Lucene search
K
NetappCloud Backup

345 matches found

CVE
CVE
added 2022/02/09 10:4 p.m.122 views

CVE-2021-0119

CVE-2021-0119 stems from improper initialization in Intel processor firmware that can allow a local attacker with physical access to escalate privileges. Connected advisories confirm affected platforms (e.g., IBM QRadar appliances M5/M6, certain Oracle/Red Hat/HP/F5-guided deployments) and descri...

6.2CVSS6.4AI score0.00299EPSS
CVE
CVE
added 2022/02/09 10:4 p.m.122 views

CVE-2021-0156

CVE-2021-0156 involves Intel processor firmware and is caused by improper input validation, enabling a local authenticated user to potentially escalate privileges. Public sources in the provided documents indicate vulnerable firmware on specific platforms (e.g., VELOS CX410 and VELOS BX110 blades...

7.8CVSS7.6AI score0.00301EPSS
CVE
CVE
added 2021/01/04 2:23 p.m.119 views

CVE-2020-35494

CVE-2020-35494 targets GNU Binutils: a flaw in /opcodes/tic4x-dis.c can cause a denial of service via processing crafted input, due to use of uninitialized memory. Affected are binutils versions prior to 2.34. Impact is availability (partial confidentiality/none integrity per description). The co...

6.1CVSS6AI score0.01074EPSS
CVE
CVE
added 2020/12/09 9:6 p.m.118 views

CVE-2020-16593

CVE-2020-16593 is a Null Pointer Dereference in the Binary File Descriptor (BFD) library (libbfd) as distributed in GNU Binutils 2.35, in scan_unit_for_symbols (addr2line demonstrated), leading to denial of service via a crafted file. Connected sources confirm the issue exists in Binutils compone...

5.5CVSS5.5AI score0.01181EPSS
CVE
CVE
added 2022/02/09 10:4 p.m.118 views

CVE-2021-0124

CVE-2021-0124 describes improper access control in Intel processor firmware that could let a privileged user escalate privileges with physical/local access. The vulnerability is documented across multiple sources (NVD entry; IBM QRadar advisories; F5 advisory) and is associated with privilege esc...

6.6CVSS6.6AI score0.00319EPSS
CVE
CVE
added 2021/06/09 6:49 p.m.117 views

CVE-2020-12357

CVE-2020-12357 describes an improper initialization in the firmware for some Intel processors that could allow a privileged user to escalate privileges via local access. The vulnerability is documented in Intel’s IPU BIOS advisory (INTEL-SA-00463) and is linked to the same family of processor fir...

6.7CVSS7AI score0.00346EPSS
CVE
CVE
added 2019/11/14 7:4 p.m.115 views

CVE-2019-14574

Intel Graphics Driver for Windows/Linux before 26.20.100.7209 contains an out-of-bounds read in a subsystem that may allow an authenticated local user to cause a denial of service. Affected products include Intel Graphics Driver versions prior to 26.20.100.7209. Mitigation: update to 26.20.100.72...

5.5CVSS5.5AI score0.00297EPSS
CVE
CVE
added 2020/11/12 6:9 p.m.115 views

CVE-2020-12356

CVE-2020-12356 is an Intel AMT/CSME vulnerability (Out-of-bounds read) that affects AMT/ISM/CSME subsystems prior to specific builds: versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45. The issue can allow a privileged user to disclose information via local access; CVSS3.1 vector in...

4.4CVSS5.1AI score0.0038EPSS
CVE
CVE
added 2021/01/04 2:23 p.m.115 views

CVE-2020-35495

CVE-2020-35495 is a null pointer dereference in binutils/bfd/pef.c (bfd_pef_parse_symbols) triggered by specially crafted input processed by objdump. It affects Binutils prior to 2.34 and can impact availability via crash. Remediation is upgrading to a newer Binutils version; IBM/Netezza advisori...

5.5CVSS5.5AI score0.01156EPSS
CVE
CVE
added 2022/02/09 10:4 p.m.114 views

CVE-2021-0117

CVE-2021-0117 describes pointer issues in Intel processor firmware that may allow a local attacker to escalate privileges. The vulnerability is rooted in firmware handling, with impacts described as local privilege escalation and, per some sources, possible denial of service or information disclo...

7.8CVSS7.5AI score0.00301EPSS
CVE
CVE
added 2019/01/16 8:0 p.m.112 views

CVE-2018-5737

CVE-2018-5737 concerns ISC BIND 9.12.x. The issue arises from the implementation of the new serve-stale feature, which can trigger an assertion failure in rbtdb.c even when stale-answer-enable is off. Additionally, interaction between serve-stale and NSEC aggressive negative caching can, in some ...

7.5CVSS6.3AI score0.10355EPSS
CVE
CVE
added 2020/11/12 6:8 p.m.112 views

CVE-2020-8754

Intel AMT/ISM subsystem contains an out-of-bounds read vulnerability (CVE-2020-8754) that could allow unauthenticated information disclosure over the network. Affected versions include Intel AMT/ISM before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45. Intel’s advisory and vendor advisories in...

7.5CVSS7.1AI score0.01458EPSS
CVE
CVE
added 2020/11/12 6:9 p.m.109 views

CVE-2020-8746

CVE-2020-8746 concerns Intel AMT/CSME subsystem integer overflow that could allow a remote unauthenticated actor to cause denial of service via adjacent access. Connected sources confirm the issue affects Intel AMT/CSME/ISM stack versions before specific fixes (11.8.82/11.12.82/11.22.82/12.0.70/1...

6.5CVSS7.8AI score0.00869EPSS
CVE
CVE
added 2022/02/09 10:4 p.m.109 views

CVE-2021-0115

CVE-2021-0115 describes a buffer overflow in Intel processor firmware that may allow a local, authenticated attacker to escalate privileges. Public documents confirm the issue exists in firmware and is addressable by vendor-provided updates. IBM/F5 advisories list affected products and remediatio...

6.7CVSS6.9AI score0.00331EPSS
CVE
CVE
added 2020/11/12 6:7 p.m.108 views

CVE-2020-8757

CVE-2020-8757 involves an out-of-bounds read in the Intel AMT subsystem that can allow a privileged local user to escalate privileges. Affected: Intel AMT/CSME family before versions 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 (and related AMT/ISM components per Intel advisories). Root cause...

6.7CVSS6.8AI score0.00412EPSS
CVE
CVE
added 2020/11/12 6:8 p.m.108 views

CVE-2020-8760

CVE-2020-8760 is an Intel AMT/CSME-related issue described as an integer overflow in the subsystem affecting AMT/CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45. The vulnerability may allow a privileged user to escalate privileges via local access. Public sources in connected d...

7.8CVSS7.8AI score0.00414EPSS
CVE
CVE
added 2019/11/14 7:4 p.m.105 views

CVE-2019-11111

Summary: CVE-2019-11111 is a pointer corruption vulnerability in the Unified Shader Compiler of Intel Graphics Drivers prior to 10.18.14.5074 (≈15.36.x.5074) that may allow an authenticated local attacker to escalate privileges. Affected component: Intel Graphics Drivers (Unified Shader Compiler,...

7.8CVSS7.8AI score0.00347EPSS
CVE
CVE
added 2019/11/14 6:41 p.m.105 views

CVE-2019-11112

Summary: CVE-2019-11112 is a memory corruption vulnerability in the Intel Graphics Driver for Windows/Linux ( Kernel Mode Driver) prior to 26.20.100.6813 (DCH) or 26.20.100.6812. Affected: Intel Graphics Driver for Windows and i915 Linux driver; impact: potential escalation of privilege to an aut...

7.8CVSS7.8AI score0.00365EPSS
CVE
CVE
added 2019/11/14 7:6 p.m.105 views

CVE-2019-11113

CVE-2019-11113 is a buffer overflow in the Kernel Mode module of the Intel Graphics Driver. Affected: Intel Graphics Driver kernel mode component prior to 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077). Impact: may allow a privileged user to potentially enable information disclosure via loc...

4.4CVSS5.4AI score0.00354EPSS
CVE
CVE
added 2022/02/09 10:4 p.m.105 views

CVE-2021-0111

CVE-2021-0111 is a NULL pointer dereference in the firmware for some Intel processors that could allow a local attacker to escalate privileges. The vulnerability is described in multiple sources (NVD entry for CVE-2021-0111 and vendor advisories) as a local-firmware issue with potential privilege...

6.7CVSS6.6AI score0.00299EPSS
CVE
CVE
added 2022/02/09 10:4 p.m.105 views

CVE-2021-0118

CVE-2021-0118 involves an out-of-bounds read in Intel processor firmware that could enable local privilege escalation. Public documents confirm affected surface as Intel processor firmware with local access as the attack vector. IBM and F5 advisories reference this CVE among a family of firmware ...

6.7CVSS6.6AI score0.00299EPSS
CVE
CVE
added 2022/02/09 10:4 p.m.104 views

CVE-2021-0099

CVE-2021-0099 describes insufficient control-flow management in the firmware of some Intel processors, potentially allowing an authenticated local attacker to escalate privileges. The CVE is discussed across multiple sources in the Connected documents, which identify affected platforms and remedi...

7.8CVSS7.6AI score0.00301EPSS
CVE
CVE
added 2022/02/09 10:4 p.m.104 views

CVE-2021-0125

CVE-2021-0125 is a confirmed Intel processor firmware vulnerability caused by improper initialization that can enable privilege escalation with physical/local access. Connected sources name affected platforms and vendor advisories; e.g., IBM QRadar M6/M5 firmware lines and IBM Cloud Pak System up...

6.6CVSS6.5AI score0.00301EPSS
CVE
CVE
added 2022/02/09 10:4 p.m.103 views

CVE-2021-0092

The CVE-2021-0092 entry describes an Improper access control in Intel processor firmware that could allow a local privileged user to cause a denial of service. Public documents tie this to firmware on Intel CPUs and list affected environments (e.g., IBM QRadar SIEM appliances with M5/M6 firmware,...

4.4CVSS4.6AI score0.00248EPSS
CVE
CVE
added 2021/02/23 4:36 p.m.103 views

CVE-2021-20226

CVE-2021-20226 describes a use-after-free in the Linux kernel io_uring subsystem. The root cause is a failure to validate an object’s existence before operations by not incrementing the file reference counter while in use. This can allow a local attacker with user privileges to trigger a denial o...

7.8CVSS7.2AI score0.0044EPSS
CVE
CVE
added 2019/11/14 7:5 p.m.102 views

CVE-2019-14591

CVE-2019-14591 affects Intel Graphics Driver (Windows/Linux) prior to 26.20.100.7209. The root cause is improper input validation in the API, and an authenticated user could potentially trigger a denial of service via local access. References from NVD indicate a CVSSv3.1 base score of 5.5 (Medium...

5.5CVSS5.9AI score0.0028EPSS
CVE
CVE
added 2019/11/14 7:5 p.m.99 views

CVE-2019-11089

Intel Graphics Driver Kernel Mode module vulnerable to insufficient input validation before version 25.20.100.6519, potentially enabling local denial of service by an authenticated user. Affected products include Intel Graphics Driver on Windows and Linux (Kernel Mode Driver). Remediation: update...

5.5CVSS5.8AI score0.00314EPSS
CVE
CVE
added 2020/12/11 7:3 p.m.96 views

CVE-2020-27730

CVE-2020-27730 affects the NGINX Controller Agent : versions 1.0.1, 2.0.0–2.9.0, and 3.0.0–3.9.0 do not use absolute paths when invoking system utilities, enabling a local attacker to escalate privileges to root and execute arbitrary code. Public disclosures from Red Hat and F5 corroborate the vu...

9.8CVSS9.4AI score0.01693EPSS
CVE
CVE
added 2022/02/09 10:4 p.m.95 views

CVE-2021-0091

CVE-2021-0091 is an Intel processor firmware vulnerability described as improper access control that could allow a local attacker to escalate privileges. Public documents in the set identify affected platforms (e.g., some Intel firmware on targeted hardware such as IBM QRadar-related components a...

7.8CVSS7.8AI score0.00334EPSS
CVE
CVE
added 2020/07/20 6:54 p.m.94 views

CVE-2020-15852

CVE-2020-15852 affects Linux kernel 5.5–5.7.9 (and Xen via 4.13.x for x86 PV guests). The issue stems from mishandling of tss_invalidate_io_bitmap, causing desynchronization between TSS I/O bitmaps and Xen, which may let an attacker gain I/O port permissions of an unrelated task. Public advisorie...

7.8CVSS7.3AI score0.00325EPSS
CVE
CVE
added 2021/06/09 6:53 p.m.93 views

CVE-2020-24486

CVE-2020-24486 is an Intel firmware vulnerability caused by improper input validation in the firmware of some Intel processors. An authenticated local attacker could potentially cause a denial of service. The issue is described in Intel’s advisory as part of a family of firmware vulnerabilities; ...

5.5CVSS6AI score0.00303EPSS
CVE
CVE
added 2022/02/09 10:4 p.m.92 views

CVE-2021-0093

CVE-2021-0093: Incorrect default permissions in the firmware for some Intel processors may allow a local privileged user to cause a denial of service. The CVE is linked with multiple vendor advisories (IBM QRadar, F5 advisories, HP/Intel BIOS updates, and IBM/NCSC notes) that reference vulnerable...

4.4CVSS4.6AI score0.00235EPSS
CVE
CVE
added 2020/09/10 1:39 p.m.90 views

CVE-2020-25221

CVE-2020-25221 affects Linux kernel 5.7.x and 5.8.x before 5.8.7. The vulnerability arises in get_gate_page() implemented in mm/gup.c, due to incorrect reference counting of the backing struct page for the vsyscall page, causing a refcount underflow. It can be triggered by any 64-bit process that...

7.8CVSS7.5AI score0.00668EPSS
CVE
CVE
added 2021/06/09 6:50 p.m.90 views

CVE-2020-8670

CVE-2020-8670 is a race-condition flaw in Intel processor firmware that could allow a local privileged attack. No public exploits are known in the provided documents. Affected data indicates local access is required, with INTEL-SA advisories (INTEL-SA-00463) and related mitigations referenced by ...

6.4CVSS6.8AI score0.00268EPSS
CVE
CVE
added 2020/11/12 6:4 p.m.90 views

CVE-2020-8738

CVE-2020-8738 is tied to Intel BIOS platform sample code with an improper conditions check that may allow a locally authenticated user to escalate privileges on certain Intel processors. The CVE is detailed in Intel advisory Intel-SA-00390, which also covers related CVEs (8739, 8740, 8764) and ma...

6.7CVSS6.8AI score0.00332EPSS
CVE
CVE
added 2020/11/12 5:54 p.m.89 views

CVE-2020-0590

CVE-2020-0590 describes improper input validation in BIOS firmware for some Intel processors, potentially allowing privilege escalation via local access for an authenticated user. Public documents identify the vulnerability and note mitigations via BIOS updates. Affected platforms span multiple I...

7.8CVSS8.2AI score0.00419EPSS
CVE
CVE
added 2021/06/09 6:50 p.m.88 views

CVE-2020-8700

Affected software/hardware: Intel processors firmware. Root cause: Improper input validation in the firmware. Impact: Privilege escalation via local access by a privileged user; confidentiality, integrity, and availability may be affected (CVSS v3.1 base 6.7). Exploitation info: Not detailed in t...

6.7CVSS7AI score0.00298EPSS
CVE
CVE
added 2019/11/14 7:5 p.m.86 views

CVE-2019-14590

CVE-2019-14590 affects Intel Graphics Driver (Windows/Linux) prior to 26.20.100.7209. The issue is improper access control in the API, which could allow an authenticated local attacker to disclose information. Affected components include Intel Graphics Driver APIs; root cause is access-control we...

5.5CVSS5.1AI score0.00281EPSS
CVE
CVE
added 2021/06/09 6:53 p.m.85 views

CVE-2020-12360

CVE-2020-12360 describes an out-of-bounds read in the firmware of some Intel processors that could allow a local, authenticated attacker to escalate privileges. Affected items include various Intel-enabled systems where firmware/UEFI code handles memory bounds improperly. Mitigations are vendor-s...

7.8CVSS7.7AI score0.00347EPSS
CVE
CVE
added 2023/05/03 2:34 p.m.84 views

CVE-2023-28656

CVE-2023-28656 – NGINX Management Suite : An authenticated attacker may bypass authorization to access configuration objects outside their assigned environment, a control-plane issue with no data-plane exposure reported. The vulnerability affects NGINX Management Suite components (NGINX Instance ...

8.1CVSS8.1AI score0.00528EPSS
CVE
CVE
added 2022/02/09 10:4 p.m.79 views

CVE-2021-0107

CVE-2021-0107: Unchecked return value in the firmware for Intel processors can allow a local attacker to escalate privileges. Documented impact indicates local access is required and the consequence is elevated privileges, not remote code execution. Affected items include Intel processor firmware...

6.7CVSS6.6AI score0.00299EPSS
CVE
CVE
added 2021/06/09 6:50 p.m.77 views

CVE-2020-12359

CVE-2020-12359 concerns Intel processor firmware with insufficient control flow management. The vulnerability could allow an unauthenticated user to escalate privileges via physical access. Connected sources tie this to Intel processor firmware issues and list remediation paths in affected IBM Cl...

6.8CVSS7.2AI score0.00318EPSS
CVE
CVE
added 2021/06/09 6:48 p.m.66 views

CVE-2020-8703

The CVE-2020-8703 issue is an Intel CSME subsystem vulnerability caused by improper buffer restrictions. Affected firmwares include Intel CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22, potentially allowing a privileged user to escalate ...

6.7CVSS6.6AI score0.00346EPSS
CVE
CVE
added 2020/04/23 7:58 p.m.64 views

CVE-2020-5867

The CVE-2020-5867 issue affects the NGINX Controller Agent installer script (install.sh) used by the NGINX Controller. In versions prior to 3.3.0, it uses HTTP instead of HTTPS to check and install packages, creating a MITM risk where malicious packages could be forged and installed on affected N...

8.1CVSS8AI score0.004EPSS
CVE
CVE
added 2020/04/23 6:16 p.m.55 views

CVE-2020-5865

The CVE-2020-5865 issue affects NGINX Controller versions prior to 3.3.0, where the Controller communicates with its Postgres database over unencrypted channels. This enables man-in-the-middle interception of data in transit and, as described in the advisory, could allow an attacker to modify use...

5.8CVSS5AI score0.0039EPSS
Total number of security vulnerabilities345