CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-24977
https://notcve.org/view.php?id=CVE-2024-24977
14 Aug 2024 — Uncontrolled search path for some Intel(R) License Manager for FLEXlm product software before version 11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01126.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.9EPSS: 0%CPEs: 14EXPL: 0CVE-2023-45745
https://notcve.org/view.php?id=CVE-2023-45745
16 May 2024 — Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access. La validación de entrada incorrecta en algún software de módulo Intel(R) TDX anterior a la versión 1.5.05.46.698 puede permitir que un usuario privilegiado habilite potencialmente la escalada de privilegios a través del acceso local. • https://security.netapp.com/advisory/ntap-20240621-0003 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 94%CPEs: 398EXPL: 424CVE-2021-44228 – Apache Log4j2 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-44228
10 Dec 2021 — Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.... • https://packetstorm.news/files/id/171626 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption CWE-502: Deserialization of Untrusted Data CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVSS: 7.5EPSS: 2%CPEs: 12EXPL: 0CVE-2020-0597
https://notcve.org/view.php?id=CVE-2020-0597
15 Jun 2020 — Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 14.0.33 may allow an unauthenticated user to potentially enable denial of service via network access. Una lectura fuera de límites en el subsistema IPv6 en Intel® AMT e Intel® ISM versiones anteriores a 14.0.33, puede permitir a un usuario no autenticado habilitar potencialmente una denegación de servicio por medio de un acceso de red • https://security.netapp.com/advisory/ntap-20200611-0007 • CWE-125: Out-of-bounds Read •
CVSS: 5.6EPSS: 94%CPEs: 1467EXPL: 10CVE-2017-5753 – Multiple CPUs - 'Spectre' Information Disclosure
https://notcve.org/view.php?id=CVE-2017-5753
04 Jan 2018 — Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Los sistemas con microprocesadores con ejecución especulativa y predicción de ramas podrían permitir la revelación no autorizada de información al atacante con acceso de usuario local mediante un análisis de un canal lateral. An industry-wide issue was found in the way many modern microprocessor designs have imp... • https://packetstorm.news/files/id/145645 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •