Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2015-0530

Summary
Assigner-dell
Assigner Org ID-c550e75a-17ff-4988-97f0-544cde3820fe
Published At-17 Apr, 2015 | 01:00
Updated At-06 Aug, 2024 | 04:10
Rejected At-
Credits

Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:dell
Assigner Org ID:c550e75a-17ff-4988-97f0-544cde3820fe
Published At:17 Apr, 2015 | 01:00
Updated At:06 Aug, 2024 | 04:10
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://seclists.org/bugtraq/2015/Apr/103
mailing-list
x_refsource_BUGTRAQ
http://www.securitytracker.com/id/1032147
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://seclists.org/bugtraq/2015/Apr/103
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.securitytracker.com/id/1032147
Resource:
vdb-entry
x_refsource_SECTRACK
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://seclists.org/bugtraq/2015/Apr/103
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.securitytracker.com/id/1032147
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://seclists.org/bugtraq/2015/Apr/103
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.securitytracker.com/id/1032147
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security_alert@emc.com
Published At:17 Apr, 2015 | 01:59
Updated At:12 Apr, 2025 | 10:46

Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
ELAN Microelectronics Corporation
emc
>>networker>>Versions up to 8.0.4.3(inclusive)
cpe:2.3:a:emc:networker:*:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.0.0
cpe:2.3:a:emc:networker:8.1.0.0:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.0.1
cpe:2.3:a:emc:networker:8.1.0.1:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.0.2
cpe:2.3:a:emc:networker:8.1.0.2:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.0.3
cpe:2.3:a:emc:networker:8.1.0.3:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.0.4
cpe:2.3:a:emc:networker:8.1.0.4:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.0.5
cpe:2.3:a:emc:networker:8.1.0.5:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.1.0
cpe:2.3:a:emc:networker:8.1.1.0:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.1.1
cpe:2.3:a:emc:networker:8.1.1.1:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.1.2
cpe:2.3:a:emc:networker:8.1.1.2:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.1.3
cpe:2.3:a:emc:networker:8.1.1.3:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.1.4
cpe:2.3:a:emc:networker:8.1.1.4:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.1.5
cpe:2.3:a:emc:networker:8.1.1.5:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.1.6
cpe:2.3:a:emc:networker:8.1.1.6:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.1.7
cpe:2.3:a:emc:networker:8.1.1.7:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.1.8
cpe:2.3:a:emc:networker:8.1.1.8:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.1.9
cpe:2.3:a:emc:networker:8.1.1.9:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.2.0
cpe:2.3:a:emc:networker:8.1.2.0:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.2.1
cpe:2.3:a:emc:networker:8.1.2.1:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.2.2
cpe:2.3:a:emc:networker:8.1.2.2:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.2.3
cpe:2.3:a:emc:networker:8.1.2.3:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.2.4
cpe:2.3:a:emc:networker:8.1.2.4:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.1.2.5
cpe:2.3:a:emc:networker:8.1.2.5:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.2.0.0
cpe:2.3:a:emc:networker:8.2.0.0:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.2.0.1
cpe:2.3:a:emc:networker:8.2.0.1:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.2.0.2
cpe:2.3:a:emc:networker:8.2.0.2:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.2.0.3
cpe:2.3:a:emc:networker:8.2.0.3:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.2.0.4
cpe:2.3:a:emc:networker:8.2.0.4:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.2.0.5
cpe:2.3:a:emc:networker:8.2.0.5:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.2.0.6
cpe:2.3:a:emc:networker:8.2.0.6:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.2.1.0
cpe:2.3:a:emc:networker:8.2.1.0:*:*:*:*:*:*:*
ELAN Microelectronics Corporation
emc
>>networker>>8.2.1.1
cpe:2.3:a:emc:networker:8.2.1.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://seclists.org/bugtraq/2015/Apr/103security_alert@emc.com
N/A
http://www.securitytracker.com/id/1032147security_alert@emc.com
N/A
http://seclists.org/bugtraq/2015/Apr/103af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1032147af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://seclists.org/bugtraq/2015/Apr/103
Source: security_alert@emc.com
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1032147
Source: security_alert@emc.com
Resource: N/A
Hyperlink: http://seclists.org/bugtraq/2015/Apr/103
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1032147
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

518Records found
CVE-2016-0909
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.4||HIGH
EPSS-0.05% / 15.98%
||
7 Day CHG~0.00%
Published-15 Nov, 2016 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-avamar_server_virtual_editionavamar_data_storeEMC Avamar Data Store (ADS) versions 7.3.0 and older, Avamar Virtual Edition (AVE) versions 7.3.0 and older
CWE ID-CWE-20
Improper Input Validation
CVE-2016-0905
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.21% / 43.50%
||
7 Day CHG~0.00%
Published-21 Sep, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-avamar_servern/a
CVE-2016-0920
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.55%
||
7 Day CHG~0.00%
Published-21 Sep, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root access via a crafted parameter to a command that is available in the sudo configuration.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-avamar_servern/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2015-4526
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.04% / 12.13%
||
7 Day CHG~0.00%
Published-10 Jul, 2015 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EMC RecoverPoint for Virtual Machines (VMs) 4.2 allows local users to obtain root-shell access by bypassing the Installation Manager Boxmgmt CLI interface.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-recoverpoint_for_virtual_machinesn/a
CWE ID-CWE-284
Improper Access Control
CVE-2015-0528
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.56%
||
7 Day CHG~0.00%
Published-29 Mar, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RPC daemon in EMC Isilon OneFS 6.5.x and 7.0.x before 7.0.2.13, 7.1.0 before 7.1.0.6, 7.1.1 before 7.1.1.2, and 7.2.0 before 7.2.0.1 allows local users to gain privileges by leveraging an ability to modify system files.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-isilon_onefsn/a
CVE-2018-1206
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.77%
||
7 Day CHG~0.00%
Published-12 Mar, 2018 | 17:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Data Protection Advisor versions prior to 6.3 Patch 159 and Dell EMC Data Protection Advisor versions prior to 6.4 Patch 110 contain a hardcoded database account with administrative privileges. The affected account is "apollosuperuser." An attacker with local access to the server where DPA Datastore Service is installed and knowledge of the password may potentially gain unauthorized access to the database. Note: The Datastore Service database cannot be accessed remotely using this account.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-data_protection_advisorDell EMC Data Protection Advisor versions prior to 6.3 Patch 159 and Dell EMC Data Protection Advisor versions prior to 6.4 Patch 110
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-1182
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.58%
||
7 Day CHG~0.00%
Published-08 Mar, 2018 | 15:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels (hardware appliance and software bundle deployments only); RSA Via Lifecycle and Governance version 7.0, all patch levels (hardware appliance and software bundle deployments only); RSA Identity Management & Governance (RSA IMG) versions 6.9.0, 6.9.1, all patch levels (hardware appliance and software bundle deployments only). It allows certain OS level users to execute arbitrary scripts with root level privileges.

Action-Not Available
Vendor-n/aRSA Security LLCELAN Microelectronics Corporation
Product-rsa_identity_governance_and_lifecyclersa_identity_management_and_governancersa_via_lifecycle_and_governanceEMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels (hardware appliance and software bundle deployments only); RSA Via Lifecycle and Governance version 7.0, all patch levels (hardware appliance and software bundle deployments only); RSA Identity Management & Governance (RSA IMG) versions 6.9.0, 6.9.1, all patch levels (hardware appliance and software bundle deployments only)
CWE ID-CWE-269
Improper Privilege Management
CVE-2013-6182
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.20% / 42.39%
||
7 Day CHG~0.00%
Published-28 Dec, 2013 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted Windows search path vulnerability in EMC Replication Manager before 5.5 allows local users to gain privileges via a crafted application in a parent directory of an intended directory.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-replication_managern/a
CVE-2013-0940
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.03% / 7.19%
||
7 Day CHG-0.01%
Published-03 May, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-networkern/a
CVE-2012-2291
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.03% / 7.19%
||
7 Day CHG~0.00%
Published-21 Jan, 2013 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack.

Action-Not Available
Vendor-n/aELAN Microelectronics CorporationHP Inc.Apple Inc.
Product-mac_os_xavamar_pluginavamarhp-uxn/a
CVE-2017-4985
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.06%
||
7 Day CHG~0.00%
Published-19 Jun, 2017 | 12:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user may potentially escalate their privileges to root due to authorization checks not being performed on certain perl scripts. This may potentially be exploited by an attacker to run arbitrary commands as root on the targeted VNX Control Station system.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-vnx2vnx2_firmwarevnx1_firmwarevnx1EMC VNX2 versions prior to OE for File 8.1.9.211, EMC VNX1 versions prior to OE for File 7.1.80.8
CWE ID-CWE-862
Missing Authorization
CVE-2017-3757
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.42%
||
7 Day CHG~0.00%
Published-28 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unquoted service path vulnerability was identified in the driver for the ElanTech Touchpad, various versions, used on some Lenovo brand notebooks (not ThinkPads). This could allow an attacker with local privileges to execute code with administrative privileges.

Action-Not Available
Vendor-ELAN Microelectronics CorporationLenovo Group Limited
Product-elan_touchpad_driverLenovo ElanTech Touchpad driver
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2006-2154
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.04% / 10.94%
||
7 Day CHG~0.00%
Published-03 May, 2006 | 10:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not drop privileges before opening files, which allows local users to execute arbitrary code via the File>Open dialog.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-retrospectn/a
CVE-2017-14376
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.53%
||
7 Day CHG~0.00%
Published-01 Nov, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-appsyncEMC AppSync Server versions prior to 3.5.0.1
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2011-1420
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.11% / 30.30%
||
7 Day CHG~0.00%
Published-28 Mar, 2011 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC platforms uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aELAN Microelectronics CorporationOracle Corporation
Product-data_protection_advisor_collectorsolaris_sparcn/a
CVE-2016-9870
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 22.29%
||
7 Day CHG~0.00%
Published-23 Jan, 2017 | 06:49
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-isilon_onefsEMC Isilon OneFS
CWE ID-CWE-90
Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
CVE-2016-6649
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.18% / 39.84%
||
7 Day CHG~0.00%
Published-03 Feb, 2017 | 07:24
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by multiple command injection vulnerabilities where a malicious administrator with configuration privileges may bypass the user interface and escalate his privileges to root.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-recoverpoint_for_virtual_machinesrecoverpointEMC RecoverPoint and EMC RecoverPoint for Virtual Machines EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2015-6850
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.4||HIGH
EPSS-0.05% / 16.60%
||
7 Day CHG~0.00%
Published-28 Dec, 2015 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EMC VPLEX GeoSynchrony 5.4 SP1 before P3 and 5.5 before Patch 1 has a default password for the root account, which allows local users to gain privileges by leveraging a login session.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-vplex_geosynchronyn/a
CVE-2017-14380
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.39%
||
7 Day CHG~0.00%
Published-13 Dec, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin (compadmin) account user could exploit a vulnerability in isi_get_itrace or isi_get_profile maintenance scripts to run any shell script as system root on a cluster in compliance mode. This could potentially lead to an elevation of privilege for the compadmin user and violate compliance mode.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-isilon_onefsEMC Isilon OneFS 8.1.0.0, 8.0.1.0 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, 7.1.1.x
CWE ID-CWE-269
Improper Privilege Management
CVE-2011-2735
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.9||HIGH
EPSS-3.62% / 87.34%
||
7 Day CHG~0.00%
Published-23 Aug, 2011 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.1 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted message over TCP.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-autostartn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1741
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-10||HIGH
EPSS-24.61% / 95.91%
||
7 Day CHG~0.00%
Published-19 Jul, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in ftserver.exe in the OpenText Hummingbird Client Connector, as used in the Indexing Server in EMC Documentum eRoom 7.x before 7.4.3.f and other products, allows remote attackers to execute arbitrary code by sending a crafted message over TCP.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-documentum_eroomn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-1119
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-10||HIGH
EPSS-13.07% / 93.83%
||
7 Day CHG~0.00%
Published-15 Apr, 2009 | 19:00
Updated-07 Aug, 2024 | 05:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-replistorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-5419
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-24.24% / 95.87%
||
7 Day CHG~0.00%
Published-10 Dec, 2008 | 13:33
Updated-07 Aug, 2024 | 10:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center 5.2 SP5 and 6.0 allows remote attackers to execute arbitrary code via multiple SST_CTGTRANS requests.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-control_centern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-3684
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.16% / 86.39%
||
7 Day CHG~0.00%
Published-22 Oct, 2009 | 15:26
Updated-17 Sep, 2024 | 04:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in aws_tmxn.exe in the Admin Agent service in the server in EMC Documentum ApplicationXtender Workflow, possibly 5.40 SP1 and earlier, allows remote attackers to execute arbitrary code via crafted packet data to TCP port 2606.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-documentum_applicationxtendern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-8020
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-9.8||CRITICAL
EPSS-8.59% / 92.04%
||
7 Day CHG~0.00%
Published-28 Nov, 2017 | 07:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote unauthenticated attacker to execute arbitrary commands with root privileges on an affected server.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-scaleioEMC ScaleIO EMC ScaleIO 2.0.1.x version family (2.0.1.3, 2.0.1.2, 2.0.1.1, 2.0.1)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-8022
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-8.1||HIGH
EPSS-1.82% / 82.11%
||
7 Day CHG~0.00%
Published-18 Oct, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all supported 9.0.x versions, prior to 9.1.1.3, prior to 9.2.0.4). The Server service (nsrd) is affected by a buffer overflow vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code on vulnerable installations of the software, or cause a denial of service, depending on the target system's platform.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-networkerEMC NetWorker prior to 8.2.4.9, 9.0.x (all supported versions), prior to 9.1.1.3, prior to 9.2.0.4
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-0930
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.6||HIGH
EPSS-9.63% / 92.58%
||
7 Day CHG~0.00%
Published-31 Jan, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Drive Control Program (DCP) in EMC AlphaStor 4.0 before build 814 allows remote attackers to execute arbitrary code via vectors involving a new device name.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-alphastorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-0946
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-9.3||HIGH
EPSS-56.45% / 98.02%
||
7 Day CHG~0.00%
Published-10 May, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Library Control Program (LCP) in EMC AlphaStor 4.0 before build 910 allows remote attackers to execute arbitrary code via crafted commands.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-alphastorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-4607
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-9.3||HIGH
EPSS-10.14% / 92.81%
||
7 Day CHG~0.00%
Published-17 Jan, 2013 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7.6.5, and 8.x before 8.0.0.6, allows remote attackers to execute arbitrary code via crafted SunRPC data.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-networkern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-2515
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.3||HIGH
EPSS-64.84% / 98.40%
||
7 Day CHG~0.00%
Published-05 Jul, 2012 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method.

Action-Not Available
Vendor-gen/aELAN Microelectronics Corporation
Product-captiva_quickscan_prodocumentum_applicationxtender_desktopintelligent_platforms_proficy_historianintelligent_platforms_si7_i\/o_driverintelligent_platforms_proficy_hmi\/scada_ifixintelligent_platforms_proficy_pulseintelligent_platforms_proficy_batch_executionn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-2276
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-16.51% / 94.64%
||
7 Day CHG~0.00%
Published-14 May, 2012 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via input data that (1) lacks FIPS fields or (2) has an invalid version number.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-documentum_information_rights_managementn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-2277
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-31.19% / 96.60%
||
7 Day CHG~0.00%
Published-14 May, 2012 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via \n (line feed) characters in the Id fields of many "batch begin untethered" commands.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-documentum_information_rights_managementn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-6426
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.94% / 85.89%
||
7 Day CHG~0.00%
Published-21 Feb, 2008 | 00:00
Updated-07 Aug, 2024 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-replistorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-5323
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-11.84% / 93.46%
||
7 Day CHG~0.00%
Published-11 Oct, 2007 | 00:00
Updated-07 Aug, 2024 | 15:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RepliStor Server Service in EMC Replistor 6.1.3 allows remote attackers to execute arbitrary code via a size value that causes RepliStor to create a smaller buffer than expected, which triggers a buffer overflow when that buffer is used in a recv function call.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-replistorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-0962
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9||HIGH
EPSS-6.34% / 90.60%
||
7 Day CHG~0.00%
Published-14 Apr, 2008 | 16:00
Updated-07 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the File System Manager for EMC DiskXtender 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted request to the RPC interface.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-diskxtendern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2005-3658
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.67% / 90.02%
||
7 Day CHG~0.00%
Published-18 Jan, 2006 | 02:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe).

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-legato_networkern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-0395
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-9.3||HIGH
EPSS-5.55% / 89.90%
||
7 Day CHG~0.00%
Published-27 Jan, 2012 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-networkern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-0409
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-4.39% / 88.55%
||
7 Day CHG~0.00%
Published-01 Jun, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.3 allow remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via crafted packets.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-autostartn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14385
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-19.27% / 95.13%
||
7 Day CHG~0.00%
Published-20 Dec, 2017 | 23:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in EMC Data Domain DD OS 5.7 family, versions prior to 5.7.5.6; EMC Data Domain DD OS 6.0 family, versions prior to 6.0.2.9; EMC Data Domain DD OS 6.1 family, versions prior to 6.1.0.21; EMC Data Domain Virtual Edition 2.0 family, all versions; EMC Data Domain Virtual Edition 3.0 family, versions prior to 3.0 SP2 Update 1; and EMC Data Domain Virtual Edition 3.1 family, versions prior to 3.1 Update 2. EMC Data Domain DD OS contains a memory overflow vulnerability in SMBv1 which may potentially be exploited by an unauthenticated remote attacker. An attacker may completely shut down both the SMB service and active directory authentication. This may also allow remote code injection and execution.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-data_domaindata_domain_osEMC Data Domain DD OS EMC Data Domain DD OS 5.7 family, versions prior to 5.7.5.6, EMC Data Domain DD OS 6.0 family, versions prior to 6.0.2.9, EMC Data Domain DD OS 6.1 family, versions prior to 6.1.0.21, EMC Data Domain Virtual Edition 2.0 family, all versions, EMC Data Domain Virtual Edition 3.0 family, versions prior to 3.0 SP2 Update 1, EMC Data Domain Virtual Edition 3.1 family, versions prior to 3.1 Update 2
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-0152
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.34% / 55.62%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 19:06
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient memory protection in System Management Mode (SMM) and Intel(R) TXT for certain Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_platinum_8276lxeon_platinum_8153xeon_platinum_8170_firmwarexeon_bronze_3104_firmwarexeon_gold_6146xeon_gold_6126txeon_gold_6126f_firmwarexeon_gold_6140_firmwarexeon_platinum_8168_firmwarexeon_silver_4108_firmwarexeon_gold_5115xeon_gold_6238_firmwarexeon_platinum_8170xeon_gold_6136xeon_gold_6138f_firmwarexeon_w-2125xeon_w-2155_firmwarexeon_gold_5217_firmwarexeon_gold_6138xeon_gold_6246xeon_d-2163it_firmwarexeon_platinum_8164xeon_gold_6240_firmwarexeon_gold_5215mxeon_gold_5215xeon_platinum_8268_firmwarexeon_gold_6248_firmwarexeon_gold_6262vxeon_d-2143itxeon_d-2163itxeon_platinum_8168xeon_gold_6244_firmwarexeon_d-2161i_firmwarexeon_gold_5218xeon_gold_6238m_firmwarexeon_platinum_8284xeon_silver_4109txeon_gold_5215lxeon_silver_4215_firmwarexeon_gold_5122_firmwarexeon_gold_6138t_firmwarexeon_silver_4116_firmwarexeon_d-2173it_firmwarexeon_gold_6138fxeon_gold_5122xeon_platinum_8180_firmwarexeon_silver_4210_firmwarexeon_gold_6132_firmwarexeon_gold_6136_firmwarexeon_gold_6212u_firmwarexeon_gold_6212uxeon_gold_6126_firmwarexeon_platinum_8280mxeon_gold_6240l_firmwarexeon_silver_4114xeon_d-2123it_firmwarexeon_platinum_8276_firmwarexeon_bronze_3104xeon_gold_6240xeon_gold_6238lxeon_gold_6240lxeon_gold_6150_firmwarexeon_d-2173itxeon_platinum_8156xeon_d-2123itxeon_bronze_3106_firmwarexeon_d-2177nt_firmwarexeon_gold_6138_firmwarexeon_gold_5218n_firmwarexeon_gold_5220s_firmwarexeon_gold_5215_firmwarexeon_platinum_8260y_firmwarexeon_gold_6144_firmwarexeon_platinum_8274xeon_gold_6126fxeon_silver_4109t_firmwarexeon_gold_5218txeon_gold_6240y_firmwarexeon_gold_6150xeon_gold_6242_firmwarexeon_gold_6140xeon_silver_4114_firmwarexeon_gold_6230_firmwarexeon_d-2146ntxeon_platinum_8280l_firmwarexeon_platinum_8160fxeon_gold_6148f_firmwarexeon_w-2123_firmwarexeon_d-2145nt_firmwarexeon_gold_6210uxeon_d-2187ntxeon_gold_6126xeon_platinum_8158_firmwarexeon_d-2166nt_firmwarexeon_d-2166ntxeon_gold_5120_firmwarexeon_gold_6140m_firmwarexeon_silver_4216xeon_platinum_8253xeon_gold_6230xeon_w-2195xeon_gold_6134_firmwarexeon_gold_6130t_firmwarexeon_gold_6130f_firmwarexeon_d-2183itxeon_gold_6142fxeon_w-2145_firmwarexeon_d-2145ntxeon_platinum_8153_firmwarexeon_gold_6238xeon_gold_6126t_firmwarexeon_gold_6130xeon_platinum_8260mxeon_silver_4214y_firmwarexeon_silver_4208xeon_platinum_8260xeon_platinum_8160t_firmwarexeon_bronze_3204_firmwarexeon_silver_4214_firmwarexeon_d-2142it_firmwarexeon_w-2123xeon_gold_5220sxeon_platinum_8280m_firmwarexeon_d-2143it_firmwarexeon_platinum_9242xeon_platinum_9282xeon_platinum_8280lxeon_silver_4110xeon_platinum_9242_firmwarexeon_bronze_3204xeon_platinum_8280_firmwarexeon_silver_4108xeon_gold_6130txeon_silver_4210xeon_platinum_8256_firmwarexeon_gold_5217xeon_platinum_8276mxeon_gold_5218nxeon_gold_6246_firmwarexeon_gold_5222_firmwarexeon_gold_6138txeon_bronze_3106xeon_gold_6238mxeon_gold_5120xeon_gold_5220xeon_gold_6154_firmwarexeon_platinum_8160txeon_gold_6254xeon_silver_4209t_firmwarexeon_gold_6240yxeon_platinum_8176_firmwarexeon_gold_6154xeon_d-2141ixeon_gold_5215l_firmwarexeon_silver_4208_firmwarexeon_w-2195_firmwarexeon_platinum_8268xeon_gold_6252n_firmwarexeon_gold_5120t_firmwarexeon_gold_5222xeon_platinum_8270_firmwarexeon_silver_4209txeon_w-2133_firmwarexeon_silver_4116xeon_gold_6240mxeon_gold_6210u_firmwarexeon_gold_6252nxeon_gold_6244xeon_platinum_8160xeon_gold_5218t_firmwarexeon_gold_6248xeon_gold_5115_firmwarexeon_platinum_8260l_firmwarexeon_platinum_8156_firmwarexeon_gold_6226_firmwarexeon_platinum_8274_firmwarexeon_gold_5118_firmwarexeon_platinum_8280xeon_w-2135_firmwarexeon_gold_6152_firmwarexeon_gold_6146_firmwarexeon_platinum_8176f_firmwarexeon_gold_6148fxeon_gold_5218_firmwarexeon_gold_6132xeon_gold_6238t_firmwarexeon_platinum_8256xeon_gold_6152xeon_d-2146nt_firmwarexeon_platinum_8158xeon_gold_6238l_firmwarexeon_w-2155xeon_gold_5218b_firmwarexeon_w-2135xeon_gold_6222vxeon_w-2125_firmwarexeon_platinum_8176xeon_platinum_8160_firmwarexeon_gold_6242xeon_w-2175_firmwarexeon_silver_4112_firmwarexeon_w-2145xeon_gold_6262v_firmwarexeon_platinum_8260yxeon_platinum_8270xeon_platinum_8260m_firmwarexeon_gold_6148_firmwarexeon_gold_6128xeon_w-3175x_firmwarexeon_silver_4215xeon_gold_5220t_firmwarexeon_d-2142itxeon_platinum_8253_firmwarexeon_gold_5118xeon_gold_6130fxeon_gold_5220_firmwarexeon_gold_6240m_firmwarexeon_gold_5215m_firmwarexeon_silver_4214xeon_platinum_8276xeon_gold_6142f_firmwarexeon_gold_6238txeon_d-2161ixeon_platinum_8164_firmwarexeon_silver_4214yxeon_d-2141i_firmwarexeon_gold_5218bxeon_silver_4216_firmwarexeon_gold_6254_firmwarexeon_platinum_8276m_firmwarexeon_platinum_8176fxeon_platinum_8284_firmwarexeon_d-2187nt_firmwarexeon_gold_6209uxeon_silver_4112xeon_gold_6226xeon_gold_6130_firmwarexeon_gold_5120txeon_w-3175xxeon_gold_6252xeon_gold_6134xeon_gold_6222v_firmwarexeon_platinum_8160f_firmwarexeon_platinum_8260_firmwarexeon_w-2133xeon_gold_6252_firmwarexeon_d-2183it_firmwarexeon_gold_6148xeon_gold_6209u_firmwarexeon_silver_4110_firmwarexeon_platinum_8260lxeon_gold_6144xeon_gold_6140mxeon_platinum_9282_firmwarexeon_platinum_8180xeon_d-2177ntxeon_platinum_8276l_firmwarexeon_gold_6128_firmwarexeon_w-2175xeon_gold_5220t2019.2 IPU – Intel(R) Processor Security
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3396
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.19% / 40.83%
||
7 Day CHG~0.00%
Published-15 Sep, 2010 | 17:26
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in kavfm.sys in Kingsoft Antivirus 2010.04.26.648 and earlier allows local users to execute arbitrary code via a long argument to IOCTL 0x80030004. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-kingsoftn/a
Product-kingsoft_antivirusn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-9515
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.63% / 69.41%
||
7 Day CHG~0.00%
Published-02 Oct, 2018 | 19:00
Updated-16 Sep, 2024 | 21:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In sdcardfs_create and sdcardfs_mkdir of inode.c, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-111641492 References: N/A

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3222
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.2||HIGH
EPSS-0.97% / 75.69%
||
7 Day CHG~0.00%
Published-13 Oct, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the Remote Procedure Call Subsystem (RPCSS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted LPC message that requests an LRPC connection from an LPC server to a client, aka "LPC Message Buffer Overrun Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_server_2003windows_xpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-0151
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.34% / 55.62%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 19:07
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient memory protection in Intel(R) TXT for certain Intel(R) Core Processors and Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_e5-2687w_v2_firmwarexeon_platinum_8153xeon_e3-1230_v5xeon_e5-1620_v2_firmwarexeon_e7-8893_v3xeon_e5-1630_v3_firmwarexeon_e3-1558l_v5xeon_bronze_3104_firmwarexeon_e5-4610_v4xeon_e7-8894_v4xeon_e5-2608l_v4_firmwarexeon_e3-1226_v3_firmwarexeon_gold_6146xeon_e5-2660_v3xeon_gold_6126f_firmwarexeon_e3-1240_v3_firmwarexeon_e5-2450_v2xeon_e7-8880l_v2xeon_platinum_8168_firmwarexeon_e3-1501l_v6_firmwarexeon_silver_4108_firmwarexeon_e5-2670_v2xeon_e5-1680_v3xeon_e-2124g_firmwarexeon_e5-2697_v4xeon_d-1527xeon_e5-2608l_v3_firmwarexeon_gold_5115xeon_platinum_8170xeon_gold_6136xeon_gold_6138f_firmwarexeon_e-2254me_firmwarexeon_w-2125core_i5-8400hcore_m-5y71_firmwarexeon_e5-2690_v2xeon_e3-1220_v2_firmwarexeon_e5-2648l_v2xeon_e5-4610_v3xeon_e7-8890_v3_firmwarexeon_e3-1220_v5_firmwarexeon_e7-8870_v3xeon_e-2276me_firmwarexeon_e5-4650_v4xeon_e7-8880_v4xeon_gold_6138xeon_e5-2448l_v2_firmwarexeon_e5-2620_v2_firmwarexeon_e3-1275l_v3_firmwarexeon_d-2163it_firmwarexeon_e5-1660_v4xeon_e5-2699r_v4_firmwarexeon_e7-8891_v4xeon_platinum_8164core_i7-9700xeon_d-1521_firmwarexeon_e5-1620_v2core_i7-6650u_firmwarexeon_e3-1280_v5xeon_e-2226gxeon_e3-1226_v3xeon_e5-2699r_v4xeon_e3-1265l_v2xeon_e5-2658a_v3_firmwarexeon_silver_4116t_firmwarexeon_d-1557_firmwarexeon_e7-4820_v2_firmwarexeon_e5-1680_v3_firmwarexeon_d-1518xeon_e3-1285l_v4_firmwarexeon_e5-1620_v3_firmwarexeon_e-2276m_firmwarecore_i5-9600_firmwarecore_i5-9600t_firmwarecore_i7-6700texeon_e7-4830_v2xeon_e7-4830_v3_firmwarexeon_e3-1501l_v6xeon_e5-2609_v4_firmwarexeon_platinum_8168xeon_e5-2683_v4core_i7-7600uxeon_e5-1660_v3_firmwarexeon_e5-2640_v3xeon_e5-2608l_v4xeon_e-2224xeon_e-2186m_firmwarecore_i5-7y57_firmwarexeon_e5-2418l_v3_firmwarexeon_e3-1280_v3_firmwarexeon_e5-1620_v4xeon_e7-8880l_v3xeon_d-1567_firmwarexeon_e3-1230_v2_firmwarexeon_d-1567xeon_e5-2630l_v3xeon_e3-1505l_v6xeon_e-2278gexeon_e5-4640_v4xeon_e5-4655_v4_firmwarexeon_gold_6138t_firmwarexeon_e-2134_firmwarexeon_silver_4116_firmwarexeon_d-2173it_firmwarexeon_gold_5122xeon_platinum_8180_firmwarexeon_e5-2699_v3core_i7-7600u_firmwarexeon_gold_6126_firmwarexeon_e5-4624l_v2_firmwarexeon_e3-1240_v5_firmwarexeon_e5-4640_v2xeon_e3-1285_v3_firmwarexeon_e5-2618l_v2_firmwarexeon_e5-4657l_v2core_i5-9500_firmwarexeon_e7-8870_v4_firmwarexeon_e5-4627_v4_firmwarexeon_e3-1558l_v5_firmwarexeon_e7-8870_v4xeon_e5-2609_v2_firmwarecore_i5-8400h_firmwarexeon_gold_6150_firmwarexeon_e3-1265l_v4xeon_platinum_8156core_i5-8600xeon_e5-2450l_v2_firmwarexeon_e-2136core_i7-9700kxeon_bronze_3106_firmwarexeon_e7-8893_v4_firmwarexeon_gold_6138_firmwarexeon_d-2177nt_firmwarexeon_d-1533n_firmwarexeon_e7-4860_v2_firmwarexeon_e5-2667_v4_firmwarexeon_e7-8893_v2xeon_e5-2667_v4core_m7-6y75xeon_e3-1285l_v4xeon_gold_6126fxeon_e5-2628l_v2xeon_e7-8870_v2xeon_d-1539xeon_silver_4109t_firmwarexeon_e3-1275_v5_firmwarexeon_e3-1535m_v5xeon_e5-1680_v4xeon_silver_4114_firmwarexeon_e7-4809_v3xeon_d-2146ntxeon_e3-1575m_v5_firmwarexeon_e5-2609_v2xeon_e3-1268l_v5core_i5-8600kxeon_platinum_8160fxeon_e7-4820_v3_firmwarexeon_d-1577_firmwarecore_i7-8700k_firmwarexeon_e-2124_firmwarecore_i7-8700_firmwarexeon_e3-1290_v2_firmwarexeon_e3-1260l_v5_firmwarexeon_e3-1240_v6_firmwarexeon_e5-2658_v3xeon_e5-4660_v4xeon_e3-1501m_v6core_i5-8365uxeon_e3-1105c_v2_firmwarexeon_e3-1505m_v5_firmwarexeon_e-2226ge_firmwarexeon_d-2187ntxeon_e5-2643_v3_firmwarexeon_e5-4669_v4_firmwarexeon_platinum_8158_firmwarexeon_e5-2680_v2xeon_e5-2698_v3_firmwarexeon_e3-1270_v6xeon_gold_5120_firmwarexeon_e-2286mxeon_d-2166ntxeon_e3-1505m_v5xeon_e3-1280_v2_firmwarexeon_silver_4114t_firmwarexeon_w-2195xeon_e5-2403_v2_firmwarexeon_e5-2630l_v4xeon_gold_6134_firmwarexeon_e5-4667_v4core_i7-5650uxeon_e5-2628l_v4xeon_gold_6130t_firmwarexeon_e-2276gxeon_e5-2658_v2xeon_e-2186gxeon_d-2183itxeon_silver_4116txeon_e5-2690_v4_firmwarexeon_e-2174gxeon_e5-2630_v4xeon_e5-2687w_v2xeon_e5-4610_v3_firmwarexeon_e5-4667_v3xeon_e5-2609_v3_firmwarexeon_e7-4809_v2_firmwarecore_m-5y70xeon_e3-1280_v2xeon_w-2145_firmwarexeon_e3-1230_v6_firmwarexeon_e5-2643_v3xeon_e3-1220_v2xeon_e5-1650_v4xeon_d-2145ntxeon_e5-2630_v3xeon_gold_6126t_firmwarexeon_e5-4627_v2_firmwarexeon_e3-1275_v6_firmwarecore_i5-5300uxeon_e3-1585_v5xeon_e3-1225_v6_firmwarexeon_e5-2667_v2_firmwarexeon_e5-2623_v4xeon_e5-4620_v4_firmwarexeon_w-2123xeon_e7-8890_v4_firmwarecore_i5-8600t_firmwarexeon_gold_5119t_firmwarexeon_e3-1220_v6_firmwarexeon_d-1513n_firmwarexeon_e5-2683_v3xeon_e5-2637_v2_firmwarexeon_gold_6142_firmwarexeon_e3-1535m_v6_firmwarexeon_e3-1265l_v4_firmwarecore_i7-5600uxeon_e5-2428l_v3_firmwarexeon_e5-1620_v4_firmwarexeon_gold_6130txeon_silver_4108xeon_e3-1280_v3core_i5-9600xeon_e3-1285_v3xeon_e5-2618l_v4_firmwarexeon_e5-2650_v3_firmwarexeon_e5-2637_v4_firmwarexeon_e3-1585l_v5_firmwarexeon_e3-1240l_v5_firmwarexeon_e5-2428l_v2xeon_e7-8867_v4xeon_e3-1225_v2_firmwarexeon_e5-2660_v3_firmwarecore_i5-7300u_firmwarecore_i5-8600_firmwarexeon_e3-1281_v3xeon_bronze_3106xeon_e-2224_firmwarexeon_e3-1240l_v3xeon_e-2274gxeon_e7-8880_v3core_i5-9500xeon_e-2278gelxeon_e3-1270_v2xeon_d-1540xeon_e3-1280_v6xeon_e3-1225_v3xeon_e7-8891_v3_firmwarecore_i7-6700t_firmwarexeon_e5-1650_v2xeon_e3-1245_v5_firmwarexeon_e5-2650l_v3_firmwarexeon_e5-2698_v4xeon_e7-4890_v2_firmwarexeon_platinum_8160txeon_d-1528xeon_e5-2697_v3xeon_e5-4603_v2xeon_e5-4627_v4xeon_e5-4620_v2_firmwarexeon_e3-1280_v6_firmwarexeon_e-2124core_i9-9880hxeon_e5-2620_v3_firmwarexeon_e5-2660_v4xeon_d-2141icore_i5-8500t_firmwarexeon_e3-1275_v3xeon_e7-4809_v2xeon_e7-4830_v4xeon_d-1541xeon_e5-2650_v4_firmwarexeon_e-2136_firmwarexeon_e-2276g_firmwarexeon_e3-1235l_v5_firmwarecore_i5-6300uxeon_e5-1660_v2xeon_e5-2690_v2_firmwarexeon_e-2276mexeon_e5-4620_v3_firmwarexeon_e5-2687w_v4xeon_e5-2630_v4_firmwarexeon_e-2274g_firmwarexeon_e5-4607_v2xeon_e3-1271_v3xeon_e5-2695_v2_firmwarexeon_w-2133_firmwarexeon_e5-4667_v3_firmwarexeon_e3-1220l_v3_firmwarexeon_e3-1275_v2_firmwarexeon_e3-1535m_v6xeon_e5-4667_v4_firmwarexeon_e3-1278l_v4_firmwarexeon_e5-2699a_v4_firmwarexeon_d-1548xeon_e3-1265l_v3xeon_d-1529core_i9-9900xeon_e5-2603_v4_firmwarexeon_e3-1220_v5xeon_platinum_8160xeon_gold_5115_firmwarexeon_platinum_8156_firmwarexeon_e5-4660_v4_firmwarexeon_e-2146g_firmwarexeon_e5-2403_v2xeon_e5-2428l_v3core_i7-8850h_firmwarecore_m7-6y75_firmwarexeon_gold_5118_firmwarexeon_e5-2667_v3_firmwarexeon_e5-4648_v3xeon_e7-4809_v4core_i7-9850h_firmwarexeon_gold_6146_firmwarexeon_gold_6148fxeon_e5-2630l_v4_firmwarexeon_e5-2640_v2xeon_e5-2407_v2_firmwarexeon_gold_6132xeon_e5-2618l_v3_firmwarecore_i7-6660u_firmwarexeon_e5-2618l_v4xeon_e7-8891_v4_firmwarexeon_e3-1258l_v4xeon_w-2155xeon_e-2278g_firmwarexeon_e-2276ml_firmwarexeon_e5-2623_v3_firmwarexeon_e5-2650l_v4_firmwarexeon_e-2224gxeon_w-2135xeon_platinum_8160_firmwarexeon_w-2145xeon_e7-8894_v4_firmwarexeon_e3-1231_v3_firmwarexeon_e5-2648l_v2_firmwarexeon_e-2226gecore_i7-6650uxeon_gold_6142xeon_e5-4650_v3_firmwarecore_m-5y71xeon_gold_6148_firmwarexeon_e5-4610_v4_firmwarecore_i7-8665u_firmwarexeon_e3-1585_v5_firmwarexeon_e-2176g_firmwarecore_i5-9400hxeon_e5-2620_v2xeon_e5-4640_v3_firmwarecore_i9-9900txeon_e5-2680_v4_firmwarexeon_e5-1428l_v2_firmwarexeon_e3-1286l_v3_firmwarexeon_e5-1630_v4_firmwarexeon_e3-1286_v3xeon_e7-8890_v2xeon_e3-1230_v3xeon_d-2161ixeon_e5-4603_v2_firmwarexeon_e3-1225_v3_firmwarexeon_e5-2640_v2_firmwarexeon_platinum_8164_firmwarexeon_d-2141i_firmwarexeon_e3-1585l_v5xeon_e5-2620_v3xeon_e5-2670_v3xeon_e7-2880_v2_firmwarexeon_e5-4640_v4_firmwarexeon_e5-2648l_v3xeon_e5-1680_v4_firmwarexeon_e3-1271_v3_firmwarexeon_e5-2609_v3xeon_e3-1275_v5core_i7-9700k_firmwarexeon_e3-1270_v2_firmwarexeon_e5-2438l_v3xeon_e3-1240_v5xeon_e-2288g_firmwarexeon_e5-2430_v2_firmwarexeon_e5-2450_v2_firmwarexeon_e5-2440_v2_firmwarexeon_e3-1230l_v3xeon_e3-1286_v3_firmwarexeon_e5-2660_v2_firmwarexeon_e5-2650_v3xeon_e-2246g_firmwarexeon_e5-2648l_v4xeon_e5-1650_v4_firmwarexeon_e-2176m_firmwarexeon_e-2174g_firmwarexeon_e5-4620_v4xeon_d-1513nxeon_d-1537xeon_e5-2683_v3_firmwarexeon_e3-1515m_v5xeon_d-2187nt_firmwarexeon_e3-1225_v5xeon_e7-8880_v4_firmwarexeon_e5-2630l_v2core_i5-8500xeon_d-1539_firmwarexeon_silver_4112xeon_d-1559xeon_gold_6130_firmwarexeon_e5-2667_v2xeon_e3-1515m_v5_firmwarexeon_e5-2618l_v2xeon_e7-4890_v2xeon_gold_5120txeon_e5-2630_v3_firmwarexeon_e7-4830_v2_firmwarexeon_w-3175xxeon_e3-1230l_v3_firmwarexeon_gold_6134xeon_e5-2628l_v3xeon_e-2254mexeon_platinum_8160f_firmwarexeon_e5-2448l_v2core_i5-6440hqxeon_e3-1258l_v4_firmwarecore_i7-7y75xeon_e5-2648l_v4_firmwarexeon_e5-4669_v3xeon_e7-8893_v2_firmwarexeon_e5-1660_v2_firmwarexeon_e-2286g_firmwarecore_i7-6700xeon_e3-1220_v3xeon_d-2183it_firmwarexeon_w-2133core_i5-7y57xeon_e5-4627_v3xeon_e7-2890_v2_firmwarexeon_e7-4850_v4xeon_gold_6148xeon_d-1557xeon_e3-1505m_v6xeon_gold_6144core_i5-9600k_firmwarecore_i9-9900t_firmwarexeon_e7-2870_v2_firmwarexeon_e7-4880_v2_firmwarexeon_e-2224g_firmwarexeon_e5-2670_v2_firmwarexeon_e7-8860_v3_firmwarexeon_d-1553n_firmwarexeon_gold_6128_firmwarexeon_e3-1578l_v5_firmwarexeon_e5-2687w_v3_firmwarexeon_e5-4627_v2xeon_platinum_8170_firmwarexeon_e-2276mxeon_e7-4860_v2core_i7-8665uxeon_e5-4620_v2xeon_e5-2470_v2_firmwarecore_i7-6600uxeon_e3-1220l_v2xeon_gold_6126txeon_gold_6140_firmwarexeon_e3-1565l_v5_firmwarexeon_e5-2630_v2_firmwarexeon_e3-1565l_v5xeon_e-2236core_i9-9880h_firmwarexeon_e5-4610_v2_firmwarecore_i7-8700t_firmwarexeon_e-2236_firmwarexeon_e5-2408l_v3xeon_e5-2643_v2_firmwarexeon_e-2126g_firmwarexeon_e3-1240_v6core_i7-8700xeon_w-2155_firmwarexeon_e7-4850_v3_firmwarexeon_e3-1285l_v3_firmwarexeon_e5-2640_v4_firmwarexeon_e5-1630_v4xeon_e5-4660_v3xeon_e7-2850_v2_firmwarexeon_e5-1428l_v2xeon_e5-2603_v2core_i7-6600u_firmwarexeon_e5-2603_v3_firmwarexeon_d-1527_firmwarexeon_e5-2697_v3_firmwarecore_i7-8700kxeon_e5-2407_v2xeon_e5-2683_v4_firmwarexeon_e3-1268l_v3xeon_e5-4628l_v4_firmwarexeon_e5-2628l_v4_firmwarexeon_e5-2603_v3xeon_e7-4850_v4_firmwarexeon_e3-1270_v6_firmwarexeon_e5-2658_v3_firmwarecore_i5-8600k_firmwarexeon_e7-8870_v3_firmwarexeon_e3-1285_v6_firmwarexeon_e-2134xeon_e5-2667_v3xeon_e5-4655_v3xeon_e5-2650_v2xeon_e7-4820_v3xeon_e5-2620_v4_firmwarexeon_d-2143itxeon_e-2226g_firmwarexeon_d-2163itxeon_e5-2699_v4xeon_e3-1285_v6xeon_d-2161i_firmwarexeon_e3-1278l_v4xeon_e3-1225_v6xeon_e3-1220l_v3xeon_e5-2699_v3_firmwarexeon_e-2144g_firmwarexeon_silver_4109txeon_e5-2650l_v2_firmwarexeon_e5-2643_v4_firmwarexeon_e3-1240l_v5xeon_e3-1225_v5_firmwarexeon_e5-2690_v3xeon_e5-4655_v4xeon_gold_5122_firmwarexeon_e5-2658_v4xeon_gold_6138fxeon_e5-2440_v2xeon_e5-1630_v3xeon_gold_6132_firmwarexeon_gold_6136_firmwarexeon_e5-4650_v2_firmwarecore_i5-9600kxeon_e7-8893_v3_firmwarexeon_e3-1290_v2xeon_e3-1286l_v3xeon_e5-2418l_v2_firmwarexeon_e5-2680_v3xeon_e3-1125c_v2xeon_d-1531_firmwarexeon_e5-2697_v4_firmwarexeon_e7-4830_v3xeon_e5-2420_v2_firmwarexeon_silver_4114xeon_e5-4655_v3_firmwarexeon_d-2123it_firmwarexeon_e3-1245_v3xeon_e5-2698_v3xeon_e3-1245_v5xeon_e7-8880_v3_firmwarexeon_e3-1230_v2xeon_e5-2648l_v3_firmwarexeon_e7-8857_v2_firmwarexeon_bronze_3104xeon_d-1571xeon_e3-1265l_v2_firmwarexeon_e5-2699_v4_firmwarexeon_e5-2637_v3xeon_e7-8890_v2_firmwarexeon_e5-1620_v3core_i5-8350uxeon_e7-8880l_v3_firmwarecore_i5-7300ucore_i5-6440hq_firmwarexeon_e3-1505l_v6_firmwarexeon_e3-1240_v2xeon_e7-8850_v2_firmwarexeon_d-2173itxeon_d-2123itcore_i7-5600u_firmwarecore_i5-8500txeon_e-2246gxeon_e5-2670_v3_firmwarexeon_e5-2637_v4xeon_e3-1241_v3xeon_gold_6144_firmwarexeon_e5-2687w_v3xeon_e5-2695_v4_firmwarexeon_e5-1428l_v3_firmwarexeon_e3-1270_v5_firmwarexeon_e7-8890_v4xeon_e5-2680_v4core_i5-8350u_firmwarexeon_e5-4607_v2_firmwarexeon_e5-2630l_v3_firmwarexeon_e5-2697a_v4xeon_gold_6150xeon_e3-1535m_v5_firmwarexeon_e7-4809_v3_firmwarexeon_gold_6140xeon_e5-2690_v4core_i7-6820hq_firmwarexeon_e5-2609_v4xeon_e7-8891_v2xeon_e3-1220_v3_firmwarexeon_e5-2658_v4_firmwarexeon_e7-4850_v2xeon_e-2254mlxeon_e5-2660_v2xeon_e3-1545m_v5xeon_e5-1650_v2_firmwarexeon_gold_6148f_firmwarexeon_w-2123_firmwarexeon_d-2145nt_firmwarexeon_e3-1501m_v6_firmwarexeon_e-2254ml_firmwarexeon_e7-4870_v2xeon_e3-1578l_v5core_i7-6660uxeon_e3-1270_v5xeon_d-1537_firmwarexeon_gold_6126xeon_d-1541_firmwarexeon_e3-1245_v3_firmwarexeon_d-2166nt_firmwarexeon_e3-1260l_v5xeon_e3-1246_v3core_i5-6500_firmwarexeon_e5-2699a_v4xeon_e5-2643_v4xeon_d-1548_firmwarexeon_e-2276mlxeon_gold_6130f_firmwarexeon_e5-2690_v3_firmwarexeon_e7-2870_v2xeon_e7-8860_v3xeon_e-2244gcore_i9-9900kxeon_d-1559_firmwarexeon_e-2176gxeon_e3-1125c_v2_firmwarexeon_e3-1275l_v3xeon_e5-4648_v3_firmwarexeon_e5-2698_v4_firmwarexeon_gold_6142fxeon_e5-2637_v2xeon_e7-4809_v4_firmwarecore_i7-7y75_firmwarexeon_e7-4870_v2_firmwarexeon_platinum_8153_firmwarexeon_e5-2697a_v4_firmwarexeon_e5-4650_v3xeon_e5-2650l_v4xeon_gold_6130xeon_d-1529_firmwarexeon_d-1540_firmwarexeon_e5-1650_v3_firmwarexeon_e7-8850_v2xeon_e5-2695_v2xeon_platinum_8160t_firmwarexeon_e5-4640_v2_firmwarecore_i7-5650u_firmwarexeon_e3-1245_v2xeon_d-2142it_firmwarexeon_e-2278ge_firmwarecore_i5-9500txeon_e5-2470_v2core_i7-8700txeon_d-2143it_firmwarexeon_e3-1280_v5_firmwarexeon_e5-2420_v2core_i7-6820hqxeon_e3-1270_v3_firmwarexeon_e7-4850_v3xeon_silver_4110core_i7-8650uxeon_d-1523n_firmwarexeon_e5-2697_v2xeon_e5-2430_v2xeon_e5-4627_v3_firmwarexeon_gold_5119txeon_e-2286m_firmwarecore_i7-6700txeon_e7-8880l_v2_firmwarecore_i7-6920hqxeon_e5-4669_v3_firmwarexeon_e5-2408l_v3_firmwarexeon_e7-8870_v2_firmwarexeon_e3-1230_v6xeon_e5-2687w_v4_firmwarexeon_e7-8867_v3_firmwarecore_i7-6700_firmwarexeon_e-2234_firmwarexeon_e5-2430l_v2xeon_e5-2628l_v2_firmwarexeon_e3-1245_v2_firmwarexeon_e7-2850_v2xeon_e5-2620_v4xeon_e7-4820_v4_firmwarexeon_gold_6138txeon_e-2186g_firmwarexeon_e3-1276_v3xeon_gold_5120xeon_e-2124gxeon_e5-2618l_v3xeon_e3-1230_v3_firmwarexeon_e3-1270_v3xeon_d-1523nxeon_e5-2608l_v3xeon_e3-1231_v3xeon_e5-4660_v3_firmwarexeon_e-2288gxeon_e7-8880_v2xeon_e7-8891_v2_firmwarexeon_gold_6154_firmwarexeon_e-2234xeon_e7-8860_v4_firmwarexeon_e5-4650_v2xeon_d-1577xeon_silver_4114tcore_i7-9850hcore_i7-9700t_firmwarexeon_e5-4669_v4xeon_platinum_8176_firmwarexeon_gold_6154xeon_d-1543n_firmwarexeon_e5-2640_v4xeon_w-2195_firmwarexeon_e7-8893_v4xeon_gold_5120t_firmwarexeon_e3-1240_v2_firmwarexeon_e5-1650_v3xeon_e5-2630_v2xeon_e3-1276_v3_firmwarexeon_e3-1105c_v2xeon_e7-8891_v3xeon_e5-2640_v3_firmwarecore_m5-6y57xeon_d-1553nxeon_e-2126gxeon_d-1571_firmwarecore_i7-6920hq_firmwarexeon_e5-4620_v3core_i7-9700txeon_silver_4116xeon_e7-4820_v4xeon_e3-1268l_v3_firmwarexeon_e3-1240_v3xeon_e3-1220l_v2_firmwarexeon_e5-2650_v2_firmwarexeon_e5-2695_v3core_i5-6500core_i7-8650u_firmwarexeon_e5-2658_v2_firmwarexeon_d-1518_firmwarexeon_e3-1220_v6core_i9-9900k_firmwarecore_m-5y70_firmwarexeon_w-2135_firmwarexeon_e3-1246_v3_firmwarexeon_e3-1225_v2xeon_e-2186mxeon_e5-2438l_v3_firmwarexeon_gold_6152_firmwarexeon_e5-2603_v2_firmwarexeon_e5-1660_v3xeon_platinum_8176f_firmwarexeon_d-1520xeon_e-2176mxeon_e3-1285_v4xeon_e5-4657l_v2_firmwarexeon_e3-1265l_v3_firmwarexeon_d-2146nt_firmwarexeon_gold_6152xeon_e3-1230_v5_firmwarexeon_e5-2623_v3xeon_e7-4830_v4_firmwarexeon_platinum_8158xeon_e3-1275_v3_firmwarexeon_e5-2418l_v3xeon_e5-2658a_v3xeon_e7-8857_v2xeon_e-2286gxeon_e5-2680_v2_firmwarexeon_e7-2890_v2xeon_w-2125_firmwarexeon_d-1520_firmwarexeon_e3-1268l_v5_firmwarecore_i5-8365u_firmwarexeon_platinum_8176xeon_w-2175_firmwarecore_i7-6700te_firmwarexeon_silver_4112_firmwarexeon_e3-1241_v3_firmwarexeon_e3-1275_v6xeon_e5-4610_v2xeon_e7-4820_v2xeon_d-1531xeon_e-2244g_firmwarexeon_e3-1575m_v5core_i5-6360u_firmwarexeon_e5-2660_v4_firmwarexeon_e-2278gxeon_e5-2650_v4xeon_e3-1505l_v5xeon_d-1533nxeon_e7-8867_v3xeon_e7-8880_v2_firmwarexeon_e5-2450l_v2xeon_e3-1245_v6xeon_gold_6128xeon_w-3175x_firmwarexeon_d-2142itcore_i7-8850hxeon_gold_5118xeon_e5-2695_v4xeon_gold_6130fcore_i5-5350uxeon_e3-1281_v3_firmwarexeon_e5-4624l_v2core_i9-9900_firmwarexeon_e3-1505m_v6_firmwarexeon_e3-1545m_v5_firmwarexeon_gold_6142f_firmwarexeon_e3-1235l_v5xeon_e5-2603_v4xeon_e5-2643_v2xeon_e5-2695_v3_firmwarexeon_e5-1660_v4_firmwarexeon_e5-4628l_v4xeon_e5-2630l_v2_firmwarexeon_e5-2418l_v2xeon_e7-8860_v4core_i5-8500_firmwarexeon_e3-1285l_v3xeon_e5-2650l_v2xeon_e5-2680_v3_firmwarexeon_gold_6138pcore_i5-5300u_firmwarexeon_e5-2430l_v2_firmwarexeon_gold_6138p_firmwarecore_i5-6300u_firmwarexeon_platinum_8176fxeon_e7-4880_v2xeon_e7-8867_v4_firmwarexeon_e3-1240l_v3_firmwarexeon_e7-4850_v2_firmwarecore_i5-9400h_firmwarexeon_e7-8890_v3xeon_e3-1275_v2xeon_e5-2623_v4_firmwarexeon_e3-1285_v4_firmwarexeon_e3-1505l_v5_firmwarexeon_e5-2697_v2_firmwarexeon_d-1543nxeon_d-1528_firmwarexeon_e-2278gel_firmwarecore_i5-5350u_firmwarecore_i5-6360uxeon_e3-1245_v6_firmwarexeon_d-1521xeon_e-2144gcore_i5-9500t_firmwarecore_m5-6y57_firmwarexeon_e5-2637_v3_firmwarexeon_e5-2428l_v2_firmwarexeon_e5-4640_v3xeon_e5-4650_v4_firmwarecore_i5-9600txeon_silver_4110_firmwarecore_i5-8600txeon_e5-1428l_v3core_i7-9700_firmwarexeon_platinum_8180xeon_d-2177ntxeon_e-2146gxeon_e5-2628l_v3_firmwarexeon_e5-2650l_v3xeon_w-2175xeon_e7-2880_v22019.2 IPU – Intel(R) Processor Security
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-0119
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.16% / 37.79%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_board_s7200aphns2600kp_firmwarexeon_d-1627_firmwarehns2600tpnr_firmwarexeon_d-1527xeon_gold_processors_firmwarexeon_silver_processorsxeon_d-1523nserver_board_s2600kphns2600jff_firmwarexeon_d-1540xeon_d-1653nxeon_d-2163it_firmwareserver_board_s2600cw_firmwarexeon_d-1528xeon_d-1637xeon_d-1577xeon_d-1521_firmwarexeon_d-1527_firmwarexeon_d-2141ixeon_d-1557_firmwarexeon_d-1541hns2600bpq24_firmwarexeon_d-1543n_firmwarexeon_d-1518xeon_d-1633n_firmwarehns2600bpb24hns2600tpfrhns2600bpblc24xeon_d-2143ithns7200ap_firmwarexeon_d-2163itxeon_d-1653n_firmwareserver_board_s1200sphns2600kpr_firmwarexeon_d-2161i_firmwarehns2600tpfr_firmwarehns2600jf_firmwarexeon_d-1553nserver_board_s2600st_firmwarehns2600tpfxeon_d-1567_firmwaremfs5000si_firmwarexeon_d-1571_firmwarehns2600tp_firmwarexeon_d-1567server_board_s2600tpxeon_d-1633nhns2600bpbxeon_d-1548xeon_d-2173it_firmwarexeon_d-1649nxeon_d-1529hns7200aprlhns2600tp24str_firmwarehns2600wpq_firmwarexeon_bronze_processorsxeon_d-2191xeon_d-1531_firmwarexeon_d-1518_firmwarexeon_d-2123it_firmwarexeon_platinum_processorsxeon_silver_processors_firmwarehns2600kphns2600kpfxeon_platinum_processors_firmwarehns7200aplhns2400lpxeon_d-1520xeon_d-1571mfs5000sixeon_d-2146nt_firmwareserver_board_s2600sthns2600bpb24_firmwarexeon_d-2173itserver_board_s1200sp_firmwaremfs2600kixeon_d-2123ithns2600tp24strxeon_d-2177nt_firmwarexeon_gold_processorsxeon_d-1627xeon_d-1533n_firmwarexeon_d-1520_firmwareserver_board_s2600wt_firmwarehns2600bpblc24_firmwarexeon_d-1623nxeon_d-1531xeon_d-1602hns7200aphns2600tprserver_board_s2600tp_firmwaremfs5520vir_firmwarehns2600wp_firmwarexeon_d-1539xeon_d-1533nhns2600tpf_firmwareserver_board_s2600cwhns2600bpq_firmwarehns2600bpqmfs5520virxeon_d-2142itserver_board_s2600wthns2600bps_firmwarexeon_d-1622_firmwarexeon_d-1649n_firmwarehns2600bpblcxeon_d-2146ntxeon_d-1577_firmwarexeon_d-2145nt_firmwarehns2600jffhns2600wpqxeon_d-2161ixeon_d-2141i_firmwarehns2600wpxeon_d-2187nthns2600kpfrhns2600kprhns7200apl_firmwarexeon_d-1537_firmwarexeon_bronze_processors_firmwareserver_board_s2600bpxeon_d-1541_firmwarehns2600bpsserver_board_s2600bp_firmwarehns2600bpblc_firmwarexeon_d-2166nt_firmwarehns2600bps24xeon_d-2166nthns2600bpq24xeon_d-1623n_firmwarehns2600tpxeon_d-1548_firmwarehns7200apr_firmwarehns2600tpnrxeon_d-2183ithns2600tpr_firmwarehns2600jfq_firmwarexeon_d-1513nxeon_d-1537xeon_d-2187nt_firmwarexeon_d-1622xeon_d-1559_firmwarexeon_d-1543nxeon_d-1528_firmwarexeon_d-1539_firmwaremfs2600ki_firmwarexeon_d-1559xeon_d-1521hns2600kpfr_firmwareserver_board_s2600wfxeon_d-2145ntxeon_d-2191_firmwarehns7200aprl_firmwarexeon_d-1529_firmwarexeon_d-1540_firmwarexeon_d-1637_firmwarehns2600jfserver_board_s7200ap_firmwarehns7200aprhns2600tp24srserver_board_s2600kp_firmwarehns2400lp_firmwarehns2600wpf_firmwarexeon_d-2142it_firmwarexeon_d-2183it_firmwarehns2600bpb_firmwarehns2600jfqxeon_d-2143it_firmwareserver_system_s9200wkxeon_d-1557server_system_s9200wk_firmwarehns2600tp24rhns2600kpf_firmwarehns2600wpfxeon_d-1513n_firmwarexeon_d-1602_firmwarexeon_d-1523n_firmwareserver_board_s2600wf_firmwarehns2600bps24_firmwarexeon_d-2177ntxeon_d-1553n_firmwarehns2600tp24sr_firmwarehns2600tp24r_firmwareIntel(R) Unified Extensible Firmware Interface (UEFI)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3110
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.04% / 12.12%
||
7 Day CHG~0.00%
Published-12 Oct, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in the Novell Client novfs module for the Linux kernel in SUSE Linux Enterprise 11 SP1 and openSUSE 11.3 allow local users to gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aNovellopenSUSE
Product-suse_linuxopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3084
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.09% / 26.58%
||
7 Day CHG~0.00%
Published-29 Sep, 2010 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-linux_kernelubuntu_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-8920
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 16.05%
||
7 Day CHG~0.00%
Published-28 Jan, 2015 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Data Transfer Program in IBM i Access 5770-XE1 5R4, 6.1, and 7.1 on Windows allows local users to gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-i_accessn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-2489
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.87%
||
7 Day CHG~0.00%
Published-09 Jul, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow local users to gain privileges via a crafted ARGF.inplace_mode value that is not properly handled when constructing the filenames of the backup files.

Action-Not Available
Vendor-n/aRubyMicrosoft Corporation
Product-windowsrubyn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3081
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-14.75% / 94.23%
||
7 Day CHG~0.00%
Published-24 Sep, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)Linux Kernel Organization, IncSUSE
Product-linux_kernelsuse_linux_enterprise_desktopsuse_linux_enterprise_serveresxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 10
  • 11
  • Next
Details not found