Lucene search
+L

477 matches found

Zero Day Initiative
Zero Day Initiative
added 2021/02/10 12:0 a.m.27 views

Schneider Electric EcoStruxure Power Build SSD File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...

7.8CVSS5.4AI score0.03873EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/02/10 12:0 a.m.41 views

Schneider Electric EcoStruxure Power Build SSD File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...

7.8CVSS5.2AI score0.0347EPSS
Exploits0References1
Intel
Intel
added 2021/02/09 12:0 a.m.18 views

Intel® SSD Toolbox Advisory

Summary: A potential security vulnerability in the Intel® Solid State Drive SSD Toolbox may allow escalation of privilege. Intel is not releasing updates to mitigate this potential vulnerability and has replaced it with the Intel® Memory and Storage MAS Tool. Vulnerability Details: CVEID:...

6.7CVSS6.6AI score0.00268EPSS
Exploits0
NVD
NVD
added 2021/01/26 6:16 p.m.28 views

CVE-2021-22697

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed...

7.8CVSS8AI score0.0347EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/01/25 5:10 p.m.33 views

CVE-2021-22698

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software V2.1.13 and prior that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and...

8.3AI score0.03873EPSS
Exploits0References3
CNVD
CNVD
added 2021/01/18 12:0 a.m.11 views

Schneider Electric EcoStruxure Power Build-Rapsody Buffer Overflow Vulnerability

Schneider Electric EcoStruxure Power Build-Rapsody is a software for simplifying the configuration of low-voltage distribution panels from Schneider Electric France. A buffer overflow vulnerability exists in EcoStruxure Power Build-Rapsody version V2.1.13 and prior versions when parsing SSD files...

7.8CVSS7.6AI score0.03873EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/12/07 12:0 a.m.34 views

Cisco IOS XE Software IOx Guest Shell USB SSD Namespace Protection Privilege Escalation (cisco-sa-iox-usb-guestshell-WmevScDj)

According to its self-reported version, IOS-XE is affected by a privilege escalation vulnerability due to a vulnerability in the file system on the pluggable USB 3.0 Solid State Drive SSD. An attacker could exploit this vulnerability by removing the USB 3.0 SSD, modifying or deleting files on the...

7.2CVSS7.4AI score0.00324EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/11/18 12:0 a.m.7 views

The vulnerability of microprogrammed software in Intel SSD solid-state drives, related to resource release errors, allows a hacker to cause a service failure.

The vulnerability of Intel SSD microprogramming software is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.2CVSS6.4AI score0.00313EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2020/11/12 6:15 p.m.26 views

CVE-2020-12311

Insufficient control flow managementin firmware in some IntelR Client SSDs and some IntelR Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access...

4.6CVSS4.4AI score0.00352EPSS
Exploits0References1
NVD
NVD
added 2020/11/12 6:15 p.m.15 views

CVE-2020-0584

Buffer overflow in firmware for IntelR SSD DC P4800X and P4801X Series, IntelR OptaneTM SSD 900P and 905P Series may allow an unauthenticated user to potentially enable a denial of service via local access...

6.2CVSS6.3AI score0.00313EPSS
Exploits0References1
Prion
Prion
added 2020/11/12 6:15 p.m.19 views

Buffer overflow

Buffer overflow in firmware for IntelR SSD DC P4800X and P4801X Series, IntelR OptaneTM SSD 900P and 905P Series may allow an unauthenticated user to potentially enable a denial of service via local access...

2.1CVSS6.3AI score0.00313EPSS
Exploits0References1Affected Software4
Prion
Prion
added 2020/11/12 6:15 p.m.22 views

Design/Logic Flaw

Insufficient control flow managementin firmware in some IntelR Client SSDs and some IntelR Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access...

2.1CVSS4.5AI score0.00352EPSS
Exploits0References1Affected Software15
CVE
CVE
added 2020/11/12 5:59 p.m.55 views

CVE-2020-0584

CVE-2020-0584 is a buffer overflow in firmware for Intel® SSD DC P4800X/P4801X and Intel® Optane™ SSD 900P/905P that may allow an unauthenticated, local user to cause a denial of service. The public sources confirm a firmware-level vulnerability in Intel SSD firmware, with Red Hat and Intel advis...

6.2CVSS6.2AI score0.00313EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/11/12 5:59 p.m.26 views

CVE-2020-0584

Buffer overflow in firmware for IntelR SSD DC P4800X and P4801X Series, IntelR OptaneTM SSD 900P and 905P Series may allow an unauthenticated user to potentially enable a denial of service via local access...

6.6AI score0.00313EPSS
Exploits0References1
CVE
CVE
added 2020/11/12 5:58 p.m.72 views

CVE-2020-12311

CVE-2020-12311 concerns firmware on some Intel® client and data center SSDs where insufficient control flow management could allow an unauthenticated user with physical access to potentially disclose information. The issue is documented by Intel in advisory Intel-SA-00362 and is reflected across ...

4.6CVSS5AI score0.00352EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/11/12 5:58 p.m.64 views

CVE-2020-12310

The CVE-2020-12310 entry is supported by connected documents: Intel’s advisory (INTEL-SA-00362) details a vulnerability in firmware of multiple Intel SSD lines where insufficient control flow management could allow information disclosure via physical access, unauthenticated. The CVE is listed in ...

4.6CVSS5AI score0.00352EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/11/12 5:58 p.m.33 views

CVE-2020-12310

Insufficient control flow managementin firmware in some IntelR Client SSDs and some IntelR Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access...

4.4AI score0.00352EPSS
Exploits0References1
Intel
Intel
added 2020/11/10 12:0 a.m.33 views

Intel® SSD Advisory

Summary: Potential security vulnerabilities in multiple Intel® Solid State Drive SSD products may allow information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVE ID: CVE-2020-12309 Description: Insufficiently protected...

6.2CVSS5.5AI score0.00352EPSS
Exploits0
Hewlett-Packard
Hewlett-Packard
added 2020/11/06 12:0 a.m.53 views

HPSBHF03702 rev. 4 - Intel® Solid State Drive (SSD) November 2020 Security Updates

Potential Security Impact Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has informed HP of potential security vulnerabilities identified in multiple Intel® Solid State Drive SSD products which may allow information...

7.3CVSS1.2AI score0.00352EPSS
Exploits0
Lenovo
Lenovo
added 2020/11/04 3:32 p.m.27 views

Intel SSD Advisory - Lenovo Support US

No description provided...

6.2CVSS4.8AI score0.00352EPSS
Exploits0
Rows per page
Query Builder