‼ CVE-2021-40015 ‼
📖 Read
via "National Vulnerability Database".
There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0174 ‼
📖 Read
via "National Vulnerability Database".
Improper Use of Validation Framework in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a unauthenticated user to potentially enable denial of service via adjacent access.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0117 ‼
📖 Read
via "National Vulnerability Database".
Pointer issues in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-33107 ‼
📖 Read
via "National Vulnerability Database".
Insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK before version 16.0.3, Intel(R) SCS before version 12.2 and Intel(R) MEBx before versions 11.0.0.0012, 12.0.0.0011, 14.0.0.0004 and 15.0.0.0004 may allow an unauthenticated user to potentially enable information disclosure via physical access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-22533 ‼
📖 Read
via "National Vulnerability Database".
Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This could result in system shutdown rendering the system unavailable.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0091 ‼
📖 Read
via "National Vulnerability Database".
Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20040 ‼
📖 Read
via "National Vulnerability Database".
In power_hal_manager_service, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219150; Issue ID: ALPS06219150.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39943 ‼
📖 Read
via "National Vulnerability Database".
An authorization logic error in the External Status Check API in GitLab EE affecting all versions starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allowed a user to update the status of the check via an API call📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0116 ‼
📖 Read
via "National Vulnerability Database".
Out-of-bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0107 ‼
📖 Read
via "National Vulnerability Database".
Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20035 ‼
📖 Read
via "National Vulnerability Database".
In vcu driver, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171675; Issue ID: ALPS06171675.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0166 ‼
📖 Read
via "National Vulnerability Database".
Exposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22817 ‼
📖 Read
via "National Vulnerability Database".
A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base installation directory leading to local privilege escalation. Affected Product: Harmony/Magelis iPC Series (All Versions), Vijeo Designer (All Versions prior to V6.2 SP11 Multiple HotFix 4), Vijeo Designer Basic (All Versions prior to V1.2.1)📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21156 ‼
📖 Read
via "National Vulnerability Database".
Access of uninitialized pointer in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20045 ‼
📖 Read
via "National Vulnerability Database".
In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126820; Issue ID: ALPS06126820.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0175 ‼
📖 Read
via "National Vulnerability Database".
Improper Validation of Specified Index, Position, or Offset in Input in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40696 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-22542 ‼
📖 Read
via "National Vulnerability Database".
S/4HANA Supplier Factsheet exposes the private address and bank details of an Employee Business Partner with Supplier Role, AND Enterprise Search for Customer, Supplier and Business Partner objects exposes the private address fields of Employee Business Partners, to an actor that is not explicitly authorized to have access to that information, which could compromise Confidentiality.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20044 ‼
📖 Read
via "National Vulnerability Database".
In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126814; Issue ID: ALPS06126814.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-33129 ‼
📖 Read
via "National Vulnerability Database".
Incorrect default permissions in the software installer for the Intel(R) Advisor before version 2021.4.0 may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20031 ‼
📖 Read
via "National Vulnerability Database".
In fb driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05850708; Issue ID: ALPS05850708.📖 Read
via "National Vulnerability Database".