Intel, a company in the United States. There are issues with authorization in Intel Quick Assist Technology; this vulnerability stems from improper authorization procedures and can lead to denial-of-service attacks...
Intel Quick Assist Technology 安全漏洞
Intel Quick Assist Technology is a hardware acceleration technology developed by Intel, a company in the United States. There is a security vulnerability in Intel Quick Assist Technology, which stems from the lack of protection mechanisms for backup hardware interfaces, potentially leading to...
PT-2026-7297
Name of the Vulnerable Software and Affected Versions IntelR Quick Assist Technology for some IntelR Platforms affected versions not specified Description An improper authorization issue exists within the kernel of IntelR Quick Assist Technology for some IntelR Platforms within Ring 0. This may...
CVE-2026-23797
In Quick.Cart user passwords are stored in plaintext form. An attacker with high privileges can display users' password in user editing page. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.7...
CVE-2026-23796
Quick.Cart allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID for a victim and later hijack the authenticated session. The vendor was notified early about this...
CVE-2026-23797
In Quick.Cart user passwords are stored in plaintext form. An attacker with high privileges can display users' password in user editing page. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.7...
CVE-2026-23796
Quick.Cart allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID for a victim and later hijack the authenticated session. The vendor was notified early about this...
CVE-2026-23796
Quick.Cart allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID for a victim and later hijack the authenticated session. The vendor was notified early about this...
CVE-2026-23796
CVE-2026-23796 concerns a session-fixation vulnerability in Quick.Cart. According to the provided documents, a user’s session identifier can be set before authentication and remains unchanged after login, enabling an attacker to fix a session ID for a victim and potentially hijack the authenticat...
CVE-2026-23796 Session Fixation in Quick.Cart
Quick.Cart allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID for a victim and later hijack the authenticated session. The vendor was notified early about this...
EUVD-2026-5551
In Quick.Cart user passwords are stored in plaintext form. An attacker with high privileges can display users' password in user editing page. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.7...
CVE-2026-23797 Plaintext password display in Quick.Cart
In Quick.Cart user passwords are stored in plaintext form. An attacker with high privileges can display users' password in user editing page. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.7...
CVE-2026-23797
CVE-2026-23797 — Quick.Cart password exposure : The vulnerability in Quick.Cart stores passwords in plaintext, allowing a highly privileged attacker to display user passwords on the user editing page. Red Hat entries corroborate the claim that only version 6.7 has been tested and confirmed vulner...
GO-2026-4407 melange QEMU runner could write files outside workspace directory in chainguard.dev/melange
melange QEMU runner could write files outside workspace directory in chainguard.dev/melange...