Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-1999-0038

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-29 Sep, 1999 | 04:00
Updated At-12 Sep, 2024 | 14:37
Rejected At-
Credits

Buffer overflow in xlock program allows local users to execute commands as root.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:29 Sep, 1999 | 04:00
Updated At:12 Sep, 2024 | 14:37
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in xlock program allows local users to execute commands as root.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0038
x_refsource_MISC
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0038
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0038
x_refsource_MISC
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0038
Resource:
x_refsource_MISC
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Vendor
IBM Corporationibm
Product
xlock
CPEs
  • cpe:2.3:a:ibm:xlock:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before * (custom)
Problem Types
TypeCWE IDDescription
CWECWE-120CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Type: CWE
CWE ID: CWE-120
Description: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Metrics
VersionBase scoreBase severityVector
3.18.4HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:26 Apr, 1997 | 04:00
Updated At:03 Apr, 2025 | 01:03

Buffer overflow in xlock program allows local users to execute commands as root.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.4HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Secondary
Version: 3.1
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
data_general
data_general
>>dg_ux>>1.0
cpe:2.3:a:data_general:dg_ux:1.0:*:*:*:*:*:*:*
data_general
data_general
>>dg_ux>>2.0
cpe:2.3:a:data_general:dg_ux:2.0:*:*:*:*:*:*:*
data_general
data_general
>>dg_ux>>3.0
cpe:2.3:a:data_general:dg_ux:3.0:*:*:*:*:*:*:*
data_general
data_general
>>dg_ux>>4.0
cpe:2.3:a:data_general:dg_ux:4.0:*:*:*:*:*:*:*
data_general
data_general
>>dg_ux>>5.0
cpe:2.3:a:data_general:dg_ux:5.0:*:*:*:*:*:*:*
data_general
data_general
>>dg_ux>>6.0
cpe:2.3:a:data_general:dg_ux:6.0:*:*:*:*:*:*:*
data_general
data_general
>>dg_ux>>7.0
cpe:2.3:a:data_general:dg_ux:7.0:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>5.0
cpe:2.3:o:sgi:irix:5.0:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>5.0.1
cpe:2.3:o:sgi:irix:5.0.1:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>5.1
cpe:2.3:o:sgi:irix:5.1:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>5.1.1
cpe:2.3:o:sgi:irix:5.1.1:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>5.2
cpe:2.3:o:sgi:irix:5.2:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>5.3
cpe:2.3:o:sgi:irix:5.3:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>5.3
cpe:2.3:o:sgi:irix:5.3:*:xfs:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.0
cpe:2.3:o:sgi:irix:6.0:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.0.1
cpe:2.3:o:sgi:irix:6.0.1:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.0.1
cpe:2.3:o:sgi:irix:6.0.1:*:xfs:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.1
cpe:2.3:o:sgi:irix:6.1:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.3
cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.4
cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*
bsdi
bsdi
>>bsd_os>>2.1
cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>0.93
cpe:2.3:o:debian:debian_linux:0.93:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>1.1
cpe:2.3:o:debian:debian_linux:1.1:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>1.2
cpe:2.3:o:debian:debian_linux:1.2:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>1.3
cpe:2.3:o:debian:debian_linux:1.3:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>10.00
cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>10.01
cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>10.08
cpe:2.3:o:hp:hp-ux:10.08:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>10.10
cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>10.16
cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>10.20
cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>10.24
cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>10.30
cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>10.34
cpe:2.3:o:hp:hp-ux:10.34:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>3.2
cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.1
cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.2
cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>solaris>>2.4
cpe:2.3:o:sun:solaris:2.4:*:x86:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>solaris>>2.5
cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>solaris>>2.5.1
cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>solaris>>2.5.1
cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.3
cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.4
cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.5
cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.5.1
cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE-120Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-120
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0038cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0038af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0038
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0038
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1265Records found
CVE-2017-11176
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-14.79% / 94.25%
||
7 Day CHG~0.00%
Published-11 Jul, 2017 | 23:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-linux_kerneldebian_linuxn/a
CWE ID-CWE-416
Use After Free
CVE-2008-0930
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.02% / 4.62%
||
7 Day CHG~0.00%
Published-04 Mar, 2008 | 00:00
Updated-07 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-freshmeatn/aDebian GNU/Linux
Product-debian_linuxxwinen/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-4008
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.15%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 00:00
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectX.Org Foundation
Product-debian_linuxfedorax_serverxorg-x11-server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-1601
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.83%
||
7 Day CHG~0.00%
Published-31 Mar, 2008 | 23:00
Updated-07 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the reboot program on IBM AIX 5.2 and 5.3 allows local users in the shutdown group to gain privileges.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-3204
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.26%
||
7 Day CHG~0.00%
Published-17 Oct, 2012 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Power Management.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sunosn/a
CVE-2020-26880
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.02%
||
7 Day CHG~0.00%
Published-07 Oct, 2020 | 17:33
Updated-04 Aug, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable.

Action-Not Available
Vendor-sympan/aDebian GNU/LinuxFedora Project
Product-debian_linuxsympafedoran/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2007-0978
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.15%
||
7 Day CHG~0.00%
Published-16 Feb, 2007 | 01:00
Updated-07 Aug, 2024 | 12:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2012-3199
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.26%
||
7 Day CHG~0.00%
Published-17 Oct, 2012 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Gnome Trusted Extension.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sunosn/a
CVE-2012-2291
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.03% / 7.28%
||
7 Day CHG~0.00%
Published-21 Jan, 2013 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack.

Action-Not Available
Vendor-n/aELAN Microelectronics CorporationHP Inc.Apple Inc.
Product-mac_os_xavamar_pluginavamarhp-uxn/a
CVE-2012-2188
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.00%
||
7 Day CHG~0.00%
Published-06 Aug, 2012 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1.0 and 7R7.2.0 before 7R7.2.0 SP3, and 7R7.3.0 before SP2, and Systems Director Management Console (SDMC) 6R7.3.0 before SP2, does not properly restrict the VIOS viosrvcmd command, which allows local users to gain privileges via vectors involving a (1) $ (dollar sign) or (2) & (ampersand) character.

Action-Not Available
Vendor-n/aIBM Corporation
Product-power_hardware_management_console_firmwaresystems_director_management__console_firmwaren/a
CVE-2019-4294
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.10% / 28.41%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 18:25
Updated-16 Sep, 2024 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.6, 7.6.0.0 through 7.6.0.15 and IBM MQ Appliance 8.0.0.0 through 8.0.0.12, 9.1.0.0 through 9.1.0.2, and 9.1.1 through 9.1.2 could allow a local attacker to execute arbitrary commands on the system, caused by a command injection vulnerability. IBM X-Force ID: 16188.

Action-Not Available
Vendor-IBM Corporation
Product-datapower_gatewaymq_applianceDataPower GatewayMQ Appliance
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-4078
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.4||HIGH
EPSS-0.11% / 30.19%
||
7 Day CHG~0.00%
Published-23 May, 2019 | 14:05
Updated-16 Sep, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local non privileged user to execute code as an administrator due to incorrect permissions set on MQ installation directories. IBM X-Force ID: 157190.

Action-Not Available
Vendor-IBM Corporation
Product-websphere_mqMQ
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2012-0745
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 24.83%
||
7 Day CHG~0.00%
Published-04 May, 2012 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-viosaixn/a
CVE-2023-38721
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.02% / 3.80%
||
7 Day CHG~0.00%
Published-14 Aug, 2023 | 17:25
Updated-09 Oct, 2024 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM i privilege escalation

The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor could gain access to a command line with elevated privileges allowing root access to the host operating system. IBM X-Force ID: 262173.

Action-Not Available
Vendor-IBM Corporation
Product-ii
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-39299
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-8.8||HIGH
EPSS-0.06% / 18.99%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 16:38
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.

Action-Not Available
Vendor-n/aHP Inc.
Product-proone_600_g5_21.5-in_all-in-one_business_pcelitebook_840_g5zbook_studio_g5_firmwareprobook_440_g5elitebook_1050_g1_firmwareeliteone_800_g4_23.8-inch_non-touch_all-in-one_pcprobook_640_g7eliteone_800_g6_27_all-in-one_pcprobook_640_g4prodesk_680_g6_pci_microtower_pceliteone_800_g6_24_all-in-one_pc_firmwareelitedesk_805_g8_small_form_factor_pczhan_66_pro_14_g2probook_630_g8_firmwareelitebook_x360_830_g5_firmwareelitebook_x360_830_g5prodesk_600_g5_microtower_pc\(with_pci_slot\)elite_x2_1013_g3elitedesk_800_g5_small_form_factor_pcelitedesk_880_g6_tower_pcprodesk_600_g4_microtower_pc\(with_pci_slot\)_firmwareproone_440_g6_24_all-in-one_pc_firmwarezhan_66_pro_13_g2elite_dragonflyprobook_440_g5_firmwareelite_dragonfly_maxelitebook_840_g7_firmwareprodesk_405_g8_desktop_mini_pczbook_14u_g6_firmwareeliteone_800_g8_24_all-in-one_pc260_g3_desktop_mini_pcprobook_x360_11_g3_education_editionzbook_17_g6zbook_15_g6probook_650_g8_firmwareproone_400_g6_24_all-in-one_pcelitebook_850_g6_firmwareeliteone_800_g6_24_all-in-one_pcprodesk_480_g5_microtower_pcprobook_430_g8_firmwareelitedesk_800_95w_g4_desktop_mini_pczbook_fury_17_g7_firmwarezhan_66_pro_14_g3elitedesk_800_g4_workstation_editionzbook_studio_15_g8_firmwareelitedesk_880_g8_tower_pc_firmwareelitebook_836_g6prodesk_405_g8_small_form_factor_pczbook_17_g6_firmwareprobook_470_g5elitedesk_800_65w_g4_desktop_mini_pcelitebook_850_g5_firmwareprodesk_480_g7_pci_microtower_pc_firmwareelitebook_840_g8elitebook_x360_1030_g7_firmwareprobook_640_g4_firmwareelitebook_846_g5probook_x360_11_g7_education_editionelitedesk_800_g4_small_form_factor_pc_firmwarezbook_fury_15_g7z4_g4_workstation_\(xeon_w\)zhan_66_pro_15_g3eliteone_800_g5_23.8-in_healthcare_edition_all-in-oneproone_440_g4_23.8-inch_non-touch_all-in-one_business_pcelitedesk_800_g8_tower_pczbook_17_g5_firmwareelitebook_x360_1040_g8_firmwareelitebook_830_g5z8_g4_workstation_firmwarezhan_66_pro_g3_24_all-in-one_pcelitedesk_800_g6_tower_pcproone_600_g6_22_all-in-one_pc_firmwareelitebook_x360_1040_g6elitebook_840_g6_firmwareprodesk_405_g8_desktop_mini_pc_firmwarezhan_66_pro_15_g2elitedesk_800_g5_tower_pcelitebook_840_g5_firmwareeliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmwareelitebook_x360_1030_g8probook_640_g5zbook_firefly_14_g7_firmwareproone_400_g6_20_all-in-one_pc_firmwarez1_entry_tower_g6_workstationprobook_x360_11_g6_education_editionz4_g4_workstation_\(xeon_w\)_firmwareproone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmwareelite_dragonfly_g2elitebook_830_g6prodesk_400_g7_microtower_pcprodesk_600_g5_small_form_factor_pcproone_440_g5_23.8-in_all-in-one_business_pc_firmwareprobook_x360_11_g7_education_edition_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pcprobook_430_g6_firmwareprodesk_400_g6_small_form_factor_pc_firmwareeliteone_800_g5_23.8-inch_all-in-oneprodesk_600_g4_desktop_mini_pc_firmwareprobook_650_g5_firmwarez1_entry_tower_g5_workstationeliteone_800_g8_27_all-in-one_pcproone_400_g4_20-inch_non-touch_all-in-one_business_pcproone_400_g5_20-inch_all-in-one_business_pc260_g3_desktop_mini_pc_firmwarez1_entry_tower_g5_workstation_firmwarezbook_fury_17_g8elitedesk_800_g4_small_form_factor_pcprodesk_680_g4_microtower_pceliteone_800_g6_27_all-in-one_pc_firmwareelitebook_x360_830_g7elitebook_x360_1040_g8probook_450_g5probook_450_g6_firmwareelitebook_836_g6_firmwareelitedesk_880_g4_tower_pceliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmwareelitebook_x360_1030_g7prodesk_400_g6_microtower_pc_firmwareprobook_430_g5_firmwareelitebook_836_g5_firmwareelitebook_x360_1040_g7_firmwareprobook_650_g7_firmwarezbook_17_g5probook_x360_440_g1zhan_66_pro_15_g3_firmwareprodesk_400_g5_microtower_pcprobook_440_g7elitebook_x360_1040_g5elitedesk_800_35w_g4_desktop_mini_pczbook_fury_17_g8_firmwareeliteone_800_g8_27_all-in-one_pc_firmwareeliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmwareelitebook_850_g8prodesk_600_g4_microtower_pcelitebook_x360_1030_g4probook_x360_440_g1_firmwareelitebook_830_g8_firmwareprodesk_600_g4_small_form_factor_pcprodesk_600_g5_microtower_pc_firmwareelitedesk_880_g6_tower_pc_firmwarezbook_15_g5_firmwareelitebook_840_g5_healthcare_edition_firmwareprodesk_400_g6_desktop_mini_pcz1_entry_tower_g6_workstation_firmwareprobook_x360_11_g3_education_edition_firmwareprodesk_400_g5_small_form_factor_pc_firmwarezbook_firefly_14_g7elitebook_840_g6_healthcare_edition_firmwarezbook_fury_15_g8mp9_g4_retail_systemprobook_640_g7_firmwareelitebook_840_g6zhan_66_pro_g3_24_all-in-one_pc_firmwareelitebook_x360_830_g8probook_470_g5_firmwareengage_flex_mini_retail_system_firmwareelitebook_850_g8_firmwareproone_600_g4_21.5-inch_touch_all-in-one_business_pcelitebook_x360_830_g6probook_450_g8prodesk_400_g5_microtower_pc_firmwarezbook_power_15_g8_firmwareelitedesk_880_g5_tower_pc_firmwareprodesk_600_g5_microtower_pc\(with_pci_slot\)_firmwareeliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmwareprobook_x360_11_g4_education_editionzbook_studio_g7prodesk_600_g4_microtower_pc\(with_pci_slot\)elitebook_840_aero_g8_firmwareproone_400_g6_20_all-in-one_pcprodesk_600_g5_microtower_pcprodesk_600_g6_small_form_factor_pczbook_fury_15_g7_firmwarez4_g4_workstation_\(core-x\)_firmwareprobook_640_g8_firmwarezbook_14u_g5_firmwareprodesk_600_g6_small_form_factor_pc_firmwareeliteone_1000_g2_23.8-in_all-in-one_business_pc_firmwarezbook_studio_x360_g5elitedesk_800_g8_small_form_factor_pc_firmwarez1_g8_tower_desktop_pc_firmwarezbook_15u_g6zbook_studio_x360_g5_firmwareeliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pceliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pcelitedesk_800_g8_desktop_mini_pcproone_400_g4_23.8-inch_non-touch_all-in-one_business_pcelitedesk_800_g4_tower_pcelitedesk_880_g5_tower_pczbook_firefly_15_g8elite_dragonfly_max_firmwarezbook_studio_g7_firmwareproone_440_g5_23.8-in_all-in-one_business_pcprobook_x360_11_g6_education_edition_firmwarezbook_firefly_15_g7_firmwarez6_g4_workstationproone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmwareeliteone_800_g4_23.8-inch_touch_all-in-one_pcelitebook_846_g5_firmwareprodesk_600_g5_small_form_factor_pc_firmwareelite_x2_g8_tabletzbook_15u_g5prodesk_600_g6_microtower_pczbook_fury_17_g7elitebook_840_g5_healthcare_editionprodesk_480_g6_microtower_pc_firmwareproone_440_g6_24_all-in-one_pceliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmwareprodesk_400_g4_desktop_mini_pc_firmwareelite_x2_1013_g3_firmwareelitedesk_805_g6_small_form_factor_pcprodesk_400_g5_small_form_factor_pcelitebook_830_g7_firmwarezbook_14u_g6eliteone_1000_g2_23.8-in_touch_all-in-one_business_pcelitebook_850_g6probook_450_g7zbook_15u_g6_firmwareproone_400_g6_24_all-in-one_pc_firmwareelitedesk_880_g4_tower_pc_firmwareprodesk_680_g6_pci_microtower_pc_firmwareprodesk_400_g6_microtower_pcprobook_440_g8prodesk_600_g4_desktop_mini_pcprobook_450_g7_firmwareprobook_640_g5_firmwareprobook_440_g6probook_450_g6prodesk_600_g5_desktop_mini_pc_firmwareprodesk_600_g5_desktop_mini_pcprobook_630_g8probook_650_g8probook_650_g4_firmwarezbook_firefly_15_g8_firmwarezbook_fury_15_g8_firmwareelitedesk_800_g6_small_form_factor_pcprobook_650_g4zhan_x_13_g2probook_650_g5zbook_studio_g5z6_g4_workstation_firmwareprodesk_600_g4_small_form_factor_pc_firmwareelitedesk_800_g8_desktop_mini_pc_firmwarezbook_create_g7elitedesk_805_g8_small_form_factor_pc_firmwarezhan_66_pro_14_g2_firmwareprodesk_600_g4_microtower_pc_firmwareprobook_430_g8zbook_studio_15_g8elitedesk_800_g5_desktop_mini_pc_firmwareprodesk_400_g6_desktop_mini_pc_firmwareelitebook_x360_1040_g7elite_x2_g4prodesk_600_g6_desktop_mini_pc_firmwarezbook_15_g5probook_430_g6eliteone_800_g5_23.8-inch_all-in-one_firmwareelitebook_830_g8elitebook_x360_1030_g3proone_400_g5_23.8-inch_all-in-one_business_pc_firmwareelitedesk_805_g6_desktop_mini_pc_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmwareproone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmwareelitedesk_800_g5_desktop_mini_pcelitedesk_800_g6_small_form_factor_pc_firmwarezhan_x_13_g2_firmwareelitebook_x360_830_g8_firmwareprodesk_600_g6_desktop_mini_pczhan_66_pro_14_g4prodesk_680_g4_microtower_pc\(with_pci_slot\)probook_430_g7probook_450_g8_firmwareproone_400_g5_23.8-inch_all-in-one_business_pcprodesk_680_g4_microtower_pc\(with_pci_slot\)_firmwareelitebook_836_g5elitedesk_800_g5_small_form_factor_pc_firmwareelitedesk_800_g8_tower_pc_firmwareproone_400_g5_20-inch_all-in-one_business_pc_firmwareeliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmwareprodesk_680_g4_microtower_pc_firmwareelitebook_830_g7elitedesk_800_g6_desktop_mini_pcprodesk_400_g7_small_form_factor_pcprobook_650_g7prodesk_400_g7_microtower_pc_firmwareprodesk_600_g6_microtower_pc_firmwareelitedesk_805_g6_desktop_mini_pcprobook_x360_11_g4_education_edition_firmwareelite_x2_g8_tablet_firmwareeliteone_1000_g2_34-in_curved_all-in-one_business_pcelite_dragonfly_firmwareelitedesk_800_95w_g4_desktop_mini_pc_firmwareprobook_440_g6_firmwareelitebook_x360_830_g6_firmwareelitebook_840_g8_firmwareelitebook_830_g6_firmwareelitebook_850_g7zhan_66_pro_g3_22_all-in-one_pcelitedesk_805_g6_small_form_factor_pc_firmwarezbook_firefly_14_g8elitedesk_800_g6_tower_pc_firmwarezhan_66_pro_g1_firmwareprobook_x360_11_g5_education_edition_firmwareelitebook_x360_1040_g5_firmwareprobook_430_g5probook_430_g7_firmwareelitedesk_800_g6_desktop_mini_pc_firmwareelite_x2_g4_firmwarezbook_power_g7_firmwarezhan_66_pro_13_g2_firmwarezbook_power_15_g8zbook_firefly_14_g8_firmwareelitebook_x360_830_g7_firmwareelite_dragonfly_g2_firmwareelitebook_850_g7_firmwareelitebook_x360_1030_g3_firmwareproone_600_g6_22_all-in-one_pceliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmwareelitedesk_800_g4_workstation_edition_firmwarezhan_66_pro_g3_22_all-in-one_pc_firmwareeliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmwareelitebook_840_g6_healthcare_editioneliteone_1000_g2_23.8-in_all-in-one_business_pcelitebook_840_aero_g8probook_450_g5_firmwarezhan_66_pro_15_g2_firmwarezhan_66_pro_14_g4_firmwarezbook_firefly_15_g7eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pcprodesk_480_g6_microtower_pcz8_g4_workstationzbook_14u_g5eliteone_800_g8_24_all-in-one_pc_firmwareelitedesk_805_g8_desktop_mini_pc_firmwareprodesk_400_g4_desktop_mini_pcelitebook_x360_1030_g8_firmwareprobook_640_g8zhan_66_pro_g1z4_g4_workstation_\(core-x\)mp9_g4_retail_system_firmwareelitebook_840_g7elitebook_840r_g4elitedesk_800_g4_tower_pc_firmwareelitebook_1050_g1prodesk_400_g7_small_form_factor_pc_firmwareengage_flex_mini_retail_systemprodesk_400_g5_desktop_mini_pcelitebook_850_g5zbook_power_g7z1_g8_tower_desktop_pcprobook_440_g7_firmwareelitedesk_880_g8_tower_pcproone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmwareelitebook_x360_1040_g6_firmwareproone_600_g5_21.5-in_all-in-one_business_pc_firmwareelitebook_x360_1030_g4_firmwareelitedesk_800_g8_small_form_factor_pczhan_66_pro_14_g3_firmwarezbook_15u_g5_firmwareelitedesk_805_g8_desktop_mini_pcprobook_x360_11_g5_education_editionprobook_440_g8_firmwareelitedesk_800_35w_g4_desktop_mini_pc_firmwareelitebook_830_g5_firmwarezbook_15_g6_firmwareelitedesk_800_g5_tower_pc_firmwareelitebook_840r_g4_firmwareprodesk_405_g8_small_form_factor_pc_firmwareprodesk_480_g7_pci_microtower_pcprodesk_480_g5_microtower_pc_firmwareelitedesk_800_65w_g4_desktop_mini_pc_firmwarezbook_create_g7_firmwareprodesk_400_g5_desktop_mini_pc_firmwareprodesk_400_g6_small_form_factor_pcBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS
CVE-1999-0050
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.34% / 55.88%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HP-UX newgrp program.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2006-5011
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.04% / 12.12%
||
7 Day CHG~0.00%
Published-27 Sep, 2006 | 01:00
Updated-07 Aug, 2024 | 19:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Untrusted search path vulnerability in snappd in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via a Trojan horse program, involving the "system subroutine".

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2021-39301
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-8.8||HIGH
EPSS-0.25% / 48.56%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 16:38
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.

Action-Not Available
Vendor-n/aHP Inc.
Product-proone_600_g5_21.5-in_all-in-one_business_pcelitebook_840_g5zbook_studio_g5_firmwareprobook_440_g5elitebook_1050_g1_firmwareeliteone_800_g4_23.8-inch_non-touch_all-in-one_pcprobook_640_g7eliteone_800_g6_27_all-in-one_pcprobook_640_g4prodesk_680_g6_pci_microtower_pceliteone_800_g6_24_all-in-one_pc_firmwareelitedesk_805_g8_small_form_factor_pczhan_66_pro_14_g2probook_630_g8_firmwareelitebook_x360_830_g5_firmwareelitebook_x360_830_g5prodesk_600_g5_microtower_pc\(with_pci_slot\)elite_x2_1013_g3elitedesk_800_g5_small_form_factor_pcelitedesk_880_g6_tower_pcprodesk_600_g4_microtower_pc\(with_pci_slot\)_firmwareproone_440_g6_24_all-in-one_pc_firmwarezhan_66_pro_13_g2elite_dragonflyprobook_440_g5_firmwareelite_dragonfly_maxelitebook_840_g7_firmwareprodesk_405_g8_desktop_mini_pczbook_14u_g6_firmwareeliteone_800_g8_24_all-in-one_pc260_g3_desktop_mini_pcprobook_x360_11_g3_education_editionzbook_17_g6zbook_15_g6probook_650_g8_firmwareproone_400_g6_24_all-in-one_pcelitebook_850_g6_firmwareeliteone_800_g6_24_all-in-one_pcprodesk_480_g5_microtower_pcprobook_430_g8_firmwareelitedesk_800_95w_g4_desktop_mini_pczbook_fury_17_g7_firmwarezhan_66_pro_14_g3elitedesk_800_g4_workstation_editionzbook_studio_15_g8_firmwareelitedesk_880_g8_tower_pc_firmwareelitebook_836_g6prodesk_405_g8_small_form_factor_pczbook_17_g6_firmwareprobook_470_g5elitedesk_800_65w_g4_desktop_mini_pcelitebook_850_g5_firmwareprodesk_480_g7_pci_microtower_pc_firmwareelitebook_840_g8elitebook_x360_1030_g7_firmwareprobook_640_g4_firmwareelitebook_846_g5probook_x360_11_g7_education_editionelitedesk_800_g4_small_form_factor_pc_firmwarezbook_fury_15_g7z4_g4_workstation_\(xeon_w\)zhan_66_pro_15_g3eliteone_800_g5_23.8-in_healthcare_edition_all-in-oneproone_440_g4_23.8-inch_non-touch_all-in-one_business_pcelitedesk_800_g8_tower_pczbook_17_g5_firmwareelitebook_x360_1040_g8_firmwarez8_g4_workstation_firmwareelitebook_830_g5zhan_66_pro_g3_24_all-in-one_pcelitedesk_800_g6_tower_pcproone_600_g6_22_all-in-one_pc_firmwareelitebook_x360_1040_g6elitebook_840_g6_firmwareprodesk_405_g8_desktop_mini_pc_firmwarezhan_66_pro_15_g2elitedesk_800_g5_tower_pcelitebook_840_g5_firmwareeliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmwareelitebook_x360_1030_g8probook_640_g5zbook_firefly_14_g7_firmwareproone_400_g6_20_all-in-one_pc_firmwarez1_entry_tower_g6_workstationprobook_x360_11_g6_education_editionz4_g4_workstation_\(xeon_w\)_firmwareproone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmwareelite_dragonfly_g2elitebook_830_g6prodesk_400_g7_microtower_pcprodesk_600_g5_small_form_factor_pcproone_440_g5_23.8-in_all-in-one_business_pc_firmwareprobook_x360_11_g7_education_edition_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pcprobook_430_g6_firmwareprodesk_400_g6_small_form_factor_pc_firmwareeliteone_800_g5_23.8-inch_all-in-oneprodesk_600_g4_desktop_mini_pc_firmwareprobook_650_g5_firmwarez1_entry_tower_g5_workstationeliteone_800_g8_27_all-in-one_pcproone_400_g4_20-inch_non-touch_all-in-one_business_pcproone_400_g5_20-inch_all-in-one_business_pc260_g3_desktop_mini_pc_firmwarez1_entry_tower_g5_workstation_firmwarezbook_fury_17_g8elitedesk_800_g4_small_form_factor_pcprodesk_680_g4_microtower_pceliteone_800_g6_27_all-in-one_pc_firmwareelitebook_x360_830_g7elitebook_x360_1040_g8probook_450_g5probook_450_g6_firmwareelitebook_836_g6_firmwareelitedesk_880_g4_tower_pceliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmwareelitebook_x360_1030_g7prodesk_400_g6_microtower_pc_firmwareprobook_430_g5_firmwareelitebook_836_g5_firmwareelitebook_x360_1040_g7_firmwareprobook_650_g7_firmwarezbook_17_g5probook_x360_440_g1zhan_66_pro_15_g3_firmwareprodesk_400_g5_microtower_pcprobook_440_g7elitebook_x360_1040_g5elitedesk_800_35w_g4_desktop_mini_pczbook_fury_17_g8_firmwareeliteone_800_g8_27_all-in-one_pc_firmwareeliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmwareelitebook_850_g8prodesk_600_g4_microtower_pcelitebook_x360_1030_g4probook_x360_440_g1_firmwareelitebook_830_g8_firmwareprodesk_600_g4_small_form_factor_pcprodesk_600_g5_microtower_pc_firmwareelitedesk_880_g6_tower_pc_firmwarezbook_15_g5_firmwareelitebook_840_g5_healthcare_edition_firmwareprodesk_400_g6_desktop_mini_pcz1_entry_tower_g6_workstation_firmwareprobook_x360_11_g3_education_edition_firmwareprodesk_400_g5_small_form_factor_pc_firmwarezbook_firefly_14_g7elitebook_840_g6_healthcare_edition_firmwaremp9_g4_retail_systemzbook_fury_15_g8probook_640_g7_firmwareelitebook_840_g6zhan_66_pro_g3_24_all-in-one_pc_firmwareelitebook_x360_830_g8probook_470_g5_firmwareengage_flex_mini_retail_system_firmwareelitebook_850_g8_firmwareproone_600_g4_21.5-inch_touch_all-in-one_business_pcelitebook_x360_830_g6probook_450_g8prodesk_400_g5_microtower_pc_firmwarezbook_power_15_g8_firmwareelitedesk_880_g5_tower_pc_firmwareprodesk_600_g5_microtower_pc\(with_pci_slot\)_firmwareeliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmwareprobook_x360_11_g4_education_editionzbook_studio_g7prodesk_600_g4_microtower_pc\(with_pci_slot\)elitebook_840_aero_g8_firmwareproone_400_g6_20_all-in-one_pcprodesk_600_g5_microtower_pcprodesk_600_g6_small_form_factor_pcz4_g4_workstation_\(core-x\)_firmwarezbook_fury_15_g7_firmwareprobook_640_g8_firmwarezbook_14u_g5_firmwareprodesk_600_g6_small_form_factor_pc_firmwareeliteone_1000_g2_23.8-in_all-in-one_business_pc_firmwarezbook_studio_x360_g5elitedesk_800_g8_small_form_factor_pc_firmwarez1_g8_tower_desktop_pc_firmwarezbook_15u_g6zbook_studio_x360_g5_firmwareeliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pceliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pcelitedesk_800_g8_desktop_mini_pcproone_400_g4_23.8-inch_non-touch_all-in-one_business_pcelitedesk_800_g4_tower_pcelitedesk_880_g5_tower_pczbook_firefly_15_g8elite_dragonfly_max_firmwarezbook_studio_g7_firmwareproone_440_g5_23.8-in_all-in-one_business_pcprobook_x360_11_g6_education_edition_firmwarezbook_firefly_15_g7_firmwarez6_g4_workstationproone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmwareeliteone_800_g4_23.8-inch_touch_all-in-one_pcelitebook_846_g5_firmwareprodesk_600_g5_small_form_factor_pc_firmwareelite_x2_g8_tabletzbook_15u_g5prodesk_600_g6_microtower_pczbook_fury_17_g7elitebook_840_g5_healthcare_editionprodesk_480_g6_microtower_pc_firmwareproone_440_g6_24_all-in-one_pceliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmwareprodesk_400_g4_desktop_mini_pc_firmwareelite_x2_1013_g3_firmwareelitedesk_805_g6_small_form_factor_pcprodesk_400_g5_small_form_factor_pcelitebook_830_g7_firmwarezbook_14u_g6eliteone_1000_g2_23.8-in_touch_all-in-one_business_pcelitebook_850_g6probook_450_g7zbook_15u_g6_firmwareproone_400_g6_24_all-in-one_pc_firmwareelitedesk_880_g4_tower_pc_firmwareprodesk_680_g6_pci_microtower_pc_firmwareprodesk_400_g6_microtower_pcprobook_440_g8prodesk_600_g4_desktop_mini_pcprobook_450_g7_firmwareprobook_640_g5_firmwareprobook_440_g6probook_450_g6prodesk_600_g5_desktop_mini_pc_firmwareprodesk_600_g5_desktop_mini_pcprobook_630_g8probook_650_g8probook_650_g4_firmwarezbook_firefly_15_g8_firmwarezbook_fury_15_g8_firmwareelitedesk_800_g6_small_form_factor_pcprobook_650_g4zhan_x_13_g2probook_650_g5z6_g4_workstation_firmwarezbook_studio_g5prodesk_600_g4_small_form_factor_pc_firmwareelitedesk_800_g8_desktop_mini_pc_firmwarezbook_create_g7elitedesk_805_g8_small_form_factor_pc_firmwarezhan_66_pro_14_g2_firmwareprodesk_600_g4_microtower_pc_firmwareprobook_430_g8zbook_studio_15_g8elitedesk_800_g5_desktop_mini_pc_firmwareprodesk_400_g6_desktop_mini_pc_firmwareelitebook_x360_1040_g7elite_x2_g4prodesk_600_g6_desktop_mini_pc_firmwarezbook_15_g5probook_430_g6eliteone_800_g5_23.8-inch_all-in-one_firmwareelitebook_830_g8elitebook_x360_1030_g3proone_400_g5_23.8-inch_all-in-one_business_pc_firmwareelitedesk_805_g6_desktop_mini_pc_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmwareproone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmwareelitedesk_800_g5_desktop_mini_pcelitedesk_800_g6_small_form_factor_pc_firmwarezhan_x_13_g2_firmwareelitebook_x360_830_g8_firmwareprodesk_600_g6_desktop_mini_pczhan_66_pro_14_g4prodesk_680_g4_microtower_pc\(with_pci_slot\)probook_430_g7probook_450_g8_firmwareproone_400_g5_23.8-inch_all-in-one_business_pcprodesk_680_g4_microtower_pc\(with_pci_slot\)_firmwareelitebook_836_g5elitedesk_800_g5_small_form_factor_pc_firmwareelitedesk_800_g8_tower_pc_firmwareproone_400_g5_20-inch_all-in-one_business_pc_firmwareeliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmwareprodesk_680_g4_microtower_pc_firmwareelitebook_830_g7elitedesk_800_g6_desktop_mini_pcprodesk_400_g7_small_form_factor_pcprobook_650_g7prodesk_400_g7_microtower_pc_firmwareprodesk_600_g6_microtower_pc_firmwareelitedesk_805_g6_desktop_mini_pcprobook_x360_11_g4_education_edition_firmwareelite_x2_g8_tablet_firmwareeliteone_1000_g2_34-in_curved_all-in-one_business_pcelite_dragonfly_firmwareelitedesk_800_95w_g4_desktop_mini_pc_firmwareprobook_440_g6_firmwareelitebook_x360_830_g6_firmwareelitebook_840_g8_firmwareelitebook_830_g6_firmwareelitebook_850_g7zhan_66_pro_g3_22_all-in-one_pcelitedesk_805_g6_small_form_factor_pc_firmwareelitebook_x360_1040_g5_firmwareelitedesk_800_g6_tower_pc_firmwarezhan_66_pro_g1_firmwareprobook_x360_11_g5_education_edition_firmwarezbook_firefly_14_g8probook_430_g5probook_430_g7_firmwareelitedesk_800_g6_desktop_mini_pc_firmwareelite_x2_g4_firmwarezbook_power_g7_firmwarezhan_66_pro_13_g2_firmwarezbook_power_15_g8zbook_firefly_14_g8_firmwareelitebook_x360_830_g7_firmwareelite_dragonfly_g2_firmwareelitebook_850_g7_firmwareelitebook_x360_1030_g3_firmwareproone_600_g6_22_all-in-one_pceliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmwareelitedesk_800_g4_workstation_edition_firmwarezhan_66_pro_g3_22_all-in-one_pc_firmwareeliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmwareelitebook_840_g6_healthcare_editioneliteone_1000_g2_23.8-in_all-in-one_business_pcelitebook_840_aero_g8probook_450_g5_firmwarezhan_66_pro_15_g2_firmwarezhan_66_pro_14_g4_firmwarezbook_firefly_15_g7eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pcprodesk_480_g6_microtower_pcz8_g4_workstationzbook_14u_g5eliteone_800_g8_24_all-in-one_pc_firmwareelitedesk_805_g8_desktop_mini_pc_firmwareprodesk_400_g4_desktop_mini_pcelitebook_x360_1030_g8_firmwareprobook_640_g8zhan_66_pro_g1z4_g4_workstation_\(core-x\)mp9_g4_retail_system_firmwareelitebook_840_g7elitebook_840r_g4elitedesk_800_g4_tower_pc_firmwareelitebook_1050_g1prodesk_400_g7_small_form_factor_pc_firmwareengage_flex_mini_retail_systemprodesk_400_g5_desktop_mini_pcelitebook_850_g5z1_g8_tower_desktop_pczbook_power_g7probook_440_g7_firmwareelitedesk_880_g8_tower_pcproone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmwareelitebook_x360_1040_g6_firmwareproone_600_g5_21.5-in_all-in-one_business_pc_firmwareelitebook_x360_1030_g4_firmwareelitedesk_800_g8_small_form_factor_pczhan_66_pro_14_g3_firmwarezbook_15u_g5_firmwareelitedesk_805_g8_desktop_mini_pcprobook_x360_11_g5_education_editionprobook_440_g8_firmwareelitedesk_800_35w_g4_desktop_mini_pc_firmwareelitebook_830_g5_firmwarezbook_15_g6_firmwareelitedesk_800_g5_tower_pc_firmwareelitebook_840r_g4_firmwareprodesk_405_g8_small_form_factor_pc_firmwareprodesk_480_g7_pci_microtower_pcprodesk_480_g5_microtower_pc_firmwareelitedesk_800_65w_g4_desktop_mini_pc_firmwarezbook_create_g7_firmwareprodesk_400_g5_desktop_mini_pc_firmwareprodesk_400_g6_small_form_factor_pcBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS
CVE-2021-39300
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-8.8||HIGH
EPSS-0.06% / 18.99%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 16:38
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.

Action-Not Available
Vendor-n/aHP Inc.
Product-proone_600_g5_21.5-in_all-in-one_business_pcelitebook_840_g5zbook_studio_g5_firmwareprobook_440_g5elitebook_1050_g1_firmwareeliteone_800_g4_23.8-inch_non-touch_all-in-one_pcprobook_640_g7eliteone_800_g6_27_all-in-one_pcprobook_640_g4prodesk_680_g6_pci_microtower_pceliteone_800_g6_24_all-in-one_pc_firmwareelitedesk_805_g8_small_form_factor_pczhan_66_pro_14_g2probook_630_g8_firmwareelitebook_x360_830_g5_firmwareelitebook_x360_830_g5prodesk_600_g5_microtower_pc\(with_pci_slot\)elite_x2_1013_g3elitedesk_800_g5_small_form_factor_pcelitedesk_880_g6_tower_pcprodesk_600_g4_microtower_pc\(with_pci_slot\)_firmwareproone_440_g6_24_all-in-one_pc_firmwarezhan_66_pro_13_g2elite_dragonflyprobook_440_g5_firmwareelite_dragonfly_maxelitebook_840_g7_firmwareprodesk_405_g8_desktop_mini_pczbook_14u_g6_firmwareeliteone_800_g8_24_all-in-one_pc260_g3_desktop_mini_pcprobook_x360_11_g3_education_editionzbook_17_g6zbook_15_g6probook_650_g8_firmwareproone_400_g6_24_all-in-one_pcelitebook_850_g6_firmwareeliteone_800_g6_24_all-in-one_pcprodesk_480_g5_microtower_pcprobook_430_g8_firmwareelitedesk_800_95w_g4_desktop_mini_pczbook_fury_17_g7_firmwarezhan_66_pro_14_g3elitedesk_800_g4_workstation_editionzbook_studio_15_g8_firmwareelitedesk_880_g8_tower_pc_firmwareelitebook_836_g6prodesk_405_g8_small_form_factor_pczbook_17_g6_firmwareprobook_470_g5elitedesk_800_65w_g4_desktop_mini_pcelitebook_850_g5_firmwareprodesk_480_g7_pci_microtower_pc_firmwareelitebook_840_g8elitebook_x360_1030_g7_firmwareprobook_640_g4_firmwareelitebook_846_g5probook_x360_11_g7_education_editionelitedesk_800_g4_small_form_factor_pc_firmwarezbook_fury_15_g7z4_g4_workstation_\(xeon_w\)zhan_66_pro_15_g3eliteone_800_g5_23.8-in_healthcare_edition_all-in-oneproone_440_g4_23.8-inch_non-touch_all-in-one_business_pcelitedesk_800_g8_tower_pczbook_17_g5_firmwareelitebook_x360_1040_g8_firmwarez8_g4_workstation_firmwareelitebook_830_g5zhan_66_pro_g3_24_all-in-one_pcelitedesk_800_g6_tower_pcproone_600_g6_22_all-in-one_pc_firmwareelitebook_x360_1040_g6elitebook_840_g6_firmwareprodesk_405_g8_desktop_mini_pc_firmwarezhan_66_pro_15_g2elitedesk_800_g5_tower_pcelitebook_840_g5_firmwareeliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmwareelitebook_x360_1030_g8probook_640_g5zbook_firefly_14_g7_firmwareproone_400_g6_20_all-in-one_pc_firmwarez1_entry_tower_g6_workstationprobook_x360_11_g6_education_editionz4_g4_workstation_\(xeon_w\)_firmwareproone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmwareelite_dragonfly_g2elitebook_830_g6prodesk_400_g7_microtower_pcprodesk_600_g5_small_form_factor_pcproone_440_g5_23.8-in_all-in-one_business_pc_firmwareprobook_x360_11_g7_education_edition_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pcprobook_430_g6_firmwareprodesk_400_g6_small_form_factor_pc_firmwareeliteone_800_g5_23.8-inch_all-in-oneprodesk_600_g4_desktop_mini_pc_firmwareprobook_650_g5_firmwarez1_entry_tower_g5_workstationeliteone_800_g8_27_all-in-one_pcproone_400_g4_20-inch_non-touch_all-in-one_business_pcproone_400_g5_20-inch_all-in-one_business_pc260_g3_desktop_mini_pc_firmwarez1_entry_tower_g5_workstation_firmwarezbook_fury_17_g8elitedesk_800_g4_small_form_factor_pcprodesk_680_g4_microtower_pceliteone_800_g6_27_all-in-one_pc_firmwareelitebook_x360_830_g7elitebook_x360_1040_g8probook_450_g5probook_450_g6_firmwareelitebook_836_g6_firmwareelitedesk_880_g4_tower_pceliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmwareelitebook_x360_1030_g7prodesk_400_g6_microtower_pc_firmwareprobook_430_g5_firmwareelitebook_836_g5_firmwareelitebook_x360_1040_g7_firmwareprobook_650_g7_firmwarezbook_17_g5probook_x360_440_g1zhan_66_pro_15_g3_firmwareprodesk_400_g5_microtower_pcprobook_440_g7elitebook_x360_1040_g5elitedesk_800_35w_g4_desktop_mini_pczbook_fury_17_g8_firmwareeliteone_800_g8_27_all-in-one_pc_firmwareeliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmwareelitebook_850_g8prodesk_600_g4_microtower_pcelitebook_x360_1030_g4probook_x360_440_g1_firmwareelitebook_830_g8_firmwareprodesk_600_g4_small_form_factor_pcprodesk_600_g5_microtower_pc_firmwareelitedesk_880_g6_tower_pc_firmwarezbook_15_g5_firmwareelitebook_840_g5_healthcare_edition_firmwareprodesk_400_g6_desktop_mini_pcz1_entry_tower_g6_workstation_firmwareprobook_x360_11_g3_education_edition_firmwareprodesk_400_g5_small_form_factor_pc_firmwarezbook_firefly_14_g7elitebook_840_g6_healthcare_edition_firmwaremp9_g4_retail_systemzbook_fury_15_g8probook_640_g7_firmwareelitebook_840_g6zhan_66_pro_g3_24_all-in-one_pc_firmwareelitebook_x360_830_g8probook_470_g5_firmwareengage_flex_mini_retail_system_firmwareelitebook_850_g8_firmwareproone_600_g4_21.5-inch_touch_all-in-one_business_pcelitebook_x360_830_g6probook_450_g8prodesk_400_g5_microtower_pc_firmwarezbook_power_15_g8_firmwareelitedesk_880_g5_tower_pc_firmwareprodesk_600_g5_microtower_pc\(with_pci_slot\)_firmwareeliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmwareprobook_x360_11_g4_education_editionzbook_studio_g7prodesk_600_g4_microtower_pc\(with_pci_slot\)elitebook_840_aero_g8_firmwareproone_400_g6_20_all-in-one_pcprodesk_600_g5_microtower_pcprodesk_600_g6_small_form_factor_pcz4_g4_workstation_\(core-x\)_firmwarezbook_fury_15_g7_firmwareprobook_640_g8_firmwarezbook_14u_g5_firmwareprodesk_600_g6_small_form_factor_pc_firmwareeliteone_1000_g2_23.8-in_all-in-one_business_pc_firmwarezbook_studio_x360_g5elitedesk_800_g8_small_form_factor_pc_firmwarez1_g8_tower_desktop_pc_firmwarezbook_15u_g6zbook_studio_x360_g5_firmwareeliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pceliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pcelitedesk_800_g8_desktop_mini_pcproone_400_g4_23.8-inch_non-touch_all-in-one_business_pcelitedesk_800_g4_tower_pcelitedesk_880_g5_tower_pczbook_firefly_15_g8elite_dragonfly_max_firmwarezbook_studio_g7_firmwareproone_440_g5_23.8-in_all-in-one_business_pcprobook_x360_11_g6_education_edition_firmwarezbook_firefly_15_g7_firmwarez6_g4_workstationproone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmwareeliteone_800_g4_23.8-inch_touch_all-in-one_pcelitebook_846_g5_firmwareprodesk_600_g5_small_form_factor_pc_firmwareelite_x2_g8_tabletzbook_15u_g5prodesk_600_g6_microtower_pczbook_fury_17_g7elitebook_840_g5_healthcare_editionprodesk_480_g6_microtower_pc_firmwareproone_440_g6_24_all-in-one_pceliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmwareprodesk_400_g4_desktop_mini_pc_firmwareelite_x2_1013_g3_firmwareelitedesk_805_g6_small_form_factor_pcprodesk_400_g5_small_form_factor_pcelitebook_830_g7_firmwarezbook_14u_g6eliteone_1000_g2_23.8-in_touch_all-in-one_business_pcelitebook_850_g6probook_450_g7zbook_15u_g6_firmwareproone_400_g6_24_all-in-one_pc_firmwareelitedesk_880_g4_tower_pc_firmwareprodesk_680_g6_pci_microtower_pc_firmwareprodesk_400_g6_microtower_pcprobook_440_g8prodesk_600_g4_desktop_mini_pcprobook_450_g7_firmwareprobook_640_g5_firmwareprobook_440_g6probook_450_g6prodesk_600_g5_desktop_mini_pc_firmwareprodesk_600_g5_desktop_mini_pcprobook_630_g8probook_650_g8probook_650_g4_firmwarezbook_firefly_15_g8_firmwarezbook_fury_15_g8_firmwareelitedesk_800_g6_small_form_factor_pcprobook_650_g4zhan_x_13_g2probook_650_g5z6_g4_workstation_firmwarezbook_studio_g5prodesk_600_g4_small_form_factor_pc_firmwareelitedesk_800_g8_desktop_mini_pc_firmwarezbook_create_g7elitedesk_805_g8_small_form_factor_pc_firmwarezhan_66_pro_14_g2_firmwareprodesk_600_g4_microtower_pc_firmwareprobook_430_g8zbook_studio_15_g8elitedesk_800_g5_desktop_mini_pc_firmwareprodesk_400_g6_desktop_mini_pc_firmwareelitebook_x360_1040_g7elite_x2_g4prodesk_600_g6_desktop_mini_pc_firmwarezbook_15_g5probook_430_g6eliteone_800_g5_23.8-inch_all-in-one_firmwareelitebook_830_g8elitebook_x360_1030_g3proone_400_g5_23.8-inch_all-in-one_business_pc_firmwareelitedesk_805_g6_desktop_mini_pc_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmwareproone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmwareelitedesk_800_g5_desktop_mini_pcelitedesk_800_g6_small_form_factor_pc_firmwarezhan_x_13_g2_firmwareelitebook_x360_830_g8_firmwareprodesk_600_g6_desktop_mini_pczhan_66_pro_14_g4prodesk_680_g4_microtower_pc\(with_pci_slot\)probook_430_g7probook_450_g8_firmwareproone_400_g5_23.8-inch_all-in-one_business_pcprodesk_680_g4_microtower_pc\(with_pci_slot\)_firmwareelitebook_836_g5elitedesk_800_g5_small_form_factor_pc_firmwareelitedesk_800_g8_tower_pc_firmwareproone_400_g5_20-inch_all-in-one_business_pc_firmwareeliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmwareprodesk_680_g4_microtower_pc_firmwareelitebook_830_g7elitedesk_800_g6_desktop_mini_pcprodesk_400_g7_small_form_factor_pcprobook_650_g7prodesk_400_g7_microtower_pc_firmwareprodesk_600_g6_microtower_pc_firmwareelitedesk_805_g6_desktop_mini_pcprobook_x360_11_g4_education_edition_firmwareelite_x2_g8_tablet_firmwareeliteone_1000_g2_34-in_curved_all-in-one_business_pcelite_dragonfly_firmwareelitedesk_800_95w_g4_desktop_mini_pc_firmwareprobook_440_g6_firmwareelitebook_x360_830_g6_firmwareelitebook_840_g8_firmwareelitebook_830_g6_firmwareelitebook_850_g7zhan_66_pro_g3_22_all-in-one_pcelitedesk_805_g6_small_form_factor_pc_firmwareelitebook_x360_1040_g5_firmwareelitedesk_800_g6_tower_pc_firmwarezhan_66_pro_g1_firmwareprobook_x360_11_g5_education_edition_firmwarezbook_firefly_14_g8probook_430_g5probook_430_g7_firmwareelitedesk_800_g6_desktop_mini_pc_firmwareelite_x2_g4_firmwarezbook_power_g7_firmwarezhan_66_pro_13_g2_firmwarezbook_power_15_g8zbook_firefly_14_g8_firmwareelitebook_x360_830_g7_firmwareelite_dragonfly_g2_firmwareelitebook_850_g7_firmwareelitebook_x360_1030_g3_firmwareproone_600_g6_22_all-in-one_pceliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmwareelitedesk_800_g4_workstation_edition_firmwarezhan_66_pro_g3_22_all-in-one_pc_firmwareeliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmwareelitebook_840_g6_healthcare_editioneliteone_1000_g2_23.8-in_all-in-one_business_pcelitebook_840_aero_g8probook_450_g5_firmwarezhan_66_pro_15_g2_firmwarezhan_66_pro_14_g4_firmwarezbook_firefly_15_g7eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pcprodesk_480_g6_microtower_pcz8_g4_workstationzbook_14u_g5eliteone_800_g8_24_all-in-one_pc_firmwareelitedesk_805_g8_desktop_mini_pc_firmwareprodesk_400_g4_desktop_mini_pcelitebook_x360_1030_g8_firmwareprobook_640_g8zhan_66_pro_g1z4_g4_workstation_\(core-x\)mp9_g4_retail_system_firmwareelitebook_840_g7elitebook_840r_g4elitedesk_800_g4_tower_pc_firmwareelitebook_1050_g1prodesk_400_g7_small_form_factor_pc_firmwareengage_flex_mini_retail_systemprodesk_400_g5_desktop_mini_pcelitebook_850_g5z1_g8_tower_desktop_pczbook_power_g7probook_440_g7_firmwareelitedesk_880_g8_tower_pcproone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmwareelitebook_x360_1040_g6_firmwareproone_600_g5_21.5-in_all-in-one_business_pc_firmwareelitebook_x360_1030_g4_firmwareelitedesk_800_g8_small_form_factor_pczhan_66_pro_14_g3_firmwarezbook_15u_g5_firmwareelitedesk_805_g8_desktop_mini_pcprobook_x360_11_g5_education_editionprobook_440_g8_firmwareelitedesk_800_35w_g4_desktop_mini_pc_firmwareelitebook_830_g5_firmwarezbook_15_g6_firmwareelitedesk_800_g5_tower_pc_firmwareelitebook_840r_g4_firmwareprodesk_405_g8_small_form_factor_pc_firmwareprodesk_480_g7_pci_microtower_pcprodesk_480_g5_microtower_pc_firmwareelitedesk_800_65w_g4_desktop_mini_pc_firmwarezbook_create_g7_firmwareprodesk_400_g5_desktop_mini_pc_firmwareprodesk_400_g6_small_form_factor_pcBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS
CVE-2008-0587
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.13%
||
7 Day CHG~0.00%
Published-05 Feb, 2008 | 02:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the uspchrp program in devices.chrp.base.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-38280
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.03% / 6.12%
||
7 Day CHG~0.00%
Published-16 Oct, 2023 | 01:03
Updated-16 Sep, 2024 | 19:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Power HMC privilege escalation

IBM HMC (Hardware Management Console) 10.1.1010.0 and 10.2.1030.0 could allow a local user to escalate their privileges to root access on a restricted shell. IBM X-Force ID: 260740.

Action-Not Available
Vendor-IBM Corporation
Product-hardware_management_consolePower HMC
CWE ID-CWE-269
Improper Privilege Management
CVE-2017-16995
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.8||HIGH
EPSS-82.85% / 99.20%
||
7 Day CHG~0.00%
Published-22 Dec, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.Linux Kernel Organization, Inc
Product-linux_kerneldebian_linuxubuntu_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-39297
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-8.8||HIGH
EPSS-0.57% / 67.51%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 16:38
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.

Action-Not Available
Vendor-n/aHP Inc.
Product-proone_600_g5_21.5-in_all-in-one_business_pcelitebook_840_g5zbook_studio_g5_firmwareprobook_440_g5elitebook_1050_g1_firmwareeliteone_800_g4_23.8-inch_non-touch_all-in-one_pcprobook_640_g7eliteone_800_g6_27_all-in-one_pcprobook_640_g4prodesk_680_g6_pci_microtower_pceliteone_800_g6_24_all-in-one_pc_firmwareelitedesk_805_g8_small_form_factor_pczhan_66_pro_14_g2probook_630_g8_firmwareelitebook_x360_830_g5_firmwareelitebook_x360_830_g5prodesk_600_g5_microtower_pc\(with_pci_slot\)elite_x2_1013_g3elitedesk_800_g5_small_form_factor_pcelitedesk_880_g6_tower_pcprodesk_600_g4_microtower_pc\(with_pci_slot\)_firmwareproone_440_g6_24_all-in-one_pc_firmwarezhan_66_pro_13_g2elite_dragonflyprobook_440_g5_firmwareelite_dragonfly_maxelitebook_840_g7_firmwareprodesk_405_g8_desktop_mini_pczbook_14u_g6_firmwareeliteone_800_g8_24_all-in-one_pc260_g3_desktop_mini_pcprobook_x360_11_g3_education_editionzbook_17_g6zbook_15_g6probook_650_g8_firmwareproone_400_g6_24_all-in-one_pcelitebook_850_g6_firmwareeliteone_800_g6_24_all-in-one_pcprodesk_480_g5_microtower_pcprobook_430_g8_firmwareelitedesk_800_95w_g4_desktop_mini_pczbook_fury_17_g7_firmwarezhan_66_pro_14_g3elitedesk_800_g4_workstation_editionzbook_studio_15_g8_firmwareelitedesk_880_g8_tower_pc_firmwareprodesk_405_g8_small_form_factor_pcelitebook_836_g6zbook_17_g6_firmwareprobook_470_g5elitedesk_800_65w_g4_desktop_mini_pcelitebook_850_g5_firmwareprodesk_480_g7_pci_microtower_pc_firmwareelitebook_840_g8elitebook_x360_1030_g7_firmwareprobook_640_g4_firmwareelitebook_846_g5probook_x360_11_g7_education_editionelitedesk_800_g4_small_form_factor_pc_firmwarezbook_fury_15_g7z4_g4_workstation_\(xeon_w\)zhan_66_pro_15_g3eliteone_800_g5_23.8-in_healthcare_edition_all-in-oneproone_440_g4_23.8-inch_non-touch_all-in-one_business_pcelitedesk_800_g8_tower_pczbook_17_g5_firmwareelitebook_x360_1040_g8_firmwarez8_g4_workstation_firmwareelitebook_830_g5zhan_66_pro_g3_24_all-in-one_pcelitedesk_800_g6_tower_pcproone_600_g6_22_all-in-one_pc_firmwareelitebook_x360_1040_g6elitebook_840_g6_firmwareprodesk_405_g8_desktop_mini_pc_firmwarezhan_66_pro_15_g2elitedesk_800_g5_tower_pcelitebook_840_g5_firmwareeliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmwareelitebook_x360_1030_g8probook_640_g5zbook_firefly_14_g7_firmwareproone_400_g6_20_all-in-one_pc_firmwarez1_entry_tower_g6_workstationprobook_x360_11_g6_education_editionz4_g4_workstation_\(xeon_w\)_firmwareproone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmwareelite_dragonfly_g2elitebook_830_g6prodesk_400_g7_microtower_pcprodesk_600_g5_small_form_factor_pcproone_440_g5_23.8-in_all-in-one_business_pc_firmwareprobook_x360_11_g7_education_edition_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pcprobook_430_g6_firmwareprodesk_400_g6_small_form_factor_pc_firmwareeliteone_800_g5_23.8-inch_all-in-oneprodesk_600_g4_desktop_mini_pc_firmwareprobook_650_g5_firmwarez1_entry_tower_g5_workstationeliteone_800_g8_27_all-in-one_pcproone_400_g4_20-inch_non-touch_all-in-one_business_pcproone_400_g5_20-inch_all-in-one_business_pc260_g3_desktop_mini_pc_firmwarez1_entry_tower_g5_workstation_firmwarezbook_fury_17_g8elitedesk_800_g4_small_form_factor_pcprodesk_680_g4_microtower_pceliteone_800_g6_27_all-in-one_pc_firmwareelitebook_x360_830_g7elitebook_x360_1040_g8probook_450_g5probook_450_g6_firmwareelitebook_836_g6_firmwareelitedesk_880_g4_tower_pceliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmwareelitebook_x360_1030_g7prodesk_400_g6_microtower_pc_firmwareprobook_430_g5_firmwareelitebook_836_g5_firmwareelitebook_x360_1040_g7_firmwareprobook_650_g7_firmwarezbook_17_g5probook_x360_440_g1zhan_66_pro_15_g3_firmwareprodesk_400_g5_microtower_pcprobook_440_g7elitebook_x360_1040_g5elitedesk_800_35w_g4_desktop_mini_pczbook_fury_17_g8_firmwareeliteone_800_g8_27_all-in-one_pc_firmwareeliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmwareelitebook_850_g8prodesk_600_g4_microtower_pcelitebook_x360_1030_g4probook_x360_440_g1_firmwareelitebook_830_g8_firmwareprodesk_600_g4_small_form_factor_pcprodesk_600_g5_microtower_pc_firmwareelitedesk_880_g6_tower_pc_firmwarezbook_15_g5_firmwareelitebook_840_g5_healthcare_edition_firmwareprodesk_400_g6_desktop_mini_pcz1_entry_tower_g6_workstation_firmwareprobook_x360_11_g3_education_edition_firmwareprodesk_400_g5_small_form_factor_pc_firmwarezbook_firefly_14_g7elitebook_840_g6_healthcare_edition_firmwaremp9_g4_retail_systemzbook_fury_15_g8probook_640_g7_firmwarezhan_66_pro_g3_24_all-in-one_pc_firmwareelitebook_840_g6elitebook_x360_830_g8probook_470_g5_firmwareengage_flex_mini_retail_system_firmwareelitebook_850_g8_firmwareproone_600_g4_21.5-inch_touch_all-in-one_business_pcelitebook_x360_830_g6probook_450_g8prodesk_400_g5_microtower_pc_firmwarezbook_power_15_g8_firmwareelitedesk_880_g5_tower_pc_firmwareprodesk_600_g5_microtower_pc\(with_pci_slot\)_firmwareeliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmwareprobook_x360_11_g4_education_editionzbook_studio_g7prodesk_600_g4_microtower_pc\(with_pci_slot\)elitebook_840_aero_g8_firmwareproone_400_g6_20_all-in-one_pcprodesk_600_g5_microtower_pcprodesk_600_g6_small_form_factor_pcz4_g4_workstation_\(core-x\)_firmwarezbook_fury_15_g7_firmwareprobook_640_g8_firmwarezbook_14u_g5_firmwareprodesk_600_g6_small_form_factor_pc_firmwareeliteone_1000_g2_23.8-in_all-in-one_business_pc_firmwarezbook_studio_x360_g5elitedesk_800_g8_small_form_factor_pc_firmwarez1_g8_tower_desktop_pc_firmwarezbook_15u_g6zbook_studio_x360_g5_firmwareeliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pceliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pcelitedesk_800_g8_desktop_mini_pcproone_400_g4_23.8-inch_non-touch_all-in-one_business_pcelitedesk_800_g4_tower_pcelitedesk_880_g5_tower_pczbook_firefly_15_g8elite_dragonfly_max_firmwarezbook_studio_g7_firmwareproone_440_g5_23.8-in_all-in-one_business_pcprobook_x360_11_g6_education_edition_firmwarezbook_firefly_15_g7_firmwarez6_g4_workstationproone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmwareeliteone_800_g4_23.8-inch_touch_all-in-one_pcelitebook_846_g5_firmwareprodesk_600_g5_small_form_factor_pc_firmwareelite_x2_g8_tabletzbook_15u_g5prodesk_600_g6_microtower_pczbook_fury_17_g7prodesk_480_g6_microtower_pc_firmwareelitebook_840_g5_healthcare_editionproone_440_g6_24_all-in-one_pceliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmwareprodesk_400_g4_desktop_mini_pc_firmwareelite_x2_1013_g3_firmwareelitedesk_805_g6_small_form_factor_pcprodesk_400_g5_small_form_factor_pcelitebook_830_g7_firmwarezbook_14u_g6eliteone_1000_g2_23.8-in_touch_all-in-one_business_pcelitebook_850_g6probook_450_g7proone_400_g6_24_all-in-one_pc_firmwarezbook_15u_g6_firmwareelitedesk_880_g4_tower_pc_firmwareprodesk_680_g6_pci_microtower_pc_firmwareprodesk_400_g6_microtower_pcprodesk_600_g4_desktop_mini_pcprobook_440_g8probook_450_g7_firmwareprobook_640_g5_firmwareprobook_440_g6prodesk_600_g5_desktop_mini_pc_firmwareprobook_450_g6prodesk_600_g5_desktop_mini_pcprobook_630_g8probook_650_g8probook_650_g4_firmwarezbook_firefly_15_g8_firmwarezbook_fury_15_g8_firmwareelitedesk_800_g6_small_form_factor_pcprobook_650_g4zhan_x_13_g2probook_650_g5z6_g4_workstation_firmwarezbook_studio_g5prodesk_600_g4_small_form_factor_pc_firmwareelitedesk_800_g8_desktop_mini_pc_firmwarezbook_create_g7elitedesk_805_g8_small_form_factor_pc_firmwarezhan_66_pro_14_g2_firmwareprodesk_600_g4_microtower_pc_firmwareprobook_430_g8zbook_studio_15_g8elitedesk_800_g5_desktop_mini_pc_firmwareprodesk_400_g6_desktop_mini_pc_firmwareelitebook_x360_1040_g7elite_x2_g4prodesk_600_g6_desktop_mini_pc_firmwarezbook_15_g5probook_430_g6eliteone_800_g5_23.8-inch_all-in-one_firmwareelitebook_830_g8elitebook_x360_1030_g3proone_400_g5_23.8-inch_all-in-one_business_pc_firmwareelitedesk_805_g6_desktop_mini_pc_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmwareproone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmwareelitedesk_800_g5_desktop_mini_pcelitedesk_800_g6_small_form_factor_pc_firmwarezhan_x_13_g2_firmwareprodesk_600_g6_desktop_mini_pcelitebook_x360_830_g8_firmwarezhan_66_pro_14_g4prodesk_680_g4_microtower_pc\(with_pci_slot\)probook_430_g7proone_400_g5_23.8-inch_all-in-one_business_pcprobook_450_g8_firmwareprodesk_680_g4_microtower_pc\(with_pci_slot\)_firmwareelitedesk_800_g5_small_form_factor_pc_firmwareelitebook_836_g5elitedesk_800_g8_tower_pc_firmwareproone_400_g5_20-inch_all-in-one_business_pc_firmwareeliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmwareprodesk_680_g4_microtower_pc_firmwareelitebook_830_g7elitedesk_800_g6_desktop_mini_pcprodesk_400_g7_small_form_factor_pcprobook_650_g7prodesk_400_g7_microtower_pc_firmwareprodesk_600_g6_microtower_pc_firmwareelitedesk_805_g6_desktop_mini_pcprobook_x360_11_g4_education_edition_firmwareelite_x2_g8_tablet_firmwareeliteone_1000_g2_34-in_curved_all-in-one_business_pcelite_dragonfly_firmwareelitedesk_800_95w_g4_desktop_mini_pc_firmwareprobook_440_g6_firmwareelitebook_x360_830_g6_firmwareelitebook_840_g8_firmwareelitebook_830_g6_firmwareelitebook_850_g7zhan_66_pro_g3_22_all-in-one_pcelitedesk_805_g6_small_form_factor_pc_firmwareelitebook_x360_1040_g5_firmwareelitedesk_800_g6_tower_pc_firmwarezhan_66_pro_g1_firmwareprobook_x360_11_g5_education_edition_firmwarezbook_firefly_14_g8probook_430_g5probook_430_g7_firmwareelitedesk_800_g6_desktop_mini_pc_firmwareelite_x2_g4_firmwarezbook_power_g7_firmwarezhan_66_pro_13_g2_firmwarezbook_power_15_g8zbook_firefly_14_g8_firmwareelitebook_x360_830_g7_firmwareelite_dragonfly_g2_firmwareelitebook_850_g7_firmwareelitebook_x360_1030_g3_firmwareproone_600_g6_22_all-in-one_pceliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmwareelitedesk_800_g4_workstation_edition_firmwarezhan_66_pro_g3_22_all-in-one_pc_firmwareeliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmwareelitebook_840_g6_healthcare_editioneliteone_1000_g2_23.8-in_all-in-one_business_pcelitebook_840_aero_g8probook_450_g5_firmwarezhan_66_pro_15_g2_firmwarezhan_66_pro_14_g4_firmwarezbook_firefly_15_g7eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pcprodesk_480_g6_microtower_pcz8_g4_workstationzbook_14u_g5eliteone_800_g8_24_all-in-one_pc_firmwareelitedesk_805_g8_desktop_mini_pc_firmwareprodesk_400_g4_desktop_mini_pcelitebook_x360_1030_g8_firmwareprobook_640_g8zhan_66_pro_g1z4_g4_workstation_\(core-x\)mp9_g4_retail_system_firmwareelitebook_840_g7elitebook_840r_g4elitedesk_800_g4_tower_pc_firmwareelitebook_1050_g1prodesk_400_g7_small_form_factor_pc_firmwareengage_flex_mini_retail_systemprodesk_400_g5_desktop_mini_pcelitebook_850_g5z1_g8_tower_desktop_pczbook_power_g7probook_440_g7_firmwareelitedesk_880_g8_tower_pcproone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmwareelitebook_x360_1040_g6_firmwareproone_600_g5_21.5-in_all-in-one_business_pc_firmwareelitebook_x360_1030_g4_firmwareelitedesk_800_g8_small_form_factor_pczhan_66_pro_14_g3_firmwarezbook_15u_g5_firmwareelitedesk_805_g8_desktop_mini_pcprobook_x360_11_g5_education_editionelitedesk_800_35w_g4_desktop_mini_pc_firmwareprobook_440_g8_firmwareelitebook_830_g5_firmwarezbook_15_g6_firmwareelitedesk_800_g5_tower_pc_firmwareelitebook_840r_g4_firmwareprodesk_405_g8_small_form_factor_pc_firmwareprodesk_480_g7_pci_microtower_pcprodesk_480_g5_microtower_pc_firmwareelitedesk_800_65w_g4_desktop_mini_pc_firmwarezbook_create_g7_firmwareprodesk_400_g5_desktop_mini_pc_firmwareprodesk_400_g6_small_form_factor_pcBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS
CVE-2008-0162
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 15.59%
||
7 Day CHG~0.00%
Published-22 Feb, 2008 | 21:00
Updated-07 Aug, 2024 | 07:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges.

Action-Not Available
Vendor-sam_lantingan/aDebian GNU/Linux
Product-splitvtdebian_linuxn/a
CWE ID-CWE-264
Not Available
CVE-2011-3123
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.04% / 8.92%
||
7 Day CHG~0.00%
Published-10 Aug, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1 and other products, uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncIBM Corporation
Product-infosphere_information_serverinfosphere_datastagelinux_kerneln/a
CVE-2017-16996
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.8||HIGH
EPSS-0.12% / 32.48%
||
7 Day CHG~0.00%
Published-22 Dec, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging register truncation mishandling.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-linux_kerneldebian_linuxLinux kernel through 4.14.8
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-3124
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.31%
||
7 Day CHG~0.00%
Published-10 Aug, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1 and other products, assigns incorrect ownership to unspecified files, which allows local users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncIBM Corporation
Product-infosphere_information_serverinfosphere_datastagelinux_kerneln/a
CVE-2002-0631
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.15% / 36.39%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2017-16527
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.6||MEDIUM
EPSS-0.12% / 31.99%
||
7 Day CHG~0.00%
Published-04 Nov, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.Linux Kernel Organization, Inc
Product-linux_kerneldebian_linuxubuntu_linuxn/a
CWE ID-CWE-416
Use After Free
CVE-2023-35897
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.02% / 3.79%
||
7 Day CHG~0.00%
Published-06 Oct, 2023 | 13:06
Updated-19 Sep, 2024 | 16:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Spectrum Protect code execution

IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246.

Action-Not Available
Vendor-IBM Corporation
Product-storage_protectstorage_protect_clientStorage Protect ClientStorage Protect for Virtual Environmentsstorage_protectstorage_protect_client
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2006-5009
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 13.72%
||
7 Day CHG~0.00%
Published-27 Sep, 2006 | 01:00
Updated-07 Aug, 2024 | 19:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in xlock in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands and overwrite arbitrary files via unspecified vectors, possibly involving a buffer overflow.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2008-0588
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 15.27%
||
7 Day CHG~0.00%
Published-05 Feb, 2008 | 02:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the utape program in devices.scsi.tape.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-264
Not Available
CVE-2008-0706
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.18%
||
7 Day CHG~0.00%
Published-31 Mar, 2008 | 23:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the BIOS F.26 and earlier for the HP Compaq Notebook PC allows physically proximate attackers to obtain privileged access via unspecified vectors, possibly involving an authentication bypass of the power-on password.

Action-Not Available
Vendor-compaqn/aHP Inc.
Product-presario_c700g7000hpqflash_for_hp_notebook_system_biospresario_a900n/a
CWE ID-CWE-287
Improper Authentication
CVE-2017-16532
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.6||MEDIUM
EPSS-0.08% / 25.39%
||
7 Day CHG~0.00%
Published-04 Nov, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.Linux Kernel Organization, Inc
Product-linux_kerneldebian_linuxubuntu_linuxn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-16525
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.6||MEDIUM
EPSS-0.10% / 28.97%
||
7 Day CHG~0.00%
Published-04 Nov, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.Linux Kernel Organization, Inc
Product-linux_kerneldebian_linuxubuntu_linuxn/a
CWE ID-CWE-416
Use After Free
CVE-2008-0302
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 23.53%
||
7 Day CHG~0.00%
Published-17 Jan, 2008 | 01:00
Updated-07 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory.

Action-Not Available
Vendor-n/aDebian GNU/Linux
Product-apt-listchangesn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2007-6601
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.34% / 56.12%
||
7 Day CHG~0.00%
Published-09 Jan, 2008 | 21:00
Updated-07 Aug, 2024 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278.

Action-Not Available
Vendor-n/aThe PostgreSQL Global Development GroupFedora ProjectDebian GNU/Linux
Product-fedoradebian_linuxpostgresqln/a
CWE ID-CWE-287
Improper Authentication
CVE-2008-0586
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.19%
||
7 Day CHG~0.00%
Published-05 Feb, 2008 | 02:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) lchangevg, (2) ldeletepv, (3) putlvodm, (4) lvaryoffvg, and (5) lvgenminor programs in bos.rte.lvm; and the (6) tellclvmd program in bos.clvm.enh.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-0697
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.31%
||
7 Day CHG~0.00%
Published-12 Feb, 2008 | 00:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in DB2PD in IBM DB2 UDB before 8.2 Fixpak 16 allows local users to gain root privileges via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-db2n/a
CWE ID-CWE-264
Not Available
CVE-2007-6717
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 19.04%
||
7 Day CHG~0.00%
Published-10 Sep, 2008 | 15:00
Updated-07 Aug, 2024 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in tftp in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-0584
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.15%
||
7 Day CHG~0.00%
Published-05 Feb, 2008 | 02:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in bos.rte.control in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) swap, (2) swapoff, and (3) swapon programs.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-264
Not Available
CVE-2002-0089
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 23.60%
||
7 Day CHG~0.00%
Published-07 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarissunosn/a
CVE-2008-0368
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.00%
||
7 Day CHG~0.00%
Published-18 Jan, 2008 | 23:00
Updated-07 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

onedcu in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument.

Action-Not Available
Vendor-n/aIBM Corporation
Product-informix_dynamic_servern/a
CVE-2007-6046
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.31%
||
7 Day CHG~0.00%
Published-20 Nov, 2007 | 20:00
Updated-07 Aug, 2024 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in unspecified setuid programs in IBM DB2 UDB 9.1 before Fixpak 4 allows local users to have an unknown impact.

Action-Not Available
Vendor-unixn/aIBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-windowsunixlinux_kerneldb2_universal_databasen/a
CVE-2007-5730
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.14% / 34.61%
||
7 Day CHG~0.00%
Published-30 Oct, 2007 | 22:00
Updated-07 Aug, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the individual net socket listen vulnerability.

Action-Not Available
Vendor-n/aDebian GNU/LinuxQEMUXen Project
Product-xendebian_linuxqemun/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2007-5946
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.04% / 10.14%
||
7 Day CHG~0.00%
Published-14 Nov, 2007 | 01:00
Updated-07 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 platform allows local users to obtain unspecified access.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2006-1246
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 19.89%
||
7 Day CHG~0.00%
Published-17 Mar, 2006 | 11:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 allows local users to execute arbitrary commands when mklvcopy calls external commands, possibly due to an untrusted search path vulnerability.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2007-5764
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.93%
||
7 Day CHG~0.00%
Published-25 Jan, 2008 | 00:00
Updated-07 Aug, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long command line option.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-6049
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 20.21%
||
7 Day CHG~0.00%
Published-20 Nov, 2007 | 20:00
Updated-07 Aug, 2024 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, involving a call to dlopen when the effective uid is root.

Action-Not Available
Vendor-unixn/aIBM CorporationLinux Kernel Organization, Inc
Product-db2_universal_databaseunixlinux_kerneln/a
CWE ID-CWE-264
Not Available
CVE-2007-6211
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.09% / 25.73%
||
7 Day CHG~0.00%
Published-04 Dec, 2007 | 01:00
Updated-07 Aug, 2024 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Send ICMP Nasty Garbage (sing) on Debian GNU/Linux allows local users to append to arbitrary files and gain privileges via the -L (output log file) option. NOTE: this issue is only a vulnerability in limited environments, since sing is not installed setuid, and the administrator would need to override a non-setuid default during installation.

Action-Not Available
Vendor-singn/aDebian GNU/Linux
Product-singdebian_linuxn/a
CWE ID-CWE-264
Not Available
  • Previous
  • 1
  • 2
  • ...
  • 6
  • 7
  • 8
  • ...
  • 25
  • 26
  • Next
Details not found