Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2016-7440

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-13 Dec, 2016 | 16:00
Updated At-06 Aug, 2024 | 01:57
Rejected At-
Credits

The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:13 Dec, 2016 | 16:00
Updated At:06 Aug, 2024 | 01:57
Rejected At:
▼CVE Numbering Authority (CNA)

The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://wolfssl.com/wolfSSL/Blog/Entries/2016/9/26_wolfSSL_3.9.10_Vulnerability_Fixes.html
x_refsource_CONFIRM
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
x_refsource_CONFIRM
http://www.debian.org/security/2016/dsa-3706
vendor-advisory
x_refsource_DEBIAN
http://www.securityfocus.com/bid/93659
vdb-entry
x_refsource_BID
http://www.securitytracker.com/id/1037050
vdb-entry
x_refsource_SECTRACK
https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/
x_refsource_CONFIRM
Hyperlink: https://wolfssl.com/wolfSSL/Blog/Entries/2016/9/26_wolfSSL_3.9.10_Vulnerability_Fixes.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.debian.org/security/2016/dsa-3706
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.securityfocus.com/bid/93659
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.securitytracker.com/id/1037050
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://wolfssl.com/wolfSSL/Blog/Entries/2016/9/26_wolfSSL_3.9.10_Vulnerability_Fixes.html
x_refsource_CONFIRM
x_transferred
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
x_refsource_CONFIRM
x_transferred
http://www.debian.org/security/2016/dsa-3706
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.securityfocus.com/bid/93659
vdb-entry
x_refsource_BID
x_transferred
http://www.securitytracker.com/id/1037050
vdb-entry
x_refsource_SECTRACK
x_transferred
https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/
x_refsource_CONFIRM
x_transferred
Hyperlink: https://wolfssl.com/wolfSSL/Blog/Entries/2016/9/26_wolfSSL_3.9.10_Vulnerability_Fixes.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.debian.org/security/2016/dsa-3706
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.securityfocus.com/bid/93659
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.securitytracker.com/id/1037050
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:13 Dec, 2016 | 16:59
Updated At:12 Apr, 2025 | 10:46

The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Type: Primary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Primary
Version: 2.0
Base score: 2.1
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
CPE Matches
MariaDB Foundation
mariadb
>>mariadb>>Versions from 5.5.0(inclusive) to 5.5.53(exclusive)
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
MariaDB Foundation
mariadb
>>mariadb>>Versions from 10.0.0(inclusive) to 10.0.28(exclusive)
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
MariaDB Foundation
mariadb
>>mariadb>>Versions from 10.1.0(inclusive) to 10.1.19(exclusive)
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>Versions from 5.5.0(inclusive) to 5.5.52(inclusive)
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>Versions from 5.6.0(inclusive) to 5.6.33(inclusive)
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>Versions from 5.7.0(inclusive) to 5.7.15(inclusive)
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
wolfssl
wolfssl
>>wolfssl>>Versions before 3.9.10(exclusive)
cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.debian.org/security/2016/dsa-3706cve@mitre.org
Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.htmlcve@mitre.org
Patch
Third Party Advisory
http://www.securityfocus.com/bid/93659cve@mitre.org
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037050cve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/cve@mitre.org
Third Party Advisory
https://wolfssl.com/wolfSSL/Blog/Entries/2016/9/26_wolfSSL_3.9.10_Vulnerability_Fixes.htmlcve@mitre.org
Vendor Advisory
http://www.debian.org/security/2016/dsa-3706af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
http://www.securityfocus.com/bid/93659af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037050af854a3a-2127-422b-91ae-364da2661108
Broken Link
Third Party Advisory
VDB Entry
https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://wolfssl.com/wolfSSL/Blog/Entries/2016/9/26_wolfSSL_3.9.10_Vulnerability_Fixes.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: http://www.debian.org/security/2016/dsa-3706
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/93659
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1037050
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://wolfssl.com/wolfSSL/Blog/Entries/2016/9/26_wolfSSL_3.9.10_Vulnerability_Fixes.html
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.debian.org/security/2016/dsa-3706
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/93659
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1037050
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://wolfssl.com/wolfSSL/Blog/Entries/2016/9/26_wolfSSL_3.9.10_Vulnerability_Fixes.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

328Records found
CVE-2022-2905
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 2.83%
||
7 Day CHG~0.00%
Published-09 Sep, 2022 | 00:00
Updated-03 Aug, 2024 | 00:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxRed Hat, Inc.
Product-debian_linuxlinux_kernelenterprise_linuxkernel
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-29647
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 27.26%
||
7 Day CHG~0.00%
Published-30 Mar, 2021 | 20:36
Updated-03 Aug, 2024 | 22:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncFedora ProjectDebian GNU/Linux
Product-debian_linuxlinux_kernelfedoran/a
CWE ID-CWE-909
Missing Initialization of Resource
CVE-2021-29155
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.24% / 46.84%
||
7 Day CHG~0.00%
Published-20 Apr, 2021 | 00:00
Updated-03 Aug, 2024 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncFedora ProjectDebian GNU/Linux
Product-debian_linuxlinux_kernelfedoran/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2007-0296
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.36% / 57.14%
||
7 Day CHG~0.00%
Published-17 Jan, 2007 | 02:00
Updated-07 Aug, 2024 | 12:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.13, 8.47.11, and 8.48.06 has unknown impact and attack vectors in PeopleTools, aka PSE02.

Action-Not Available
Vendor-n/aOracle Corporation
Product-enterpriseonepeoplesoft_enterprisen/a
CVE-2017-10213
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-0.18% / 40.44%
||
7 Day CHG~0.00%
Published-08 Aug, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: WebConnect). The supported version that is affected is 8.10.x. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Hospitality Suite8 executes to compromise Hospitality Suite8. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Hospitality Suite8 accessible data. CVSS 3.0 Base Score 4.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-hospitality_suite8Hospitality Suite8
CVE-2012-5644
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 20.84%
||
7 Day CHG~0.00%
Published-25 Nov, 2019 | 14:28
Updated-06 Aug, 2024 | 21:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libuser has information disclosure when moving user's home directory

Action-Not Available
Vendor-libuser_projectlibuserDebian GNU/LinuxRed Hat, Inc.Fedora Project
Product-debian_linuxenterprise_linuxfedoralibuserlibuser
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2021-32553
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-7.3||HIGH
EPSS-0.04% / 9.56%
||
7 Day CHG~0.00%
Published-12 Jun, 2021 | 03:40
Updated-16 Sep, 2024 | 22:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
apport read_file() function could follow maliciously constructed symbolic links

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users.

Action-Not Available
Vendor-Oracle CorporationCanonical Ltd.
Product-ubuntu_linuxopenjdkapport
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE ID-CWE-61
UNIX Symbolic Link (Symlink) Following
CVE-2020-13397
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 23.03%
||
7 Day CHG~0.00%
Published-22 May, 2020 | 00:00
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEFreeRDPDebian GNU/Linux
Product-freerdpubuntu_linuxdebian_linuxleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-26313
Matching Score-8
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-8
Assigner-Advanced Micro Devices Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 23.82%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 11:23
Updated-16 Sep, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AMD Speculative Code Store Bypass

Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage.

Action-Not Available
Vendor-Xen ProjectAdvanced Micro Devices, Inc.Intel CorporationDebian GNU/LinuxBroadcom Inc.Arm Limited
Product-debian_linuxcore_i7-7700kryzen_5_5600xxeon_silver_4214core_i7-10700kryzen_threadripper_2990wxcortex-a72xenryzen_7_2700xcore_i9-9900kbcm2711All supported processors
CWE ID-CWE-208
Observable Timing Discrepancy
CWE ID-CWE-203
Observable Discrepancy
CVE-2020-11740
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 19.73%
||
7 Day CHG~0.00%
Published-14 Apr, 2020 | 12:18
Updated-04 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. These buffers were not scrubbed.

Action-Not Available
Vendor-n/aFedora ProjectDebian GNU/LinuxopenSUSEXen Project
Product-xendebian_linuxfedoraleapn/a
CWE ID-CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
CVE-2016-5505
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-0.15% / 36.81%
||
7 Day CHG~0.00%
Published-25 Oct, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the RDBMS Programmable Interface component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors.

Action-Not Available
Vendor-n/aOracle Corporation
Product-database_servern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2006-4031
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.26% / 49.45%
||
7 Day CHG~0.00%
Published-09 Aug, 2006 | 22:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.

Action-Not Available
Vendor-mysqln/aOracle Corporation
Product-mysqln/a
CVE-2021-2353
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.4||MEDIUM
EPSS-0.19% / 40.73%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:43
Updated-26 Sep, 2024 | 14:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Siebel Core - Server Framework product of Oracle Siebel CRM (component: Loging). Supported versions that are affected are 21.5 and Prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Siebel Core - Server Framework executes to compromise Siebel Core - Server Framework. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Siebel Core - Server Framework accessible data. CVSS 3.1 Base Score 4.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-siebel_core_-_server_frameworkSiebel Core - Server Framework
CVE-2014-6551
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.1||LOW
EPSS-0.16% / 37.92%
||
7 Day CHG~0.00%
Published-15 Oct, 2014 | 22:03
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.

Action-Not Available
Vendor-n/aSUSEOracle CorporationMariaDB Foundation
Product-solarismariadbmysqllinux_enterprise_desktoplinux_enterprise_workstation_extensionlinux_enterprise_serverlinux_enterprise_software_development_kitn/a
CVE-2021-2321
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6||MEDIUM
EPSS-0.07% / 22.73%
||
7 Day CHG~0.00%
Published-28 Apr, 2021 | 21:00
Updated-26 Sep, 2024 | 14:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-2306
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6||MEDIUM
EPSS-0.08% / 23.89%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 21:54
Updated-26 Sep, 2024 | 14:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2021-2285
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.1||HIGH
EPSS-0.13% / 32.58%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 21:53
Updated-26 Sep, 2024 | 14:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2006-1844
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.07% / 21.56%
||
7 Day CHG~0.00%
Published-19 Apr, 2006 | 16:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges.

Action-Not Available
Vendor-n/aDebian GNU/Linux
Product-base-configshadown/a
CVE-2014-5270
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.07% / 22.52%
||
7 Day CHG~0.00%
Published-10 Oct, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed metal, a different vector than CVE-2013-4576.

Action-Not Available
Vendor-gnupgn/aDebian GNU/Linux
Product-libgcryptdebian_linuxn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2021-2266
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6||MEDIUM
EPSS-0.07% / 23.01%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 21:53
Updated-26 Sep, 2024 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2021-21781
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-4||MEDIUM
EPSS-0.01% / 1.84%
||
7 Day CHG~0.00%
Published-18 Aug, 2021 | 14:37
Updated-03 Aug, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process’s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncOracle Corporation
Product-communications_cloud_native_core_binding_support_functioncommunications_cloud_native_core_policylinux_kernelcommunications_cloud_native_core_network_exposure_functionLinux Kernel
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2021-2282
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.1||HIGH
EPSS-0.11% / 29.35%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 21:53
Updated-26 Sep, 2024 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2006-0369
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.12% / 32.37%
||
7 Day CHG~0.00%
Published-22 Jan, 2006 | 20:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views;" query, which returns the query that created the VIEW. NOTE: this issue has been disputed by third parties, saying that the availability of the schema is a normal and sometimes desired aspect of database access

Action-Not Available
Vendor-n/aOracle Corporation
Product-mysqln/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2019-11884
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-0.10% / 27.56%
||
7 Day CHG~0.00%
Published-10 May, 2019 | 21:53
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character.

Action-Not Available
Vendor-n/aFedora ProjectCanonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_server_ausfedoraenterprise_linuxenterprise_linux_eusenterprise_linux_for_real_time_tusenterprise_linux_server_tusenterprise_linux_for_real_time_for_nfv_tusenterprise_linux_for_real_timeleapn/a
CVE-2014-3615
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.09% / 26.75%
||
7 Day CHG~0.00%
Published-01 Nov, 2014 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.

Action-Not Available
Vendor-n/aopenSUSEQEMURed Hat, Inc.Debian GNU/LinuxCanonical Ltd.
Product-enterprise_linuxenterprise_linux_serverenterprise_linux_server_ausqemuvirtualizationenterprise_linux_eusopensuseenterprise_linux_desktopubuntu_linuxenterprise_linux_server_tusenterprise_linux_workstationdebian_linuxopenstackn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2019-11833
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 2.62%
||
7 Day CHG~0.00%
Published-15 May, 2019 | 12:19
Updated-04 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.

Action-Not Available
Vendor-n/aFedora ProjectCanonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncDebian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_for_real_time_for_nfv_tusenterprise_linux_server_ausenterprise_linux_workstationfedoraenterprise_linuxenterprise_linux_eusenterprise_linux_for_real_time_for_nfventerprise_linux_for_real_time_tusenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_for_real_timen/a
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2016-2178
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.38% / 58.77%
||
7 Day CHG~0.00%
Published-20 Jun, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.

Action-Not Available
Vendor-n/aNode.js (OpenJS Foundation)SUSEOpenSSLDebian GNU/LinuxOracle CorporationCanonical Ltd.
Product-solarisubuntu_linuxopenssldebian_linuxlinuxlinux_enterprisenode.jsn/a
CWE ID-CWE-203
Observable Discrepancy
CVE-2022-26966
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 5.03%
||
7 Day CHG-0.01%
Published-12 Mar, 2022 | 21:30
Updated-03 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-h300eh500sactive_iq_unified_managerh300s_firmwareh410sh300sh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwareh700s_firmwareh500s_firmwareh500e_firmwareh700eh700e_firmwareh700sn/a
CVE-2023-4569
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 1.39%
||
7 Day CHG~0.00%
Published-28 Aug, 2023 | 21:46
Updated-27 Feb, 2025 | 21:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: information leak in nft_set_catchall_flush in net/netfilter/nf_tables_api.c

A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, IncRed Hat, Inc.Fedora Project
Product-debian_linuxlinux_kernelenterprise_linuxRed Hat Enterprise Linux 9FedoraRed Hat Enterprise Linux 7KernelRed Hat Enterprise Linux 8Red Hat Enterprise Linux 6
CWE ID-CWE-402
Transmission of Private Resources into a New Sphere ('Resource Leak')
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2004-1349
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.11% / 29.77%
||
7 Day CHG~0.00%
Published-19 Jan, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files.

Action-Not Available
Vendor-n/aOracle CorporationGNU
Product-solarisgzipn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-2123
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-3.2||LOW
EPSS-0.04% / 12.38%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 14:50
Updated-26 Sep, 2024 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2021-2128
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 35.31%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 14:50
Updated-26 Sep, 2024 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2001-0170
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.26% / 49.25%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.

Action-Not Available
Vendor-conectivaimmunixn/aDebian GNU/LinuxRed Hat, Inc.
Product-immunixdebian_linuxlinuxn/a
CVE-2020-10685
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-0.13% / 32.95%
||
7 Day CHG~0.00%
Published-11 May, 2020 | 00:00
Updated-04 Aug, 2024 | 11:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.
Product-ceph_storagedebian_linuxopenstackstorageansible_engineansible_towerAnsible
CWE ID-CWE-459
Incomplete Cleanup
CVE-2020-10756
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.04% / 8.70%
||
7 Day CHG~0.00%
Published-09 Jul, 2020 | 15:34
Updated-04 Aug, 2024 | 11:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1.

Action-Not Available
Vendor-libslirp_projectn/aCanonical Ltd.Red Hat, Inc.openSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxopenstackenterprise_linuxlibslirpleapSlirp
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-26373
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.28% / 50.63%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 00:00
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel CorporationDebian GNU/Linux
Product-core_i3-10100xeon_gold_6300_firmwarecore_i9-7900xxeon_d-1548xeon_d-2733nt_firmwarecore_i7-10510yceleron_g5900t_firmwarecore_i7-7820x_firmwarexeon_platinum_8260yxeon_d-1633ncore_i9-9800x_firmwarexeon_d-1653nxeon_d-2173it_firmwarexeon_d-2145nt_firmwarexeon_w-1270p_firmwarecore_i7-10710u_firmwarecore_i9-11900_firmwarecore_i9-10900_firmwarexeon_gold_5300core_i9-9960xcore_i5-1155g7_firmwarexeon_gold_5218txeon_e-2374gxeon_platinum_8353hxeon_d-1749nt_firmwarecore_i5-1235ucore_i7-9700k_firmwarecore_i5-11260hxeon_d-1557_firmwarexeon_platinum_8280_firmwarexeon_e-2374g_firmwarexeon_gold_5218nxeon_d-2163it_firmwarexeon_silver_4209t_firmwarepentium_gold_g6405u_firmwarexeon_w-2295_firmwarexeon_d-1531core_i7-10875h_firmwarepentium_gold_g6605xeon_silver_4214cxeon_d-1533n_firmwarecore_i9-9900kf_firmwarexeon_silver_4214yxeon_e-2278gexeon_w-10855mxeon_d-2177ntpentium_gold_g6505celeron_g5925xeon_w-3275_firmwarecore_i9-11900kfxeon_d-2786nte_firmwarexeon_platinum_8270_firmwarexeon_gold_6230tcore_i5-10600t_firmwarexeon_silver_4210rxeon_w-1270core_i3-l13g4pentium_gold_g6400core_i5-10300h_firmwarexeon_d-2775te_firmwarexeon_w-3235xeon_d-1573n_firmwarexeon_d-1571_firmwarecore_i9-10900tcore_i7-11700k_firmwarecore_i5-8200ycore_i5-10500t_firmwarecore_i9-10900kcore_i5-10600_firmwarexeon_gold_5220rcore_i7-10700tecore_i7-12700kfxeon_gold_6226r_firmwarexeon_w-11955mcore_i9-12900_firmwarecore_i5-12600h_firmwarecore_i5-10400txeon_w-1290ecore_i5-11400fdebian_linuxceleron_g5925_firmwarecore_i7-1185g7core_i7-9700kfxeon_d-2796texeon_d-1541_firmwareceleron_6600hecore_i9-10900xxeon_d-2798nxxeon_gold_6328hl_firmwarexeon_gold_6256_firmwarexeon_platinum_9221core_i5-12400fcore_i7-1260uxeon_w-1290te_firmwarexeon_d-2142itcore_i9-11980hk_firmwarexeon_platinum_9222_firmwarecore_i5-10110y_firmwarecore_i9-10900te_firmwareceleron_7305_firmwarecore_i9-11900kcore_i9-12900hkcore_i5-12450hcore_i5-10600kfxeon_d-1726xeon_w-10855_firmwareceleron_g6900pentium_gold_g6600_firmwarecore_i7-10700_firmwarexeon_d-1735tr_firmwarecore_i5-1035g1_firmwarecore_i3-1005g1xeon_d-2777nxpentium_gold_8500_firmwarexeon_d-2752nte_firmwarecore_i7-1185gre_firmwarexeon_d-2796nt_firmwarecore_i9-10850hxeon_d-1637core_i5-8210y_firmwarecore_i5-9400fcore_i5-11320h_firmwarecore_i7-10700kf_firmwarexeon_d-1539_firmwarecore_i9-12900core_i7-12650h_firmwarexeon_gold_6238core_i7-1270p_firmwarecore_i5-12500core_i5-11600kfxeon_d-1602core_i5-8365uceleron_g5900_firmwarexeon_platinum_8376hxeon_w-2245xeon_d-2799core_i7-12700xeon_d-1563n_firmwarexeon_d-2145ntxeon_platinum_8256xeon_w-2275_firmwarecore_i5-9600kfcore_i7-12700t_firmwarexeon_e-2288g_firmwarexeon_d-2163itcore_i3-11100he_firmwarepentium_gold_g7400xeon_gold_6254_firmwarecore_i3-1120g4xeon_gold_5220_firmwarecore_i5-12500h_firmwarecore_i5-11400hcore_i9-11900hxeon_w-2235_firmwarexeon_gold_6328hlxeon_d-1623ncore_i7-1185g7exeon_gold_6230n_firmwarecore_i3-12100tcore_i7-10810ucore_i3-10300txeon_silver_4208_firmwarexeon_d-1521core_i5-1130g7xeon_d-1713nt_firmwarexeon_e-2378g_firmwarecore_i9-11900core_i5-9600kcore_i5-8265ucore_i9-9900kfxeon_gold_5218r_firmwarecore_i7-12700kf_firmwarecore_i7-10700txeon_silver_4300core_i3-12100f_firmwarecore_i5-1240p_firmwarecore_i7-9700kf_firmwarecore_i5-1145g7core_i5-9300hxeon_silver_4214y_firmwarecore_i7-10750hcore_i9-10850kpentium_gold_g6405xeon_d-2143itxeon_silver_4209tcore_i7-7640xxeon_d-2753ntpentium_gold_8505_firmwarecore_i7-1160g7_firmwarexeon_w-1390_firmwarexeon_gold_6212uxeon_d-1632_firmwarepentium_gold_g6400tcore_i7-11850h_firmwarexeon_gold_5300_firmwarecore_i9-11900fxeon_d-1612_firmwarexeon_gold_6238m_firmwarexeon_silver_4215xeon_d-2177nt_firmwarexeon_gold_6230ncore_i5-8365u_firmwarecore_i9-10920xcore_i9-11950hxeon_d-1563nxeon_platinum_8280l_firmwarexeon_d-1712tr_firmwarecore_i7-1195g7core_i9-10885hxeon_d-1739_firmwarexeon_e-2386gcore_i7-1165g7core_i5-11400_firmwarexeon_gold_6242_firmwareceleron_6305core_i7-11850hecore_i7-1260p_firmwarecore_i3-1215u_firmwarepentium_gold_g6605_firmwarexeon_d-1733nt_firmwarecore_i7-10750h_firmwarecore_i5-11400xeon_w-1290tecore_i9-9820x_firmwarecore_i5-1145g7ecore_i3-1115gre_firmwarexeon_w-3265_firmwarexeon_d-2142it_firmwarexeon_d-2779_firmwarecore_i5-1030g7xeon_d-1602_firmwarecore_i5-1230u_firmwarexeon_platinum_8376hl_firmwarexeon_platinum_8360hxeon_d-2733ntcore_i9-10980hkxeon_gold_6230t_firmwarecore_i3-1000g1_firmwarexeon_gold_5218_firmwarexeon_d-1559_firmwarecore_i9-10900t_firmwarecore_i7-10700k_firmwarexeon_silver_4210txeon_w-3275m_firmwarepentium_gold_g6505_firmwarecore_i5-11400f_firmwarecore_i3-10305_firmwarexeon_d-2777nx_firmwarecore_i3-10325_firmwarecore_i7-10510y_firmwareceleron_g5905t_firmwarecore_i9-11900k_firmwarecore_i7-1185g7_firmwarecore_i7-11800h_firmwarexeon_d-2795ntcore_i7-1180g7_firmwareceleron_6600he_firmwarecore_i7-1060g7_firmwarecore_i7-1280pcore_i7-8500yxeon_d-2779xeon_w-3245m_firmwarexeon_platinum_8276_firmwarexeon_gold_6330h_firmwarecore_i9-11900t_firmwarecore_i9-7960xxeon_silver_4214c_firmwarecore_i3-1110g4_firmwarexeon_w-1370xeon_d-1715terxeon_d-1559xeon_platinum_9242_firmwarecore_i5-12600txeon_gold_6258r_firmwarepentium_gold_g6405t_firmwarexeon_platinum_8280m_firmwarexeon_d-1537core_i3-10320_firmwarecore_i7-1260u_firmwarexeon_gold_6230_firmwarexeon_gold_5218bxeon_platinum_8360hl_firmwarexeon_gold_6328hxeon_d-1734nt_firmwarecore_i7-1180g7core_i5-12400xeon_e-2288gxeon_w-1370pxeon_gold_6254xeon_gold_5218rcore_i3-10320xeon_d-2752ntecore_i3-12300t_firmwarecore_i7-1255u_firmwarecore_i3-10105fxeon_w-1390t_firmwarexeon_gold_5215m_firmwarexeon_w-2235xeon_platinum_8260mxeon_gold_5320h_firmwarexeon_d-1649ncore_i7-10875hxeon_w-3225core_i7-1195g7_firmwarexeon_d-1540xeon_d-1736nt_firmwarecore_i3-11100hecore_i5-10400hpentium_gold_7505xeon_d-2712t_firmwarecore_i7-12700kcore_i5-9600kf_firmwarexeon_d-1513nxeon_w-10885mcore_i5-10505_firmwarexeon_gold_6234_firmwarexeon_d-1527core_i5-12600_firmwarecore_i9-9940xpentium_gold_g6500_firmwarecore_i9-9900xxeon_d-2745nxcore_i9-7940xxeon_gold_5220r_firmwarecore_i5-10110ycore_i7-1255uxeon_platinum_8380hlxeon_platinum_9220_firmwarecore_i5-12600hxeon_platinum_8260l_firmwarecore_i7-8500y_firmwarecore_i9-11900kf_firmwarexeon_d-1748te_firmwarexeon_silver_4214core_i7-12700hxeon_w-3235_firmwarexeon_platinum_9222core_i3-10105tcore_i9-9900k_firmwarecore_i5-11300hcore_i7-10510u_firmwareceleron_g5905_firmwarexeon_gold_5220sxeon_platinum_8260core_i7-7800x_firmwarecore_i3-1000g4core_i3-10105t_firmwarecore_i5-10400h_firmwarecore_i9-12900kf_firmwarecore_i9-10900kfcore_i7-11390h_firmwarexeon_d-2146ntxeon_d-1713ntcore_i9-9980hk_firmwarecore_i3-10100tpentium_gold_g6600xeon_d-2752tercore_i9-9980hkcore_i5-12500hxeon_w-1390txeon_silver_4216core_i5-1035g4_firmwarecore_i5-1140g7xeon_d-2757nx_firmwarecore_i7-10610ucore_i7-12700k_firmwarecore_i3-1220p_firmwarecore_i7-9850h_firmwarexeon_platinum_8276lcore_i7-11700kfcore_i7-11700_firmwarecore_i7-7740xxeon_d-2795nt_firmwarexeon_d-1713nte_firmwarecore_i7-11375hcore_i9-10850h_firmwarepentium_gold_g7400_firmwarecore_i5-11500txeon_platinum_9221_firmwarecore_i9-9920x_firmwarecore_i9-12900h_firmwarecore_i5-11400h_firmwarecore_i5-9400xeon_d-1521_firmwarecore_i7-1185grexeon_w-1290t_firmwareceleron_g6900_firmwarexeon_gold_6209u_firmwarecore_i9-7920x_firmwarexeon_platinum_8356h_firmwarecore_i3-10325xeon_e-2356gxeon_d-1557xeon_platinum_8276l_firmwarecore_i5-1145gre_firmwarexeon_platinum_8380hcore_i3-10105f_firmwarexeon_gold_6262v_firmwarecore_i3-1210uxeon_w-3245mcore_i5-12600xeon_d-2752ter_firmwarexeon_d-1637_firmwarexeon_e-2334core_i7-9850hcore_i5-12600k_firmwarexeon_w-1350core_i3-10110u_firmwarecore_i5-1035g1xeon_platinum_8276m_firmwarecore_i7-11850hxeon_w-1290core_i9-11900f_firmwarexeon_gold_6226_firmwarexeon_silver_4210core_i3-10110ucore_i7-8665u_firmwarecore_i5-8310y_firmwarecore_i7-1250ucore_i9-10885h_firmwarexeon_e-2314_firmwarexeon_gold_6250l_firmwarexeon_w-2223_firmwarexeon_gold_6234xeon_d-1718t_firmwarecore_i5-11500_firmwarexeon_gold_6252n_firmwarexeon_gold_6240y_firmwarexeon_w-1350pxeon_d-2143it_firmwarexeon_w-1250core_i9-10900core_i7-1065g7_firmwarecore_i9-12900hcore_i5-1145g7_firmwarexeon_w-3245_firmwarecore_i7-11800hcore_i7-11370h_firmwarecore_i7-11375h_firmwarecore_i3-10300xeon_w-1290p_firmwarexeon_w-1250p_firmwarexeon_bronze_3204_firmwarecore_i9-9960x_firmwarexeon_d-1736ntceleron_g5920core_i7-8565ucore_i9-10940x_firmwarexeon_d-1747ntexeon_bronze_3206r_firmwarecore_i5-11500h_firmwarecore_i5-1240pxeon_silver_4215r_firmwarecore_i7-10870hcore_i7-10510ucore_i3-10100fxeon_w-1290pceleron_5305u_firmwareceleron_6305_firmwarecore_i5-8310ycore_i9-12900txeon_d-1523n_firmwarecore_i5-12500txeon_gold_5217xeon_d-2183it_firmwarecore_i3-10300_firmwarecore_i7-9750hf_firmwarexeon_w-3245core_i5-12600t_firmwarexeon_e-2324gcore_i5-12400_firmwarexeon_gold_6210upentium_gold_8500core_i5-1250pxeon_d-1548_firmwarecore_i5-8265u_firmwarexeon_platinum_8380h_firmwarecore_i5-10210uxeon_d-1528xeon_w-2295core_i5-11300h_firmwarecore_i5-10500core_i7-7740x_firmwarecore_i9-9800xpentium_gold_g6405tceleron_g5900tcore_i7-12800h_firmwarexeon_gold_5215core_i5-11600_firmwarecore_i5-10400t_firmwarecore_i7-12650hxeon_d-1622_firmwarexeon_d-1527_firmwarexeon_d-1531_firmwarecore_i9-7920xxeon_d-1633n_firmwarecore_i3-10100_firmwarecore_i9-7960x_firmwarexeon_d-1513n_firmwarexeon_platinum_8260y_firmwarexeon_d-2798nx_firmwarecore_i5-1030g4_firmwarecore_i9-10900tecore_i5-11600kxeon_e-2378core_i7-7820xcore_i3-1115g4ecore_i5-10600tcore_i5-10600kf_firmwarexeon_d-1747nte_firmwarexeon_platinum_8260m_firmwarexeon_w-3275mcore_i7-7800xxeon_d-1726_firmwarexeon_w-1290_firmwarexeon_e-2386g_firmwarexeon_gold_6250lxeon_gold_6209ucore_i5-9400hcore_i9-10900e_firmwarexeon_d-2191_firmwarexeon_e-2278g_firmwarecore_i9-9920xceleron_g5205u_firmwarexeon_platinum_8253xeon_d-2146nt_firmwarexeon_gold_6252npentium_gold_g6505txeon_e-2278gel_firmwarexeon_d-1518_firmwarexeon_platinum_8376h_firmwarecore_i9-12900k_firmwarexeon_gold_6240mcore_i3-1120g4_firmwarexeon_d-1715ter_firmwarexeon_platinum_8280pentium_gold_g6500txeon_gold_6238l_firmwarexeon_d-2745nx_firmwarecore_i5-1230ucore_i3-10100t_firmwarecore_i7-10700f_firmwarexeon_w-2255_firmwarexeon_gold_5220t_firmwarexeon_gold_6252core_i3-10105core_i5-1140g7_firmwarecore_i3-12300_firmwarecore_i3-1215ucore_i5-11400tcore_i7-11700kxeon_gold_6246core_i9-10900kf_firmwarecore_i7-10810u_firmwarexeon_silver_4214rxeon_w-1350_firmwarecore_i9-10920x_firmwarecore_i9-10940xxeon_platinum_8300_firmwarecore_i9-9880h_firmwarexeon_silver_4210r_firmwarexeon_w-3265m_firmwarexeon_d-1577_firmwarepentium_gold_g6400t_firmwarexeon_e-2334_firmwarexeon_gold_6230rxeon_platinum_8360hlcore_i7-10700kfxeon_d-1748tecore_i9-12900t_firmwarexeon_platinum_8280mcore_i3-l13g4_firmwarecore_i5-12400t_firmwarexeon_d-2187ntxeon_d-2775teceleron_g5905xeon_d-1518core_i7-1065g7core_i5-11600kf_firmwarexeon_w-1370p_firmwarexeon_silver_4208xeon_gold_5318hxeon_gold_6210u_firmwarexeon_w-1270_firmwarepentium_gold_g7400tcore_i3-1000g1core_i5-1130g7_firmwarexeon_w-2225xeon_silver_4210t_firmwarepentium_gold_7505_firmwarexeon_gold_5218t_firmwarecore_i9-11900h_firmwarecore_i5-9400f_firmwarexeon_e-2356g_firmwarecore_i3-10305t_firmwarexeon_gold_5215lcore_i3-1220pcore_i5-12400txeon_w-10855m_firmwarecore_i7-12700tcore_i9-10850k_firmwarexeon_gold_5217_firmwarexeon_platinum_8253_firmwarexeon_d-1718tcore_i7-10700core_i5-1135g7_firmwarecore_i9-11950h_firmwarexeon_d-2753nt_firmwarecore_i7-1265u_firmwareceleron_7300xeon_w-1350p_firmwarecore_i7-10610u_firmwarecore_i3-1115g4_firmwarexeon_d-1533ncore_i5-1145grexeon_w-3265mxeon_gold_6240lxeon_d-1529_firmwarexeon_gold_6248core_i5-1135g7core_i5-11600k_firmwarecore_i9-9940x_firmwarexeon_gold_6258rxeon_d-1712trcore_i3-1115g4xeon_w-1270pxeon_e-2378_firmwarexeon_gold_6240l_firmwarexeon_d-1736_firmwarexeon_platinum_9282core_i5-10400xeon_d-2173itxeon_d-2161ixeon_d-2766ntxeon_w-1250pxeon_silver_4215_firmwarecore_i7-10870h_firmwarecore_i5-1155g7pentium_gold_8505xeon_d-2123itcore_i7-9700kcore_i5-1245u_firmwarecore_i7-11700kf_firmwarepentium_gold_g6405_firmwarecore_i9-12900hk_firmwarexeon_gold_6252_firmwarecore_i7-7640x_firmwarecore_i7-12700fcore_i3-1110g4core_i3-12100fcore_i7-1250u_firmwarexeon_bronze_3206rxeon_d-1722necore_i5-1235u_firmwarexeon_d-2776ntxeon_w-3275xeon_gold_6240xeon_d-2161i_firmwarecore_i5-8200y_firmwarecore_i7-10700te_firmwarecore_i7-10700exeon_gold_5220xeon_platinum_8256_firmwarecore_i7-1260pceleron_g5305uxeon_platinum_9220core_i3-10100texeon_gold_6348h_firmwareceleron_g5205uxeon_e-2388gcore_i5-10210u_firmwarecore_i7-11390hxeon_platinum_8268xeon_d-2786ntexeon_d-1537_firmwarexeon_d-2796te_firmwareceleron_g5905txeon_d-2191xeon_gold_6240rcore_i3-10100te_firmwarexeon_gold_6238_firmwarexeon_gold_6240m_firmwarexeon_gold_6330hxeon_d-1612xeon_silver_4215rcore_i9-12900fxeon_d-1540_firmwarexeon_e-2278gcore_i5-10600k_firmwarecore_i9-10900eceleron_g6900tcore_i9-11980hkxeon_d-1553n_firmwarecore_i5-l16g7_firmwarexeon_w-3265core_m3-8100y_firmwarecore_i5-10500tecore_i7-12700f_firmwarecore_i7-12700_firmwarecore_i5-10210y_firmwarecore_i5-11500core_i7-11700xeon_d-2798ntcore_i5-10500tcore_i5-10600xeon_w-2245_firmwarecore_i5-10500_firmwarecore_i7-1265ucore_i5-10310yxeon_gold_6208uxeon_d-1736xeon_d-2738core_i5-10310y_firmwarexeon_d-1567_firmwarecore_i3-12300pentium_gold_g6500t_firmwarecore_i5-11500t_firmwarexeon_e-2388g_firmwarexeon_gold_6230r_firmwarexeon_d-1749ntxeon_gold_6242pentium_gold_g6405ucore_i7-10700kcore_i3-12300txeon_e-2336xeon_d-1627xeon_gold_6246_firmwarexeon_platinum_8260_firmwarecore_i5-12450h_firmwarexeon_e-2286mcore_i9-9880hcore_i5-1240uxeon_gold_6250_firmwareceleron_7305core_i5-11600t_firmwarexeon_d-1623n_firmwarecore_i7-11370hxeon_gold_6244_firmwarexeon_d-1702xeon_d-1722ne_firmwarecore_i5-12500_firmwarexeon_d-1528_firmwarecore_i5-1035g4core_i5-l16g7core_i5-11500hcore_i9-12900kcore_i5-11600txeon_platinum_8276mxeon_d-1732te_firmwarecore_i5-10200hcore_i9-9900kxeon_platinum_8276xeon_d-1529xeon_gold_6240_firmwarexeon_gold_5220tcore_i3-1210u_firmwarecore_i7-1160g7core_i5-12600kfcore_i5-10400fxeon_gold_6244xeon_w-2265_firmwarexeon_w-3223_firmwarexeon_gold_6242rxeon_e-2324g_firmwarexeon_e-2278ge_firmwarecore_i5-1035g7_firmwarexeon_w-2275pentium_gold_g6400_firmwarexeon_w-10855xeon_w-2265xeon_gold_6226rcore_i5-9400_firmwarexeon_d-1564n_firmwarecore_i3-12100t_firmwarexeon_w-10885m_firmwarexeon_bronze_3204core_i9-12900kfcore_i9-9820xxeon_d-1714xeon_d-1567xeon_e-2286m_firmwarexeon_gold_5218b_firmwarexeon_platinum_8354hxeon_gold_6348hxeon_gold_6248_firmwarecore_i7-11850he_firmwarecore_i7-9750hfxeon_d-2141ixeon_d-1581_firmwarexeon_d-2141i_firmwarexeon_silver_4214r_firmwareceleron_6305e_firmwarecore_i5-1245uxeon_d-2776nt_firmwarecore_i5-1035g7core_i5-9300h_firmwarexeon_d-1734ntxeon_w-11855mxeon_gold_6240yceleron_g5900xeon_gold_6238lxeon_gold_5218n_firmwarexeon_w-1390xeon_gold_6328h_firmwarecore_i7-11700t_firmwarexeon_gold_5318h_firmwarecore_i3-1115grecore_i5-11600core_i7-11700fxeon_d-1587core_i7-8665ucore_i7-1270pcore_i3-10305txeon_d-2183itxeon_d-2123it_firmwarecore_i9-7940x_firmwarecore_i5-12500t_firmwarexeon_w-1370_firmwarexeon_d-1649n_firmwarexeon_d-1524nxeon_d-2712txeon_gold_5320hcore_i5-1240u_firmwarecore_i5-10600kcore_i9-12900f_firmwarecore_i9-7900x_firmwarexeon_gold_5222core_i7-10850hxeon_gold_6256xeon_d-1523ncore_i3-1005g1_firmwarecore_i3-12100_firmwarecore_i9-9900x_firmwarecore_i5-12600kf_firmwarecore_i5-10500te_firmwarexeon_w-1290e_firmwarexeon_d-1520core_i5-1145g7e_firmwarecore_i3-10300t_firmwarexeon_d-2187nt_firmwarexeon_d-1524n_firmwarexeon_w-1390p_firmwarexeon_platinum_8280lxeon_w-11955m_firmwarecore_i3-10100f_firmwarecore_i9-10900f_firmwarecore_m3-8100yxeon_platinum_8356hcore_i7-12700h_firmwarecore_i7-1280p_firmwarexeon_d-1543nxeon_d-1541xeon_d-1543n_firmwarexeon_d-2799_firmwarecore_i7-11700txeon_d-1564nxeon_gold_5222_firmwarexeon_d-1622xeon_d-1520_firmwarexeon_d-1732texeon_platinum_9242celeron_7300_firmwarecore_i7-10700e_firmwarecore_i5-1030g7_firmwarexeon_w-2223pentium_gold_g7400t_firmwarecore_i7-1185g7e_firmwarexeon_gold_6238tcore_i9-11900tcore_i5-11260h_firmwarecore_i5-9400h_firmwarecore_i5-8210ycore_i5-10400f_firmwarecore_i7-1060g7xeon_gold_6240r_firmwarecore_i7-8565u_firmwarexeon_w-11855m_firmwarexeon_gold_6212u_firmwarexeon_gold_6208u_firmwarexeon_gold_6300core_i5-11400t_firmwarexeon_d-1587_firmwarecore_i7-10700t_firmwarexeon_platinum_9282_firmwarexeon_d-2796ntxeon_platinum_8260lxeon_platinum_8270xeon_gold_6250xeon_d-1713ntexeon_d-1739celeron_6305exeon_w-1290txeon_e-2336_firmwarexeon_gold_6226core_i3-10105_firmwarecore_i5-11320hxeon_d-1577xeon_d-1735trxeon_silver_4214_firmwarexeon_platinum_8268_firmwarecore_i7-10850h_firmwarexeon_d-2766nt_firmwarexeon_d-2757nxxeon_e-2314xeon_d-2166ntcore_i3-10305xeon_w-1390pxeon_d-1539xeon_gold_5215mcore_i5-10505core_i5-1250p_firmwarexeon_silver_4300_firmwarecore_i3-12100xeon_platinum_8360h_firmwarexeon_w-2255core_i9-10900x_firmwarexeon_gold_6262vxeon_platinum_8354h_firmwarexeon_gold_5215_firmwarexeon_gold_5220s_firmwarexeon_d-1746ter_firmwarexeon_d-1581xeon_platinum_8300core_i5-10210ycore_i3-1000g4_firmwarecore_i5-10300hcore_i7-10710ucore_i7-1165g7_firmwarexeon_silver_4210_firmwarexeon_d-1627_firmwarexeon_d-1702_firmwarexeon_platinum_8380hl_firmwarexeon_d-1733ntxeon_gold_5218pentium_gold_g6500xeon_gold_6238mcore_i5-12400f_firmwareceleron_g5920_firmwareceleron_5305uxeon_gold_6238rxeon_w-1250_firmwarecore_i7-11700f_firmwarexeon_d-1653n_firmwarecore_i3-1125g4_firmwarecore_i9-10900fcore_i3-1125g4xeon_e-2278gelxeon_w-3225_firmwarexeon_d-1553ncore_i5-1030g4xeon_gold_6222v_firmwarexeon_e-2378gcore_i5-10200h_firmwarexeon_d-2798nt_firmwarexeon_gold_6238r_firmwarexeon_d-1573ncore_i5-12600kcore_i9-10980hk_firmwarexeon_d-1632xeon_d-2166nt_firmwarecore_i5-10400_firmwarexeon_w-3223xeon_gold_6242r_firmwarecore_i7-12800hceleron_g6900t_firmwarepentium_gold_g6505t_firmwarexeon_platinum_8376hlceleron_g5305u_firmwarexeon_gold_6222vxeon_silver_4216_firmwarexeon_d-1746tercore_i7-10700fxeon_d-1571core_i3-1115g4e_firmwarecore_i5-9600k_firmwarecore_i9-10900k_firmwarexeon_gold_5215l_firmwarexeon_gold_6238t_firmwarexeon_d-2738_firmwarexeon_platinum_8353h_firmwarexeon_w-2225_firmwarexeon_gold_6230xeon_d-1714_firmwareIntel(R) Processors
CVE-2014-0083
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 20.59%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 13:57
Updated-06 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords.

Action-Not Available
Vendor-net-ldap_projectruby-net-ldapDebian GNU/Linux
Product-net-ldapdebian_linuxruby-net-ldap
CWE ID-CWE-916
Use of Password Hash With Insufficient Computational Effort
CVE-2021-2120
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6||MEDIUM
EPSS-0.07% / 22.72%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 14:50
Updated-26 Sep, 2024 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2021-2119
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6||MEDIUM
EPSS-3.17% / 86.43%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 14:50
Updated-26 Sep, 2024 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-1999-1572
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.11% / 30.36%
||
7 Day CHG~0.00%
Published-29 Jan, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.

Action-Not Available
Vendor-n/aUbuntuDebian GNU/LinuxRed Hat, Inc.FreeBSD FoundationMandriva (Mandrakesoft)
Product-ubuntu_linuxenterprise_linux_desktopdebian_linuxfreebsdenterprise_linuxmandrake_linuxn/a
CVE-2011-3570
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.1||LOW
EPSS-0.07% / 21.04%
||
7 Day CHG~0.00%
Published-18 Jan, 2012 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confidentiality via unknown vectors related to Calendar Server.

Action-Not Available
Vendor-n/aOracle Corporation
Product-communications_unifiedn/a
CVE-2021-21290
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.02% / 2.43%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 20:10
Updated-03 Aug, 2024 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local Information Disclosure Vulnerability in Netty on Unix-Like systems due temporary files

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the temporary directory is shared between all user. As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure. Of note, this does not impact modern MacOS Operating Systems. The method "File.createTempFile" on unix-like systems creates a random file, but, by default will create this file with the permissions "-rw-r--r--". Thus, if sensitive information is written to this file, other local users can read this information. This is the case in netty's "AbstractDiskHttpData" is vulnerable. This has been fixed in version 4.1.59.Final. As a workaround, one may specify your own "java.io.tmpdir" when you start the JVM or use "DefaultHttpDataFactory.setBaseDir(...)" to set the directory to something that is only readable by the current user.

Action-Not Available
Vendor-quarkusThe Netty ProjectNetApp, Inc.Debian GNU/LinuxOracle Corporation
Product-banking_trade_finance_process_managementdebian_linuxquarkuscommunications_messaging_servernettynosql_databasecommunications_design_studioactive_iq_unified_managerbanking_corporate_lending_process_managementcloud_secure_agentbanking_credit_facilities_process_managementcommunications_brm_-_elastic_charging_enginesnapcenternetty
CWE ID-CWE-378
Creation of Temporary File With Insecure Permissions
CWE ID-CWE-379
Creation of Temporary File in Directory with Insecure Permissions
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2020-10729
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 26.61%
||
7 Day CHG-0.01%
Published-27 May, 2021 | 18:46
Updated-04 Aug, 2024 | 11:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.
Product-debian_linuxansible_engineenterprise_linuxAnsible
CWE ID-CWE-330
Use of Insufficiently Random Values
CVE-2014-9584
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.15% / 36.77%
||
7 Day CHG~0.00%
Published-09 Jan, 2015 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncopenSUSESUSERed Hat, Inc.Debian GNU/LinuxOracle CorporationCanonical Ltd.
Product-enterprise_linux_serverlinux_kernelenterprise_linux_ausenterprise_linux_eusevergreenenterprise_linux_server_euslinux_enterprise_real_time_extensionlinux_enterprise_desktopdebian_linuxlinuxlinux_enterprise_software_development_kitenterprise_linux_server_ausopensuseenterprise_linux_desktopubuntu_linuxenterprise_linux_server_tusenterprise_linux_workstationlinux_enterprise_workstation_extensionlinux_enterprise_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-2042
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.3||LOW
EPSS-0.17% / 38.29%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 14:50
Updated-26 Sep, 2024 | 18:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-oncommand_insightmysqloncommand_workflow_automationsnapcenterMySQL Server
CVE-2005-2292
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.33% / 55.38%
||
7 Day CHG~0.00%
Published-17 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords in (1) IDEConnections.xml, (2) XSQLConfig.xml and (3) settings.xml, which allows local users to obtain sensitive information.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jdevelopern/a
CVE-2005-2294
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.28% / 50.68%
||
7 Day CHG~0.00%
Published-17 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Oracle Forms 4.5, 6.0, 6i, and 9i on Unix, when a large number of records are retrieved by an Oracle form, stores a copy of the database tables in a world-readable temporary file, which allows local users to gain sensitive information such as credit card numbers.

Action-Not Available
Vendor-n/aOracle Corporation
Product-formsn/a
CVE-2018-2793
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.2||MEDIUM
EPSS-0.26% / 48.69%
||
7 Day CHG~0.00%
Published-19 Apr, 2018 | 02:00
Updated-03 Oct, 2024 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: PsAdmin). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where PeopleSoft Enterprise PT PeopleTools executes to compromise PeopleSoft Enterprise PT PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PT PeopleTools accessible data. CVSS 3.0 Base Score 6.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-peoplesoft_enterprise_pt_peopletoolsPeopleSoft Enterprise PT PeopleTools
CVE-2018-2951
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.2||MEDIUM
EPSS-0.26% / 48.69%
||
7 Day CHG~0.00%
Published-18 Jul, 2018 | 13:00
Updated-02 Oct, 2024 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Configuration Manager). Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where PeopleSoft Enterprise PeopleTools executes to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-peoplesoft_enterprise_peopletoolsPeopleSoft Enterprise PT PeopleTools
CVE-2018-3639
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-46.74% / 97.59%
||
7 Day CHG~0.00%
Published-22 May, 2018 | 12:00
Updated-16 Sep, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

Action-Not Available
Vendor-Debian GNU/LinuxMitel Networks Corp.Siemens AGIntel CorporationSonicWall Inc.Microsoft CorporationRed Hat, Inc.NVIDIA CorporationOracle CorporationCanonical Ltd.Arm Limited
Product-surface_proenterprise_linux_server_ausopenstackxeon_e3_1225_v3xeon_e5_2450lxeon_e5_1620_v3xeon_e5_1428lxeon_e5_1620_v4xeon_e3_1240l_v5windows_10xeon_e3_1270xeon_e3_1230l_v3xeon_e3_1225_v5xeon_e5_2643_v2simatic_ipc677c_firmwaresinumerik_tcu_30.3xeon_e3_1220l_v3itc1900_pro_firmwarexeon_e5_2450_v2simatic_ipc647cweb_application_firewallxeon_e5_2408l_v3xeon_e3_1240_v2xeon_e5_2609_v4simatic_ipc627catom_zxeon_e3_1265l_v2xeon_e3_1278l_v4xeon_e3_1240simatic_ipc547g_firmwarexeon_e3_1246_v3xeon_e5_2637itc1900_proxeon_e5_2448litc1500_pro_firmwaresimatic_ipc347esinema_remote_connect_firmwareitc1900jetson_tx1xeon_e3enterprise_linux_serverxeon_e5_2608l_v3xeon_e3_1501l_v6solarisxeon_e5_1650_v3xeon_e5_2430lsimatic_ipc677cxeon_e7xeon_e3_1240_v5xeon_e5_2428l_v3xeon_e5_2430l_v2xeon_e3_1280_v5simatic_ipc847dxeon_e5_2648l_v3simatic_ipc827cceleron_nxeon_e5_2428lxeon_e5_1660_v4itc1900_firmwarexeon_e5_2428l_v2simatic_ipc477exeon_e5_2407_v2simatic_field_pg_m4_firmwaresimatic_ipc427d_firmwarexeon_e5_2650_v2xeon_e3_1245_v3xeon_e3_1245xeon_e3_1225xeon_e5_2630l_v3xeon_e3_1275_v2xeon_e5_2620_v3cortex-axeon_e3_1241_v3simatic_ipc427e_firmwareitc2200_pro_firmwaresimatic_ipc647d_firmwarexeon_platinummivoice_connectxeon_e5_1680_v4xeon_e5_2628l_v3xeon_e5_2430xeon_e5_2643_v3xeon_e5_1428l_v2xeon_e3_1240l_v3sinumerik_tcu_30.3_firmwarexeon_e3_1285l_v4secure_mobile_accessitc2200xeon_e3_1230_v6local_service_management_systemxeon_e5_2643_v4xeon_e5_2620xeon_e3_1285_v6xeon_e5_2418lxeon_e3_1275_v5xeon_e3_1286_v3xeon_e3_1268l_v5xeon_e3_1290xeon_e5_2448l_v2xeon_e5_1650_v4xeon_e5_2630l_v4simatic_ipc677dsinumerik_840_d_sl_firmwarexeon_e5_2403_v2virtualization_managerxeon_e3_1268l_v3simatic_ipc477d_firmwarexeon_e3_1285_v3xeon_e5_2450xeon_e5_2623_v3xeon_e5_2650l_v3simatic_field_pg_m5xeon_e3_1501m_v6mivoice_businessxeon_e3_1265l_v4simatic_ipc477e_firmwaresimatic_ipc847c_firmwaresimatic_et_200_sp_firmwaresimatic_ipc477e_proatom_csimatic_ipc827datom_esimatic_et_200_spxeon_e5_1660xeon_e5_2618l_v3surface_pro_with_lte_advancedxeon_e5_2618l_v2xeon_e3_1280_v3simatic_ipc627dxeon_e3_12201_v2xeon_e3_1270_v2xeon_e5xeon_e3_1280simatic_s7-1500xeon_e5_2628l_v4xeon_e5_2640_v3xeon_e3_1270_v3simatic_ipc3000_smart_firmwarexeon_e5_2608l_v4xeon_e5_2650enterprise_linux_eusxeon_e3_1265l_v3xeon_e5_1650_v2cloud_global_management_systemxeon_e5_2609xeon_e3_1260l_v5xeon_e5_2650lvirtualizationxeon_e5_2418l_v2xeon_e3_1225_v6xeon_e5_2640sinumerik_840_d_slruggedcom_ape_firmwareatom_x5-e3930simatic_ipc547gsimatic_ipc847cxeon_e3_1285_v4atom_x7-e3950xeon_e5_2630l_v2simatic_ipc477e_pro_firmwaremicollabxeon_e5_2403xeon_e3_1260lxeon_e5_2438l_v3xeon_e3_12201pentiumsimatic_s7-1500_firmwarexeon_e3_1220_v6xeon_e3_1230_v2xeon_e5_1680_v3xeon_e5_1630_v3simatic_ipc647c_firmwareenterprise_linux_workstationxeon_e3_1235xeon_e3_1281_v3xeon_e5_1428l_v3simatic_ipc477c_firmwaresimotion_p320-4e_firmwarexeon_e5_2648lsimatic_ipc347e_firmwarexeon_e3_1276_v3xeon_silverxeon_e5_1620_v2xeon_e5_2630_v2itc2200_firmwaremivoic_mx-onecore_i7xeon_e-1105cxeon_e5_2630lxeon_e5_2643simatic_ipc827c_firmwaresimotion_p320-4exeon_e3_1275l_v3debian_linuxitc1500xeon_e3_1105c_v2xeon_e5_2637_v2itc1500_proxeon_e3_1245_v5xeon_e5_2430_v2xeon_e5_2640_v4xeon_e5_2648l_v2windows_server_2008itc2200_prosimatic_ipc677d_firmwarexeon_e3_1230_v3xeon_e3_1226_v3xeon_e5_2637_v3ruggedcom_apesimatic_ipc547e_firmwarexeon_e3_1245_v6xeon_e5_2420_v2core_i3xeon_e3_1505m_v5mivoice_border_gatewayxeon_e5_2620_v4simatic_ipc827d_firmwarecore_i5xeon_e3_1235l_v5surface_studioxeon_e5_1660_v3celeron_jxeon_e3_1505l_v5xeon_e3_1230simatic_ipc427c_firmwarexeon_e5_2630_v4pentium_jxeon_e3_1275_v6xeon_e3_1285l_v3xeon_e5_1620atom_x5-e3940simatic_ipc427exeon_e5_2640_v2simatic_ipc477dsimatic_ipc427dxeon_e5_2609_v2simatic_itp1000_firmwarexeon_e5_1630_v4xeon_e5_2407xeon_e3_1220_v3windows_7xeon_e3_1280_v6pentium_silversimatic_ipc3000_smartenterprise_linux_server_tussimatic_ipc547exeon_e5_2618l_v4xeon_e3_1275_v3xeon_e3_1505l_v6ubuntu_linuxwindows_8.1xeon_e3_1240_v6global_management_systemxeon_e5_2620_v2xeon_e3_1270_v5itc1500_firmwaresinema_remote_connectsurfacexeon_e5_2450l_v2simatic_ipc627c_firmwaremivoice_5000xeon_e5_2609_v3xeon_e3_1220_v5xeon_e5_2603xeon_e5_2630_v3simatic_itp1000core_mxeon_e5_2650l_v2enterprise_linux_desktopxeon_e3_1231_v3simatic_ipc427cxeon_e3_1280_v2xeon_e5_1650xeon_e5_2470enterprise_linuxxeon_goldsimatic_ipc647dxeon_e5_2603_v3xeon_e3_1286l_v3simatic_field_pg_m5_firmwaresimatic_ipc847d_firmwarexeon_e5_2603_v2open_integration_gatewayxeon_e3_1290_v2xeon_e5_2603_v4xeon_e3_1220_v2xeon_e3_1270_v6simatic_ipc477cwindows_server_2012sinumerik_pcu_50.5windows_server_2016xeon_e3_1225_v2jetson_tx2xeon_e3_1271_v3surface_bookxeon_e5_2623_v4xeon_e3_1230_v5xeon_e5_2440simatic_ipc627d_firmwarexeon_e5_2440_v2mrg_realtimexeon_e3_1258l_v4xeon_e5_2650_v4sonicosvxeon_e5_2418l_v3sinumerik_pcu_50.5_firmwarexeon_e5_2628l_v2micloud_management_portalxeon_e5_2470_v2simatic_field_pg_m4xeon_e3_1245_v2xeon_e5_2637_v4struxureware_data_center_expertxeon_e5_2650_v3xeon_e3_1240_v3xeon_e5_2648l_v4xeon_e5_1660_v2email_securityxeon_e5_2630xeon_e5_2420xeon_e3_1125c_v2Multiple
CWE ID-CWE-203
Observable Discrepancy
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • Next
Details not found