CVSS: 7.3EPSS: 0%CPEs: 11EXPL: 0CVE-2023-32658
https://notcve.org/view.php?id=CVE-2023-32658
14 Nov 2023 — Unquoted search path in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access. La ruta de búsqueda sin comillas en Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN software de herramienta de actualización de firmware HDMI anteriores a la versión 1.79.1.1 puede permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a través del a... • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html • CWE-428: Unquoted Search Path or Element •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-27229
https://notcve.org/view.php?id=CVE-2022-27229
14 Nov 2023 — Path transversal in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Path transversal en Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN Software de herramienta de actualización de firmware HDMI anteriores a la versión 1.79.1.1 puede permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a través del acceso local. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-249: DEPRECATED: Often Misused: Path Manipulation •
CVSS: 6.7EPSS: 0%CPEs: 126EXPL: 0CVE-2023-20568
https://notcve.org/view.php?id=CVE-2023-20568
14 Nov 2023 — Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potentially leading to arbitrary code execution. La verificación inadecuada de la firma del controlador RadeonTM RX Vega M Graphics para Windows puede permitir que un atacante con privilegios de administrador inicie RadeonInstaller.exe sin validar la firma del archivo, lo que podría provocar la ejecución de código ar... • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6003 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 6.7EPSS: 0%CPEs: 126EXPL: 0CVE-2023-20567
https://notcve.org/view.php?id=CVE-2023-20567
14 Nov 2023 — Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature potentially leading to arbitrary code execution. La verificación inadecuada de la firma del controlador RadeonTM RX Vega M Graphics para Windows puede permitir que un atacante con privilegios de administrador inicie AMDSoftwareInstaller.exe sin validar la firma del archivo, lo que podría provocar la ejecución de... • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6003 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.5EPSS: 0%CPEs: 126EXPL: 0CVE-2021-46748
https://notcve.org/view.php?id=CVE-2021-46748
14 Nov 2023 — Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of service. Una verificación de límites insuficiente en el ASP (AMD Secure Processor) puede permitir que un atacante acceda a la memoria fuera de los límites de lo permitido para una TA (Trusted Application), lo que resulta en una posible denegación de servicio. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6003 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.4EPSS: 0%CPEs: 362EXPL: 0CVE-2023-34349
https://notcve.org/view.php?id=CVE-2023-34349
11 Aug 2023 — Race condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-421: Race Condition During Access to Alternate Channel •
CVSS: 6.0EPSS: 0%CPEs: 134EXPL: 0CVE-2023-32285
https://notcve.org/view.php?id=CVE-2023-32285
11 Aug 2023 — Improper access control in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html • CWE-284: Improper Access Control •
CVSS: 6.0EPSS: 0%CPEs: 188EXPL: 0CVE-2023-22330
https://notcve.org/view.php?id=CVE-2023-22330
11 Aug 2023 — Use of uninitialized resource in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. El uso de recursos no inicializados en algunos firmware de BIOS de Intel(R) NUC puede permitir que un usuario con privilegios permita potencialmente la divulgación de información mediante acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html • CWE-908: Use of Uninitialized Resource •
CVSS: 6.0EPSS: 0%CPEs: 436EXPL: 0CVE-2023-22356
https://notcve.org/view.php?id=CVE-2023-22356
11 Aug 2023 — Improper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. La inicialización incorrecta en Intel(R) NUC BIOS firmware pueden permitir que un usuario privilegiado habilite potencialmente la divulgación de información a través del acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html • CWE-665: Improper Initialization •
CVSS: 6.0EPSS: 0%CPEs: 222EXPL: 0CVE-2023-22444
https://notcve.org/view.php?id=CVE-2023-22444
11 Aug 2023 — Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html • CWE-665: Improper Initialization •