CVSS: 5.9EPSS: 1%CPEs: 60EXPL: 0CVE-2016-8106
https://notcve.org/view.php?id=CVE-2016-8106
A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions. Una denegación de servicio en Intel Ethernet Controller's X710/XL710 con Non-Volatile Memory Images en versiones anteriores a 5.05 permite a atacantes remotos detener el controlador de procesar el tráfico de red que funciona bajo determinadas condiciones de uso de la red. • http://www-01.ibm.com/support/docview.wss?uid=swg22002507 http://www.securityfocus.com/bid/95333 http://www.securitytracker.com/id/1037562 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05368378 https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063&languageid=en-fr https://security.netapp.com/advisory/ntap-20190731-0001 https://support.lenovo.com/us/en/product_security/LEN-12029 • CWE-20: Improper Input Validation •
CVSS: 4.7EPSS: 0%CPEs: 148EXPL: 0CVE-2016-8222
https://notcve.org/view.php?id=CVE-2016-8222
A vulnerability has been identified in a signed kernel driver for the BIOS of some ThinkPad systems that can allow an attacker with Windows administrator-level privileges to call System Management Mode (SMM) services. This could lead to a denial of service attack or allow certain BIOS variables or settings to be altered (such as boot sequence). The setting or changing of BIOS passwords is not affected by this vulnerability. Una vulnerabilidad ha sido identificada en un controlador de kernel firmado para la BIOS de algunos sistemas ThinkPad que pueden permitir a un atacante con privilegios nivel administrador de Windows llamar a servicios System Management Mode (SMM). Esto puede conducir a un ataque de denegación de servicio o permitir que ciertas variables o ajustes BIOS sean alterados (como una secuencia boot). • http://www.securityfocus.com/bid/94409 https://support.lenovo.com/us/en/solutions/LEN_8327 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-8223
https://notcve.org/view.php?id=CVE-2016-8223
During an internal security review, Lenovo identified a local privilege escalation vulnerability in Lenovo System Interface Foundation software installed on some Windows 10 PCs where a user with local privileges could run arbitrary code with administrator level privileges. Durante una revisión de seguridad interna, Lenovo identificó una vulnerabilidad de escalamiento de privilegios local en el software Lenovo System Interface Foundation instalado en algunos PCs con Windows 10 donde un usuario con privilegios locales podía ejecutar código arbitrario con privilegios de nivel administrador. • http://www.securityfocus.com/bid/94597 https://support.lenovo.com/us/en/solutions/LEN_10150 • CWE-284: Improper Access Control •
CVSS: 4.6EPSS: 0%CPEs: 57EXPL: 0CVE-2016-8224
https://notcve.org/view.php?id=CVE-2016-8224
A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Management Engine (ME) protections. This could result in a denial of service or privilege escalation attack on the system. Una vulnerabilidad ha sido identificada en algunos sistemas Lenovo Notebook y ThinkServer donde un atacante con privilegios administrativos en un sistema podría instalar un programa que evita protecciones Intel Management Engine (ME). Esto podría resultar en una denegación de servicio o ataque de escalamiento de privilegios en el sistema. • http://www.securityfocus.com/bid/94595 https://support.lenovo.com/us/en/solutions/LEN_9903 • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2016-5247
https://notcve.org/view.php?id=CVE-2016-5247
The BIOS for Lenovo ThinkCentre E93, M6500t/s, M6600, M6600q, M6600t/s, M73p, M800, M83, M8500t/s, M8600t/s, M900, M93, and M93P devices; ThinkServer RQ940, RS140, TS140, TS240, TS440, and TS540 devices; and ThinkStation E32, P300, and P310 devices might allow local users or physically proximate attackers to bypass the Secure Boot protection mechanism by leveraging an AMI test key. El BIOS para Lenovo ThinkCentre E93, M6500t/s, M6600, M6600q, M6600t/s, M73p, M800, M83, M8500t/s, M8600t/s, M900, M93 y dispositivos M93P; ThinkServer RQ940, RS140, TS140, TS240, TS440 y dispositivos TS540; y ThinkStation E32, P300 y dispositivos P310 podría permitir a usuarios locales o atacantes físicamente próximos eludir el mecanismo de protección Secure Boot mediante el aprovechamiento de una llave test AMI. • http://www.securityfocus.com/bid/92661 https://support.lenovo.com/product_security/PS500067 • CWE-254: 7PK - Security Features •