‼ CVE-2022-21203 ‼
📖 Read
via "National Vulnerability Database".
Improper permissions in the SafeNet Sentinel driver for Intel(R) Quartus(R) Prime Standard Edition before version 21.1 may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20029 ‼
📖 Read
via "National Vulnerability Database".
In cmdq driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05747150; Issue ID: ALPS05747150.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-33101 ‼
📖 Read
via "National Vulnerability Database".
Uncontrolled search path in the Intel(R) GPA software before version 21.2 may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0093 ‼
📖 Read
via "National Vulnerability Database".
Incorrect default permissions in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0147 ‼
📖 Read
via "National Vulnerability Database".
Improper locking in the Power Management Controller (PMC) for some Intel Chipset firmware before versions pmc_fw_lbg_c1-21ww02a and pmc_fw_lbg_b0-21ww02a may allow a privileged user to potentially enable denial of service via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-33119 ‼
📖 Read
via "National Vulnerability Database".
Improper access control in the Intel(R) RealSense(TM) DCM before version 20210625 may allow an authenticated user to potentially enable information disclosure via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0170 ‼
📖 Read
via "National Vulnerability Database".
Exposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow an authenticated user to potentially enable information disclosure via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24314 ‼
📖 Read
via "National Vulnerability Database".
A CWE-125: Out-of-bounds Read vulnerability exists that could cause memory leaks potentially resulting in denial of service when an attacker repeatedly sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40045 ‼
📖 Read
via "National Vulnerability Database".
There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24316 ‼
📖 Read
via "National Vulnerability Database".
A CWE-665: Improper Initialization vulnerability exists that could cause information exposure when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20030 ‼
📖 Read
via "National Vulnerability Database".
In vow driver, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05837793; Issue ID: ALPS05837793.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0171 ‼
📖 Read
via "National Vulnerability Database".
Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an authenticated user to potentially enable information disclosure via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-22543 ‼
📖 Read
via "National Vulnerability Database".
SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel) - versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT, 7.49, does not sufficiently validate sap-passport information, which could lead to a Denial-of-Service attack. This allows an unauthorized remote user to provoke a breakdown of the SAP Web Dispatcher or Kernel work process. The crashed process can be restarted immediately, other processes are not affected.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21825 ‼
📖 Read
via "National Vulnerability Database".
An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111 with App Protection installed that can allow an attacker to perform local privilege escalation.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40015 ‼
📖 Read
via "National Vulnerability Database".
There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0174 ‼
📖 Read
via "National Vulnerability Database".
Improper Use of Validation Framework in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a unauthenticated user to potentially enable denial of service via adjacent access.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0117 ‼
📖 Read
via "National Vulnerability Database".
Pointer issues in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-33107 ‼
📖 Read
via "National Vulnerability Database".
Insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK before version 16.0.3, Intel(R) SCS before version 12.2 and Intel(R) MEBx before versions 11.0.0.0012, 12.0.0.0011, 14.0.0.0004 and 15.0.0.0004 may allow an unauthenticated user to potentially enable information disclosure via physical access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-22533 ‼
📖 Read
via "National Vulnerability Database".
Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This could result in system shutdown rendering the system unavailable.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0091 ‼
📖 Read
via "National Vulnerability Database".
Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20040 ‼
📖 Read
via "National Vulnerability Database".
In power_hal_manager_service, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219150; Issue ID: ALPS06219150.📖 Read
via "National Vulnerability Database".