Page 3 of 18 results (0.005 seconds)

CVSS: 4.4EPSS: 0%CPEs: 333EXPL: 0

Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentially enable information disclosure via local access. Una lectura fuera de límites de un subsistema en Intel® CSME versiones anteriores a 12.0.81, 13.0.47, 13.30.17, 14.1.53 y 14.5.32 puede permitir a un usuario privilegiado habilitar potencialmente una divulgación de información por medio de un acceso local • https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf https://security.netapp.com/advisory/ntap-20210611-0004 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html • CWE-125: Out-of-bounds Read •

CVSS: 6.7EPSS: 0%CPEs: 576EXPL: 0

Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access. Unas restricciones de búfer inapropiadas en un subsistema en Intel® CSME versiones anteriores a 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 y 15.0.22 pueden permitir a un usuario privilegiado habilitar potencialmente una escalada de privilegios por medio de un acceso local • https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf https://security.netapp.com/advisory/ntap-20210611-0004 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.4EPSS: 0%CPEs: 618EXPL: 0

Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access. Una inicialización inapropiada en un subsistema en Intel® CSME versiones anteriores a 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 y 15.0.22 puede habilitar a un usuario privilegiado para permitir potencialmente una divulgación de información por medio de un acceso local • https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf https://security.netapp.com/advisory/ntap-20210611-0004 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html • CWE-665: Improper Initialization •

CVSS: 5.5EPSS: 0%CPEs: 736EXPL: 0

Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Una discrepancia observable en la interfaz RAPL para algunos Intel® Processors, puede habilitar a un usuario privilegiado para permitir potencialmente una divulgación de información por medio de un acceso local A vulnerability was found in Intel's implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem. • https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQ24MFBVH3HJW3PNRQBRY4YXKC7GA57W https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GRFC7UAPKAFFH5WX3AMDUBVHLKYQA2NZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEM2FZWVE4FNGYNQU3WCBAWT • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •

CVSS: 5.5EPSS: 0%CPEs: 732EXPL: 0

Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Un control de acceso insuficiente en el controlador del kernel de Linux para algunos Intel® Processors, puede habilitar a un usuario autenticado para permitir potencialmente una divulgación de información por medio de un acceso local • https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389 •