Page 11 of 55 results (0.006 seconds)

CVSS: 4.4EPSS: 0%CPEs: 618EXPL: 0

Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access. Una inicialización inapropiada en un subsistema en Intel® CSME versiones anteriores a 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 y 15.0.22 puede habilitar a un usuario privilegiado para permitir potencialmente una divulgación de información por medio de un acceso local • https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf https://security.netapp.com/advisory/ntap-20210611-0004 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html • CWE-665: Improper Initialization •

CVSS: 8.8EPSS: 0%CPEs: 215EXPL: 0

Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access. Una limpieza incompleta en algunos productos Intel® VT-d puede permitir a un usuario autenticado permitir potencialmente una escalada de privilegios por medio de un acceso local A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html https://www.debian.org/security/2021/dsa-4934 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html https://access.redhat.com/security/cve/CVE-2020-24489 https://bugzilla.redhat.com/show_bug.cgi?id=1962650 • CWE-459: Incomplete Cleanup •

CVSS: 6.7EPSS: 0%CPEs: 483EXPL: 0

Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Unas restricciones de búfer inapropiadas en el firmware del BIOS para algunos Intel® Processors, pueden habilitar a un usuario privilegiado para permitir potencialmente una escalada de privilegios por medio de un acceso local • https://security.netapp.com/advisory/ntap-20201113-0001 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00358 •

CVSS: 5.5EPSS: 0%CPEs: 502EXPL: 0

Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Una eliminación inapropiada de información confidencial antes del almacenamiento o transferencia en algunos Intel® Processors, puede habilitar a un usuario autenticado para permitir potencialmente una divulgación de información por medio de un acceso local A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state. • https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43 https://security.netapp.com/advisory/ntap-20201113-0006 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381 https://access.redhat.com/security/cve/CVE-2020-8696 https://bugzilla.redhat.com/show_bug.cgi?id=1890355 https://access.redhat.com/articles/5569051 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •

CVSS: 7.8EPSS: 0%CPEs: 291EXPL: 0

In psi_write of psi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-148159562References: Upstream kernel En la función psi_write del archivo psi.c, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. • https://source.android.com/security/bulletin/2020-05-01 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00533.html • CWE-787: Out-of-bounds Write •