17 results (0.013 seconds)

CVSS: 4.4EPSS: 0%CPEs: 2024EXPL: 0

Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access. La gestión insuficiente del flujo de control en el firmware de la BIOS para algunos procesadores Intel(R) puede permitir que un usuario con privilegios habilite potencialmente la denegación de servicio mediante acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html https://security.netapp.com/advisory/ntap-20230824-0001 • CWE-691: Insufficient Control Flow Management •

CVSS: 5.3EPSS: 0%CPEs: 142EXPL: 0

Improper buffer restrictions in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Las restricciones de búfer inadecuadas en el firmware del BIOS para algunos procesadores Intel(R) pueden permitir que un usuario con privilegios permita potencialmente la divulgación de información a través del acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html https://security.netapp.com/advisory/ntap-20230824-0001 • CWE-92: DEPRECATED: Improper Sanitization of Custom Special Characters CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 569EXPL: 0

Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Un control de acceso inadecuado en el instalador del software Intel(R) CSME anterior a la versión 2239.3.7.0 puede permitir que un usuario autenticado habilite potencialmente una escalada de privilegios mediante acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html https://security.netapp.com/advisory/ntap-20230824-0002 • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •

CVSS: 6.0EPSS: 0%CPEs: 454EXPL: 0

Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00767.html •

CVSS: 6.0EPSS: 0%CPEs: 668EXPL: 0

Improper isolation of shared resources in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Un aislamiento inapropiado de los recursos compartidos en algunos procesadores Intel(R) puede permitir que un usuario privilegiado permita potencialmente la divulgación de información a través del acceso local. A flaw was found in hw. The APIC can operate in xAPIC mode (also known as a legacy mode), in which APIC configuration registers are exposed through a memory-mapped I/O (MMIO) page. This flaw allows an attacker who can execute code on a target CPU to query the APIC configuration page. • https://lists.debian.org/debian-lts-announce/2023/04/msg00000.html https://security.netapp.com/advisory/ntap-20220923-0002 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657.html https://access.redhat.com/security/cve/CVE-2022-21233 https://bugzilla.redhat.com/show_bug.cgi?id=2115640 https://access.redhat.com/solutions/6971358 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •