Total
12849 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-34345 | 1 Intel | 4 Lapbc510, Lapbc510 Firmware, Lapbc710 and 1 more | 2025-02-05 | 6.2 Medium |
| Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via physical access. | ||||
| CVE-2022-34152 | 1 Intel | 4 Nuc Board De3815tybe, Nuc Board De3815tybe Firmware, Nuc Kit De3815tykhe and 1 more | 2025-02-05 | 7.7 High |
| Improper input validation in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Kits before version TY0070 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-33176 | 1 Intel | 22 Nuc 11 Performance Kit Nuc11pahi3, Nuc 11 Performance Kit Nuc11pahi30z, Nuc 11 Performance Kit Nuc11pahi30z Firmware and 19 more | 2025-02-05 | 8.2 High |
| Improper input validation in BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-29466 | 1 Intel | 1 Server Platform Services Firmware | 2025-02-05 | 7.3 High |
| Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700.0 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2022-28611 | 1 Intel | 2 Xmm 7560, Xmm 7560 Firmware | 2025-02-05 | 6.8 Medium |
| Improper input validation in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access. | ||||
| CVE-2022-28126 | 1 Intel | 2 Xmm 7560, Xmm 7560 Firmware | 2025-02-05 | 6 Medium |
| Improper input validation in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-26251 | 1 Intel | 1 Openvino | 2025-02-05 | 5.3 Medium |
| Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Toolkit may allow an authenticated user to potentially enable denial of service via network access. | ||||
| CVE-2021-0185 | 1 Intel | 2 M10jnp2sb, M10jnp2sb Firmware | 2025-02-05 | 7.5 High |
| Improper input validation in the firmware for some Intel(R) Server Board M10JNP Family before version 7.216 may allow a privileged user to potentially enable an escalation of privilege via local access. | ||||
| CVE-2023-29410 | 1 Schneider-electric | 6 Conext Gateway, Conext Gateway Firmware, Insightfacility and 3 more | 2025-02-05 | 7.2 High |
| A CWE-20: Improper Input Validation vulnerability exists that could allow an authenticated attacker to gain the same privilege as the application on the server when a malicious payload is provided over HTTP for the server to execute. | ||||
| CVE-2023-27984 | 1 Schneider-electric | 3 Custom Reports, Igss Dashboard, Igss Data Server | 2025-02-05 | 7.8 High |
| A CWE-20: Improper Input Validation vulnerability exists in Custom Reports that could cause a macro to be executed, potentially leading to remote code execution when a user opens a malicious report file planted by an attacker. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior). | ||||
| CVE-2023-21092 | 1 Google | 1 Android | 2025-02-05 | 7.8 High |
| In retrieveServiceLocked of ActiveServices.java, there is a possible way to dynamically register a BroadcastReceiver using permissions of System App due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-242040055 | ||||
| CVE-2017-1516 | 1 Ibm | 1 Engineering Requirements Management Doors | 2025-02-05 | N/A |
| IBM Doors Web Access 9.5 and 9.6 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 129826. | ||||
| CVE-2024-27093 | 1 Lfprojects | 1 Minder | 2025-02-05 | 4.6 Medium |
| Minder is a Software Supply Chain Security Platform. In version 0.0.31 and earlier, it is possible for an attacker to register a repository with a invalid or differing upstream ID, which causes Minder to report the repository as registered, but not remediate any future changes which conflict with policy (because the webhooks for the repo do not match any known repository in the database). When attempting to register a repo with a different repo ID, the registered provider must have admin on the named repo, or a 404 error will result. Similarly, if the stored provider token does not have repo access, then the remediations will not apply successfully. Lastly, it appears that reconciliation actions do not execute against repos with this type of mismatch. This appears to primarily be a potential denial-of-service vulnerability. This vulnerability is patched in version 0.20240226.1425+ref.53868a8. | ||||
| CVE-2022-30542 | 1 Intel | 6 R1000wf, R1000wf Firmware, R2000wf and 3 more | 2025-02-05 | 8.2 High |
| Improper input validation in the firmware for some Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families before version R02.01.0014 may allow a privileged user to potentially enable an escalation of privilege via local access. | ||||
| CVE-2022-38099 | 1 Intel | 16 Nuc11dbbi7, Nuc11dbbi7 Firmware, Nuc11dbbi9 and 13 more | 2025-02-05 | 7.5 High |
| Improper input validation in BIOS firmware for some Intel(R) NUC 11 Compute Elements before version EBTGL357.0065 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-29606 | 1 Opennetworking | 1 Onos | 2025-02-05 | 9.8 Critical |
| An issue was discovered in ONOS 2.5.1. An intent with a large port number shows the CORRUPT state, which is misleading to a network operator. Improper handling of such port numbers causes inconsistency between intent and flow rules in the network. | ||||
| CVE-2022-26006 | 1 Intel | 260 Core I5-7640x, Core I5-7640x Firmware, Core I7-3820 and 257 more | 2025-02-05 | 8.2 High |
| Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-38413 | 1 Qualcomm | 14 Fastconnect 7800, Fastconnect 7800 Firmware, Snapdragon 8 Gen 3 Mobile and 11 more | 2025-02-05 | 6.6 Medium |
| Memory corruption while processing frame packets. | ||||
| CVE-2024-38420 | 1 Qualcomm | 320 Aqt1000, Aqt1000 Firmware, Ar8035 and 317 more | 2025-02-05 | 8.8 High |
| Memory corruption while configuring a Hypervisor based input virtual device. | ||||
| CVE-2023-29469 | 3 Debian, Redhat, Xmlsoft | 5 Debian Linux, Enterprise Linux, Jboss Core Services and 2 more | 2025-02-04 | 6.5 Medium |
| An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). | ||||