Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-16721

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-23 Nov, 2020 | 20:33
Updated At-05 Aug, 2024 | 10:32
Rejected At-
Credits

In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x12360090, a related issue to CVE-2018-16306.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:23 Nov, 2020 | 20:33
Updated At:05 Aug, 2024 | 10:32
Rejected At:
▼CVE Numbering Authority (CNA)

In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x12360090, a related issue to CVE-2018-16306.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/bsauce/poc/tree/master/jingyun_antivirus_12360090
x_refsource_MISC
https://www.cnvd.org.cn/flaw/show/CNVD-2018-19266
x_refsource_MISC
Hyperlink: https://github.com/bsauce/poc/tree/master/jingyun_antivirus_12360090
Resource:
x_refsource_MISC
Hyperlink: https://www.cnvd.org.cn/flaw/show/CNVD-2018-19266
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/bsauce/poc/tree/master/jingyun_antivirus_12360090
x_refsource_MISC
x_transferred
https://www.cnvd.org.cn/flaw/show/CNVD-2018-19266
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/bsauce/poc/tree/master/jingyun_antivirus_12360090
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.cnvd.org.cn/flaw/show/CNVD-2018-19266
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:23 Nov, 2020 | 21:15
Updated At:25 Nov, 2020 | 14:54

In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x12360090, a related issue to CVE-2018-16306.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
v-secure
v-secure
>>jingyun_antivirus>>2.4.2.39
cpe:2.3:a:v-secure:jingyun_antivirus:2.4.2.39:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/bsauce/poc/tree/master/jingyun_antivirus_12360090cve@mitre.org
Third Party Advisory
https://www.cnvd.org.cn/flaw/show/CNVD-2018-19266cve@mitre.org
Third Party Advisory
Hyperlink: https://github.com/bsauce/poc/tree/master/jingyun_antivirus_12360090
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://www.cnvd.org.cn/flaw/show/CNVD-2018-19266
Source: cve@mitre.org
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

514Records found
CVE-2022-38076
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-3.8||LOW
EPSS-0.09% / 26.02%
||
7 Day CHG+0.02%
Published-11 Aug, 2023 | 02:36
Updated-13 Feb, 2025 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationDebian GNU/LinuxFedora Project
Product-wireless-ac_9461wireless-ac_9560debian_linuxfedorakillerdual_band_wireless-ac_3165dual_band_wireless-ac_8260wireless-ac_9260dual_band_wireless-ac_3168wireless_7265_\(rev_d\)wireless-ac_9462killer_wireless-ac_1550dual_band_wireless-ac_8265uefi_firmwareproset\/wireless_wifiIntel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software
CWE ID-CWE-20
Improper Input Validation
CVE-2016-5879
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.8||HIGH
EPSS-0.04% / 10.17%
||
7 Day CHG~0.00%
Published-02 Sep, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local users to execute arbitrary shell commands via a crafted (1) Disaster Recovery or (2) High Availability command.

Action-Not Available
Vendor-n/aIBM Corporation
Product-mq_appliance_firmwaremq_appliance_m2000mq_appliance_m2001n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-5340
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.17%
||
7 Day CHG~0.00%
Published-07 Aug, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name.

Action-Not Available
Vendor-n/aGoogle LLCLinux Kernel Organization, Inc
Product-linux_kernelandroidn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-21974
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-8.8||HIGH
EPSS-0.06% / 17.05%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:16
Updated-15 Nov, 2024 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-ryzen_ai_softwareAMD Ryzen™ AI Softwareryzen_ai_software
CWE ID-CWE-20
Improper Input Validation
CVE-2022-36339
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 15.09%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for Intel(R) NUC 8 Compute Element, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element may allow a privileged user to enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-cm11ebi58w_firmwarecm8i3cb4ncm11ebc4wcm11ebi38w_firmwarecm8pcb4r_firmwareelm12hbccm8pcb4relm12hbc_firmwareelm12hbi5_firmwareelm12hbi3_firmwarecm11ebi716welm12hbi5elm12hbi3cm8i3cb4n_firmwarecm11ebi716w_firmwarecm8i7cb8n_firmwarecm8i5cb8n_firmwarecm11ebi38wcm8ccb4r_firmwarecm8ccb4rcm8i7cb8nelm12hbi7_firmwareelm12hbi7cm11ebi58wcm11ebc4w_firmwarecm8i5cb8nIntel(R) NUC 8 Compute Element, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element
CWE ID-CWE-20
Improper Input Validation
CVE-2016-5828
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.69%
||
7 Day CHG+0.05%
Published-27 Jun, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by starting and suspending a transaction before an exec system call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxNovellCanonical Ltd.
Product-suse_linux_enterprise_real_time_extensionlinux_kerneldebian_linuxubuntu_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-34866
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.54%
||
7 Day CHG~0.00%
Published-20 Jul, 2022 | 06:15
Updated-03 Aug, 2024 | 09:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Passage Drive versions v1.4.0 to v1.5.1.0 and Passage Drive for Box version v1.0.0 contain an insufficient data verification vulnerability for interprocess communication. By running a malicious program, an arbitrary OS command may be executed with LocalSystem privilege of the Windows system where the product is running.

Action-Not Available
Vendor-yrlYokogawa Rental & Lease Corporation
Product-passage_drive_for_boxpassage_drivePassage Drive
CWE ID-CWE-20
Improper Input Validation
CVE-2022-35415
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.10%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 02:21
Updated-03 Aug, 2024 | 09:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper input validation in NI System Configuration Manager before 22.5 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-nin/a
Product-configuration_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-21476
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.82%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-15 Jan, 2025 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Secure Processor

Memory corruption when the channel ID passed by user is not validated and further used.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragonaqt1000_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_8cx_compute_platform_firmwareqca1062_firmwarewsa8840_firmwareqca6431_firmwarefastconnect_6900_firmwaresc8380xp_firmwaresnapdragon_870_5g_mobile_platform_firmwaresc8180x_firmwarewsa8810_firmwaresnapdragon_888_5g_mobile_platform_firmwarewcd9341_firmwarefastconnect_7800_firmwareqca6420_firmwaresxr2130_firmwareqca6430_firmwareqca1064_firmwareqca6391_firmwarewcd9385_firmwarewcd9340_firmwarewsa8830_firmwarewsa8845_firmwaresd865_5g_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewsa8815_firmwarewsa8835_firmwarefastconnect_6200_firmwaresdx55_firmwaresnapdragon_865_5g_mobile_platform_firmwarewsa8845h_firmwarefastconnect_6800_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6436_firmwarear8035_firmwareqsm8250_firmwareqca6421_firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-6162
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.45%
||
7 Day CHG~0.00%
Published-06 Aug, 2016 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

net/core/skbuff.c in the Linux kernel 4.7-rc6 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via certain IPv6 socket operations.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33708
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.03%
||
7 Day CHG~0.00%
Published-11 Jul, 2022 | 13:36
Updated-03 Aug, 2024 | 08:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-galaxy_storeGalaxy Store
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-3388
Matching Score-4
Assigner-Hitachi Energy
ShareView Details
Matching Score-4
Assigner-Hitachi Energy
CVSS Score-8.8||HIGH
EPSS-0.43% / 61.63%
||
7 Day CHG~0.00%
Published-21 Nov, 2022 | 00:00
Updated-23 Jul, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Input Validation Vulnerability in Hitachi Energy’s MicroSCADA Pro/X SYS600 Products

An input validation vulnerability exists in the Monitor Pro interface of MicroSCADA Pro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user's role.

Action-Not Available
Vendor-Hitachi Energy Ltd.
Product-microscada_pro_sys600microscada_x_sys600MicroSCADA Pro SYS600MicroSCADA X SYS600
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33209
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.10%
||
7 Day CHG+0.04%
Published-18 Aug, 2022 | 20:03
Updated-18 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-lapbc510lapbc710_firmwarelapbc510_firmwarelapbc710Intel(R) NUC Laptop Kits
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33709
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.03%
||
7 Day CHG~0.00%
Published-11 Jul, 2022 | 13:36
Updated-03 Aug, 2024 | 08:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-galaxy_storeGalaxy Store
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-33894
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.40%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-13 Feb, 2025 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-core_i3-9100_firmwarexeon_e-2378gcore_i7-1068ng7core_i5-1035g7core_i3-10105f_firmwarecore_i3-8350k_firmwarecore_i3-9350k_firmwarexeon_e-2124g_firmwarecore_i7-9700kfcore_i5-8305g_firmwarecore_i5-7500_firmwarexeon_e-2314xeon_e-2254me_firmwarecore_i7-10870h_firmwarecore_i5-8400hxeon_e-2276me_firmwarecore_i5-7y54core_i7-1060g7_firmwarecore_i7-9700core_i5-10200hxeon_e-2226gcore_i9-9900kfcore_i3-10100f_firmwarecore_i5-1035g4core_i5-10400hcore_i3-8145ucore_i7-10700k_firmwarexeon_e-2276m_firmwarecore_i5-9600_firmwarecore_i5-9600t_firmwarecore_i3-10100ycore_i3-7020ucore_i7-9700tecore_i5-10400tcore_i3-8109ucore_i5-10310ucore_i7-7600ucore_i5-9400f_firmwarexeon_e-2224xeon_e-2186m_firmwarecore_i5-7y57_firmwarecore_i7-10700t_firmwarecore_i7-9700f_firmwarecore_i5-9500e_firmwarecore_i3-7100e_firmwarecore_i3-7100ecore_i3-7300xeon_e-2378core_i5-8269u_firmwarexeon_e-2278gexeon_e-2134_firmwarecore_i5-10600_firmwarecore_i3-9100hlcore_i5-10400core_i7-7600u_firmwarecore_i5-8400bcore_i3-9300t_firmwarecore_i7-10610u_firmwarecore_i7-10710u_firmwarecore_i5-10500tecore_i7-7820hkcore_i5-9500_firmwarecore_i5-8400h_firmwarecore_i3-9100tecore_i7-9700fcore_i9-10980hkcore_i5-8600xeon_e-2136core_i7-10510ucore_i7-9700kcore_i5-10400t_firmwarecore_i5-9400_firmwarecore_i7-8500y_firmwarecore_i3-10100ecore_i3-8100core_i7-1060g7core_i9-10900xeon_e-2374g_firmwarecore_i3-7300_firmwarecore_i3-10100tcore_i5-7287u_firmwarecore_i7-7700xeon_e-2386gcore_i9-10900kcore_i3-10325_firmwarecore_i7-7820hq_firmwarecore_i3-7102ecore_i7-7920hq_firmwarecore_i5-8600kcore_i7-10700te_firmwarexeon_e-2124_firmwarecore_i9-10900fcore_i7-8700k_firmwarecore_i7-8700_firmwarecore_i7-8750hcore_i3-10105t_firmwarecore_i5-8365uxeon_e-2226ge_firmwarecore_i5-9600kfcore_i5-8500b_firmwarecore_i3-10100tecore_i3-7100u_firmwarecore_i5-10400_firmwarecore_i5-7600core_i7-10700fxeon_e-2286mcore_i5-1030g4_firmwarecore_i7-9850he_firmwarecore_i7-8557u_firmwarecore_i7-1068ng7_firmwarecore_i7-10750hcore_i7-7820eq_firmwarexeon_e-2276gcore_i3-8300core_i3-1000g4xeon_e-2186gcore_i5-7267u_firmwarecore_i5-7400txeon_e-2174gcore_i3-7100core_i7-8809gcore_i3-8145uecore_i5-10400h_firmwarecore_i5-7260ucore_i7-8700bcore_i5-10500_firmwarecore_i7-7500u_firmwarecore_i5-7267uxeon_e-2334_firmwarecore_i5-10210ycore_i7-7820hk_firmwarecore_i5-10500ecore_i9-9900kf_firmwarecore_i5-9400tcore_i5-10210u_firmwarecore_i5-9500fcore_i5-8300hcore_i5-8600t_firmwarecore_i5-10600txeon_e-2356gcore_i7-9850hecore_i3-10110ycore_i5-10600kfcore_i3-7300t_firmwarecore_i7-10700ecore_i5-10500h_firmwarecore_i9-9900kscore_i5-9600core_i7-10870hcore_i5-7300u_firmwarecore_i5-8600_firmwarecore_i3-9100fcore_i5-9600kf_firmwarexeon_e-2224_firmwarecore_i7-9750hfcore_i5-9300h_firmwarexeon_e-2274gcore_i7-10700kcore_i5-9500core_i3-9320_firmwarexeon_e-2278gelcore_i3-8145ue_firmwarecore_i5-10500te_firmwarecore_i5-8400b_firmwarecore_i3-8100_firmwarexeon_e-2124core_i9-9880hcore_i7-10710ucore_i5-7287ucore_i7-10700kfcore_i5-8500t_firmwarecore_i3-7100h_firmwarecore_i5-8300h_firmwarexeon_e-2136_firmwarexeon_e-2276g_firmwarexeon_e-2276mecore_i7-8565ucore_m3-7y32_firmwarecore_i5-7300hq_firmwarexeon_e-2274g_firmwarecore_i3-10300_firmwarecore_i5-7300hqcore_i7-7560ucore_i7-8706g_firmwarecore_i5-7400t_firmwarecore_i3-8100t_firmwarecore_i5-8259ucore_i9-9900core_i7-10510y_firmwarecore_i3-10100e_firmwarecore_i7-9850hl_firmwarexeon_e-2146g_firmwarecore_i7-8850h_firmwarecore_i5-1038ng7_firmwarecore_i3-8140uxeon_e-2336xeon_e-2388gcore_i7-9700kf_firmwarecore_i3-10105core_i7-9850h_firmwarecore_i3-10100te_firmwarecore_i3-7100_firmwarecore_i5-7600tcore_i9-10900k_firmwarexeon_e-2278g_firmwarecore_i7-7500ucore_i7-8550uxeon_e-2276ml_firmwarexeon_e-2224gcore_i3-9100tcore_i5-8310y_firmwarexeon_e-2226gecore_i3-10300t_firmwarecore_i5-9300hcore_i9-10900_firmwarecore_i3-7167u_firmwarecore_i7-8559u_firmwarecore_i7-8086k_firmwarecore_i7-10610ucore_i5-10505_firmwarecore_i5-1035g1_firmwarecore_i7-8665u_firmwarexeon_e-2176g_firmwarecore_i3-7167ucore_i5-9400hcore_i7-8500ycore_i7-7567ucore_i9-9900tcore_i3-8145u_firmwarecore_i7-9700e_firmwarecore_i5-10300h_firmwarecore_i7-7660u_firmwarecore_i7-7820hqcore_i5-8210ycore_i7-8750h_firmwarecore_i5-10200h_firmwarecore_i3-7300tcore_i5-7400_firmwarecore_i3-8109u_firmwarecore_i3-8300t_firmwarecore_i7-9700k_firmwarexeon_e-2288g_firmwarecore_i3-9100f_firmwarecore_i5-7y54_firmwarexeon_e-2246g_firmwarexeon_e-2176m_firmwarexeon_e-2174g_firmwarecore_i3-10300tcore_i3-7101ecore_i3-8100b_firmwarecore_i9-8950hk_firmwarecore_i5-8500core_i5-9500te_firmwarecore_i5-7600_firmwarecore_i5-8265ucore_i7-10700kf_firmwarexeon_e-2254mecore_i7-9750hxeon_e-2336_firmwarecore_i7-7y75core_i7-7560u_firmwarexeon_e-2286g_firmwarecore_i5-7y57core_i3-10305tcore_i7-10700_firmwarecore_i3-8350kcore_i5-7500tcore_i5-9600k_firmwarecore_i9-9900t_firmwarecore_i3-9100xeon_e-2224g_firmwarexeon_e-2276mcore_i7-7700kcore_i7-8705gcore_i5-9500ecore_i7-8665ucore_i3-8300tcore_i7-7660ucore_i7-8706gxeon_e-2236core_i9-9880h_firmwarecore_i7-10850hxeon_e-2236_firmwarecore_i7-8700t_firmwarexeon_e-2126g_firmwarecore_i7-8700core_i5-10400fcore_i5-8259u_firmwarecore_i7-8665ue_firmwarecore_i3-7130u_firmwarecore_i5-8400core_i7-8705g_firmwarecore_i9-10900te_firmwarecore_i3-10300core_i7-7700tcore_i7-10700tcore_i3-7100tcore_i7-8086kcore_i5-10210ucore_i5-7260u_firmwarecore_i5-7600k_firmwarecore_i5-8257ucore_i5-8365ue_firmwarecore_i7-8700kcore_i5-7200u_firmwarecore_i5-8600k_firmwarecore_i7-10510u_firmwarecore_i5-7442eqxeon_e-2134xeon_e-2226g_firmwarecore_i3-10100_firmwarecore_i5-10505core_i5-1030g7core_i5-7442eq_firmwarecore_i5-10310y_firmwarecore_i7-8569u_firmwarecore_i7\+8700_firmwarexeon_e-2144g_firmwarecore_i3-1000g1core_i7-10510ycore_i5-7360u_firmwarecore_i5-10600kf_firmwarecore_i3-10110ucore_i5-8210y_firmwarecore_i3-9100e_firmwarecore_i5-9600kcore_i3-10305t_firmwarecore_i5-10310u_firmwarecore_i7-7700hqcore_i9-10900f_firmwarecore_i3-9100hl_firmwarecore_i3-10105fcore_i3-8100hcore_i3-9100t_firmwarexeon_e-2386g_firmwarecore_i5-10300hcore_i5-8350ucore_i3-1005g1_firmwarecore_i5-7300uxeon_e-2246gcore_i5-8500tcore_i3-10100y_firmwarecore_i5-7500core_i5-7200ucore_i5-8350u_firmwarecore_i7-8700b_firmwarecore_i9-8950hkcore_i9-10900ecore_i9-10850kcore_i7-7920hqcore_i5-9300hf_firmwarexeon_e-2314_firmwarexeon_e-2254mlcore_i9-9900ks_firmwarecore_i3-9300_firmwarecore_i5-8400tcore_i7-10700core_i3-9100te_firmwarexeon_e-2254ml_firmwarecore_i7-10750h_firmwarexeon_e-2334core_i3-7350k_firmwarecore_i3-10105tcore_i9-10885hcore_i3-10325core_i3-7100hcore_i3-7101te_firmwarecore_i3-9300xeon_e-2276mlcore_i7-10875hxeon_e-2244gcore_i9-9900kcore_i3-9350kf_firmwarexeon_e-2176gxeon_e-2324gcore_i7-8709gcore_i3-10100core_i7-7y75_firmwarecore_i5-8200y_firmwarecore_i7-8550u_firmwarecore_i5-1035g7_firmwarecore_i7-10700f_firmwarecore_i5-9400core_m3-8100y_firmwarecore_i3-8100tcore_i7-8557uxeon_e-2278ge_firmwarecore_i5-9500tcore_i5-7500t_firmwarecore_i3-10305_firmwarecore_i7-8700tcore_i5-8260u_firmwarecore_m3-7y32core_i5-7400core_i7-8650ucore_i3-7102e_firmwarecore_m3-7y30_firmwarecore_i9-10900e_firmwarexeon_e-2286m_firmwarecore_i3-7320xeon_e-2378g_firmwarecore_i7-9750h_firmwarexeon_e-2234_firmwarecore_i5-1035g1core_i5-1038ng7core_i7-8565u_firmwarecore_i7-10700e_firmwarexeon_e-2186g_firmwarecore_i5-1035g4_firmwarecore_i3-10110y_firmwarexeon_e-2124gcore_i5-7600t_firmwarecore_i5-8500bcore_i5-8269ucore_i5-7440hq_firmwarecore_i5-1030g4core_i7-10700texeon_e-2288gcore_i3-9100exeon_e-2234core_i5-10500core_i7-8709g_firmwarexeon_e-2356g_firmwarecore_i7-9850hcore_i5-9400fcore_i7-9700t_firmwarecore_i5-10500e_firmwarecore_i5-7440eqcore_i5-8279ucore_i5-8279u_firmwarecore_i3-8130u_firmwarecore_i5-9500f_firmwarecore_i5-10600t_firmwarecore_i5-9300hfcore_i3-7100ucore_i5-10210y_firmwarecore_i3-7101tecore_i3-7350kcore_i5-7600kcore_i5-8250ucore_i3-10305core_i3-8140u_firmwarecore_i3-1000g4_firmwarexeon_e-2126gcore_i7-9700tcore_i3-7100t_firmwarecore_i7-7820eqcore_i7-9850hlcore_i5-7360ucore_i7-8650u_firmwarecore_i5-10600kcore_i3-9350kfxeon_e-2388g_firmwarecore_i9-9900k_firmwarecore_i7-7700k_firmwarecore_m3-8100ycore_i9-10900kfcore_i5-8250u_firmwarexeon_e-2186mcore_i7-9700ecore_i7-7567u_firmwarecore_i3-7320_firmwarecore_i5-8400_firmwarexeon_e-2176mcore_i7-7700hq_firmwarecore_i5-7440eq_firmwarecore_i3-1000g1_firmwarecore_i5-10600k_firmwarecore_i7-9750hf_firmwarecore_i5-10310ycore_i5-8400t_firmwarexeon_e-2286gcore_i5-8365u_firmwarecore_i5-10500hcore_i5-8260ucore_i9-10900t_firmwarecore_i7-10810u_firmwarecore_i3-10100t_firmwarecore_i3-9300txeon_e-2244g_firmwarecore_i7-10810ucore_i5-10400f_firmwarexeon_e-2278gcore_i3-8100h_firmwarecore_i3-10105_firmwarecore_i7-10875h_firmwarexeon_e-2378_firmwarecore_i7-8850hcore_i5-10500t_firmwarecore_i3-7130ucore_i5-8265u_firmwarexeon_e-2374gcore_i3-10100fcore_i3-8300_firmwarecore_i9-9900_firmwarecore_i7-1065g7_firmwarecore_i5-10600core_i7\+8700core_i5-8257u_firmwarecore_i9-10900kf_firmwarecore_m3-7y30core_i3-9350kcore_i5-8500_firmwarecore_i9-10850k_firmwarecore_i5-8365uecore_i7-8665uecore_i7-8809g_firmwarecore_i9-10885h_firmwarecore_i7-7700t_firmwarecore_i9-9980hk_firmwarecore_i5-1030g7_firmwarecore_i5-9400h_firmwarecore_i3-10320core_i9-10900tcore_i5-8200ycore_i5-8310ycore_i3-10110u_firmwarexeon_e-2324g_firmwarexeon_e-2278gel_firmwarecore_i5-9500texeon_e-2144gcore_i5-7440hqcore_i5-9500t_firmwarecore_i7-8569ucore_i7-9700te_firmwarecore_i7-7700_firmwarecore_i5-10500tcore_i3-10320_firmwarecore_i3-1005g1core_i3-8100bcore_i5-9600tcore_i3-7020u_firmwarecore_i3-7101e_firmwarecore_i3-9320core_i7-10850h_firmwarecore_i7-1065g7core_i5-9400t_firmwarecore_i9-9980hkcore_i5-8305gcore_i7-8559ucore_i5-8600tcore_i9-10900texeon_e-2146gcore_i9-10980hk_firmwarecore_i7-9700_firmwarecore_i3-8130uIntel(R) Processors
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33704
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.5||HIGH
EPSS-0.04% / 10.39%
||
7 Day CHG~0.00%
Published-11 Jul, 2022 | 13:36
Updated-03 Aug, 2024 | 08:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2022-34147
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.40%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in BIOS firmware for some Intel(R) NUC 9 Extreme Laptop Kits, Intel(R) NUC Performance Kits, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute Element, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board, and Intel(R) NUC Compute Element may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc10i7fnhaa_firmwarecm8i3cb4nnuc10i7fnk_firmwarecm8pcb4r_firmwarenuc10i7fnhc_firmwarenuc8i3pnk_firmwarenuc10i3fnhja_firmwarenuc10i3fnhfnuc10i5fnhnnuc10i7fnhccm8i5cb8n_firmwarenuc9i9qn_firmwarenuc10i5fnknuc8i3pnh_firmwarenuc10i3fnkn_firmwarelapqc71d_firmwarenuc10i5fnhja_firmwarenuc10i7fnkpanuc10i7fnh_firmwarenuc10i3fnhnuc10i5fnkpnuc10i5fnhjnuc10i7fnhnnuc10i3fnkcm8pcb4rnuc10i5fnkpa_firmwarenuc8i3pnknuc10i5fnkpanuc10i3fnk_firmwarenuc10i5fnh_firmwarelapqc71b_firmwarecm8i3cb4n_firmwarenuc10i3fnhncm8i7cb8n_firmwarelapqc71acm8ccb4r_firmwarelapqc71c_firmwarenuc10i7fnhjacm8i7cb8nlapqc71bnuc10i7fnkpa_firmwarenuc9i5qnnuc10i5fnhfnuc10i3fnhfanuc10i5fnhj_firmwarenuc10i7fnkn_firmwarenuc10i5fnhnuc9i7qnlapqc71dnuc10i7fnknnuc10i5fnhca_firmwarenuc10i5fnknnuc10i5fnkp_firmwarenuc10i7fnhnuc8i3pnb_firmwarenuc8i3pnbnuc9i5qn_firmwarenuc10i3fnknnuc10i3fnhfa_firmwarenuc9i7qn_firmwarenuc10i7fnhaanuc10i5fnhf_firmwarenuc8i3pnhnuc10i5fnhn_firmwarenuc10i5fnk_firmwarelapqc71cnuc10i7fnknuc10i7fnkpnuc10i7fnhn_firmwarenuc10i3fnhn_firmwarecm8ccb4rnuc10i5fnkn_firmwarenuc10i3fnhf_firmwarenuc10i7fnkp_firmwarenuc10i3fnhjanuc9i9qnlapqc71a_firmwarenuc10i5fnhjanuc10i5fnhcanuc10i7fnhja_firmwarenuc10i3fnh_firmwarecm8i5cb8nIntel(R) NUC 9 Extreme Laptop Kits, Intel(R) NUC Performance Kits, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute Element, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board, and Intel(R) NUC Compute Element
CWE ID-CWE-20
Improper Input Validation
CVE-2022-34443
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.94%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 04:19
Updated-27 Mar, 2025 | 14:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Rugged Control Center, versions prior to 4.5, contain an Improper Input Validation in the Service EndPoint. A Local Low Privilege attacker could potentially exploit this vulnerability, leading to an Escalation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-rugged_control_centerRugged Control Center (RCC)
CWE ID-CWE-20
Improper Input Validation
CVE-2024-21315
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 50.46%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 18:02
Updated-03 May, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability

Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_server_2022_23h2windows_server_2016windows_10_1809windows_server_2012defender_for_endpointwindows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Microsoft Defender for Endpoint for Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2022-32488
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.02% / 4.31%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5401vostro_5391_firmwareinspiron_3470latitude_e7270inspiron_7570vostro_3669inspiron_5590_firmwareinspiron_5477_firmwareg7_17_7790_firmwareoptiplex_3280_aio_firmwarelatitude_7380_firmwarevostro_3888xps_13_9370inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_e5270precision_7540wyse_7040_thin_clientwyse_5070inspiron_5490_firmwarealienware_area_51m_r1_firmwarelatitude_5590optiplex_5080latitude_5511latitude_7390_2-in-1latitude_7214_rugged_extreme_firmwareprecision_5530_2-in-1inspiron_7580_firmwarealienware_x14_firmwarealienware_m15_r1_firmwareprecision_7720vostro_5581_firmwarealienware_m17_r3_firmwarelatitude_5300alienware_x14precision_5530_firmwareoptiplex_5050alienware_aurora_r11latitude_7300optiplex_3050_aioprecision_3620_toweroptiplex_5055_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_7000inspiron_3782latitude_3590_firmwarelatitude_7490_firmwarealienware_m15_r2latitude_5310_2-in-1_firmwareinspiron_7490_firmwarexps_8950precision_5720_aiolatitude_7400latitude_5591inspiron_3471latitude_3390optiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwareinspiron_7586optiplex_3040_firmwareoptiplex_5070g5_5000optiplex_3280_aioxps_15_9575_2-in-1inspiron_5491_2-in-1_firmwareoptiplex_3090_firmwarexps_13_9370_firmwarevostro_3581_firmwarevostro_3581latitude_9410inspiron_7777optiplex_7070optiplex_7080_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwarelatitude_5310vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedvostro_3268_firmwarealienware_aurora_r8inspiron_7000_firmwarelatitude_7220_rugged_extreme_tabletalienware_x15_r1latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7480_firmwarelatitude_e5470_firmwarevostro_5591vostro_5090latitude_3190latitude_7220ex_rugged_extreme_tablet_firmwarealienware_aurora_r8_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_5488latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540alienware_aurora_r11_firmwarealienware_x17_r2_firmwareinspiron_3580_firmwareinspiron_3781_firmwarewyse_5070_firmwarevostro_3670_firmwarelatitude_7214_rugged_extremeinspiron_3280_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520wyse_5470_all-in-one_firmwareinspiron_5482precision_7820_toweroptiplex_3090latitude_7290latitude_7212_rugged_extreme_tablet_firmwarealienware_area_51m_r1precision_7540_firmwareinspiron_3582inspiron_7700_aiolatitude_7480vostro_3401_firmwareinspiron_7391_firmwarevostro_3881wyse_5470_firmwareedge_gateway_5000_firmwareinspiron_5593inspiron_7580vostro_5390_firmwareinspiron_5770alienware_m17_r2_firmwarelatitude_3580precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwareinspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarevostro_3584optiplex_xe3precision_5510latitude_3301_firmwareinspiron_7370vostro_3481_firmwareinspiron_3502latitude_5491optiplex_7040inspiron_7386alienware_aurora_r12optiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_5400alienware_aurora_r13_firmwarelatitude_5410inspiron_7373_firmwareprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwarelatitude_3379_firmwarelatitude_5401_firmwareprecision_3551alienware_m17_r3precision_5820_towerprecision_7730inspiron_7380precision_3640_tower_firmwarelatitude_7275_2-in-1_firmwareg7_17_7790embedded_box_pc_3000inspiron_7570_firmwarelatitude_5400_firmwareinspiron_7391alienware_m17_r4vostro_3671_firmwareoptiplex_7460_all_in_one_firmwareprecision_3440precision_7510_firmwareg5_5000_firmwareoptiplex_7470_all-in-oneinspiron_5680_firmwarealienware_m15_r3_firmwareinspiron_3671_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwareinspiron_3781optiplex_3050_firmwarealienware_aurora_r10_firmwareinspiron_7590_firmwareinspiron_7791_firmwareprecision_7740_firmwareinspiron_15_3567alienware_m15_r2_firmwarelatitude_7389vostro_3681inspiron_5570_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareinspiron_3582_firmwarelatitude_5411_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultraprecision_7740inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareinspiron_3790_firmwarexps_13_7390_firmwarelatitude_9510inspiron_5770_firmwareinspiron_7586_firmwarelatitude_3180_firmwarevostro_3681_firmwarealienware_m17_r1_firmwarevostro_3580_firmwareinspiron_3581_firmwarelatitude_9510_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwarevostro_3668vostro_3670edge_gateway_3000latitude_5280inspiron_5490inspiron_3501_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareinspiron_3277precision_3930_rackprecision_7550vostro_3490inspiron_5391inspiron_5598inspiron_3482xps_7590_firmwareinspiron_15_2-in-1_5582_firmwareoptiplex_3080alienware_m17_r1latitude_3480inspiron_3782_firmwarexps_13_9300_firmwarealienware_m15_r4optiplex_7460_all_in_onevostro_3671inspiron_7591latitude_7310inspiron_7790inspiron_7790_firmwarelatitude_3379vostro_3584_firmwareoptiplex_7480_all-in-onechengming_3990_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareinspiron_7700_aio_firmwareoptiplex_7060latitude_5290_firmwareinspiron_15_2-in-1_5582latitude_7424_rugged_extremeoptiplex_7480_all-in-one_firmwareg5_5090_firmwarelatitude_7390g3_15_3590latitude_3390_firmwareprecision_3240_compactprecision_7750_firmwarealienware_aurora_r12_firmwarelatitude_5285_2-in-1_firmwareprecision_7510vostro_3401chengming_3991_firmwarevostro_3480_firmwarevostro_7590_firmwarealienware_aurora_r10precision_3510_firmwareinspiron_7370_firmwarelatitude_7389_firmwareoptiplex_7470_all-in-one_firmwarelatitude_e7470precision_3630_tower_firmwareinspiron_3581inspiron_5400_firmwarelatitude_5488_firmwareinspiron_5583precision_3541_firmwareinspiron_5591_2-in-1alienware_m15_r1alienware_x15_r2inspiron_5680vostro_3881_firmwareinspiron_7373latitude_7200_2-in-1latitude_5511_firmwarevostro_3490_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550latitude_7370latitude_7370_firmwarexps_13_7390_2-in-1_firmwareoptiplex_5070_firmwarealienware_aurora_r13latitude_3310_2-in-1inspiron_5390_firmwarelatitude_5490alienware_m17_r2vostro_3070_firmwareinspiron_7390_firmwareprecision_5720_aio_firmwarexps_7590latitude_3190_2-in-1optiplex_7071edge_gateway_5000vostro_3481inspiron_7786latitude_9410_firmwarevostro_7590latitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180latitude_5300_2-in-1latitude_7424_rugged_extreme_firmwarelatitude_e5470optiplex_3070_firmwarelatitude_7410_firmwarevostro_3667alienware_x15_r2_firmwarelatitude_e7470_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1inspiron_5491_aioinspiron_3780inspiron_7380_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarevostro_5090_firmwarexps_13_7390g3_15_5590_firmwareinspiron_3502_firmwareinspiron_5584precision_3520inspiron_7573_firmwarelatitude_5495_firmwarelatitude_e5570inspiron_3880_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareoptiplex_5055optiplex_5080_firmwarelatitude_e5270_firmwareinspiron_5493_firmwarevostro_3471inspiron_3480_firmwarealienware_m15_r3optiplex_5060_firmwarevostro_3590vostro_5390vostro_5590_firmwareprecision_7530_firmwarealienware_m17_r4_firmwarealienware_x17_r1inspiron_3790vostro_3583_firmwarelatitude_3190_firmwareinspiron_5494g7_17_7590g3_3779_firmwarexps_13_9300latitude_5500precision_7550_firmwareinspiron_5477chengming_3991inspiron_5480xps_8950_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwareinspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501chengming_3990vostro_3583alienware_x17_r2latitude_5491_firmwarevostro_5880_firmwareinspiron_3493optiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarewyse_5470_all-in-oneinspiron_5583_firmwarelatitude_5580_firmwareinspiron_3477_firmwarelatitude_3189xps_15_9575_2-in-1_firmwarevostro_3580precision_7750inspiron_14_3467_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579inspiron_7386_firmwareoptiplex_7080alienware_aurora_r9alienware_area_51m_r2_firmwarealienware_m15_r4_firmwareg3_15_5590latitude_5480optiplex_3046latitude_5414_rugged_firmwarelatitude_7300_firmwarealienware_x15_r1_firmwarelatitude_5510wyse_5470vostro_3501_firmwareinspiron_3593_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarealienware_x17_r1_firmwarexps_8930inspiron_7786_firmwarelatitude_3310_2-in-1_firmwarelatitude_7410inspiron_3590_firmwarelatitude_5501_firmwarexps_13_7390_2-in-1latitude_5411optiplex_7450_firmwareoptiplex_7450xps_13_9365_2-in-1optiplex_3050_aio_firmwareinspiron_15_3567_firmwareg3_3579_firmwareg7_17_7590_firmwarelatitude_3480_firmwarelatitude_3189_firmwarevostro_3590_firmwareinspiron_5498inspiron_7591_firmwarelatitude_5290latitude_5289_firmwarechengming_3980_firmwareinspiron_5491_2-in-1latitude_3120_firmwarelatitude_5590_firmwareinspiron_5590vostro_3267inspiron_14_3467g3_15_3590_firmwareinspiron_3671inspiron_5498_firmwareprecision_5540inspiron_3480latitude_3490precision_3930_rack_firmwareinspiron_3670inspiron_3793_firmwareprecision_3430_tower_firmwareinspiron_7390latitude_3300_firmwarelatitude_7400_2-in-1precision_3640_towervostro_5581inspiron_3490latitude_7210_2-in-1_firmwarelatitude_5510_firmwareinspiron_3670_firmwarelatitude_7212_rugged_extreme_tabletlatitude_e5570_firmwarelatitude_7220_rugged_extreme_tablet_firmwareprecision_3540_firmwareinspiron_7777_firmwareoptiplex_3046_firmwareinspiron_3482_firmwarelatitude_5289precision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwareprecision_5510_firmwareprecision_3420_towerinspiron_3881xps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwarealienware_area_51m_r2latitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_5310_firmwarevostro_3070inspiron_3793precision_3430_towerinspiron_5481_firmwarechengming_3988xps_15_7590inspiron_3477latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareedge_gateway_3000_firmwareinspiron_3277_firmwareinspiron_5401_firmwareinspiron_7573precision_5540_firmwarevostro_5590xps_8940_firmwarelatitude_3120vostro_3480optiplex_5260_all-in-one_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwarevostro_3582_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarevostro_3470latitude_5414_ruggedalienware_aurora_r9_firmwareoptiplex_3070inspiron_3280optiplex_3040latitude_7290_firmwareprecision_7530xps_8930_firmwarexps_13_9365_2-in-1_firmwareinspiron_5391_firmwarexps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareprecision_3510xps_13_9380_firmwarelatitude_7490inspiron_5390optiplex_7060_firmwareprecision_3240_compact_firmwareg3_3779inspiron_5401vostro_3582vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwareCPG BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2016-4690
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.11% / 29.66%
||
7 Day CHG~0.00%
Published-20 Feb, 2017 | 08:35
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Image Capture" component, which allows attackers to execute arbitrary code via a crafted USB HID device.

Action-Not Available
Vendor-n/aApple Inc.
Product-iphone_osn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-21975
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-8.8||HIGH
EPSS-0.06% / 17.05%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:16
Updated-15 Nov, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-ryzen_ai_softwareAMD Ryzen™ AI Softwareryzen_ai_software
CWE ID-CWE-20
Improper Input Validation
CVE-2018-11266
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.56%
||
7 Day CHG~0.00%
Published-27 Nov, 2018 | 18:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper input validation can lead to an improper access to already freed up dci client entries while closing dci client.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-46771
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.98%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 18:30
Updated-17 Sep, 2024 | 04:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user application.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-epyc_7543epyc_7443_firmwareepyc_7313epyc_7343epyc_7663_firmwareepyc_7543_firmwareepyc_7763_firmwareepyc_7573x_firmwareepyc_7713pepyc_7573xepyc_74f3_firmwareepyc_7513epyc_7443epyc_7313p_firmwareepyc_7763epyc_7713_firmwareepyc_7713p_firmwareepyc_73f3_firmwareepyc_7453epyc_7373xepyc_7713epyc_7513_firmwareepyc_7543p_firmwareepyc_7443p_firmwareepyc_7773xepyc_7413_firmwareepyc_72f3epyc_7643epyc_7643_firmwareepyc_7663epyc_7773x_firmwareepyc_75f3epyc_72f3_firmwareepyc_7373x_firmwareepyc_7543pepyc_7313_firmwareepyc_7443pepyc_75f3_firmwareepyc_7473xepyc_7453_firmwareepyc_7343_firmwareepyc_7473x_firmwareepyc_74f3epyc_7413epyc_7313pepyc_73f33rd Gen AMD EPYC™
CWE ID-CWE-20
Improper Input Validation
CVE-2016-3826
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.28%
||
7 Day CHG~0.00%
Published-05 Aug, 2016 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

services/audioflinger/Effects.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not validate the reply size for an AudioFlinger effect command, which allows attackers to gain privileges via a crafted application, aka internal bug 29251553.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-20064
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.49%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 02:51
Updated-29 Mar, 2025 | 00:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08572601; Issue ID: MSV-1229.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6883mt6983mt6877mt6886mt8678mt6762mt6855mt6580mt8792mt6989mt6833mt6889mt8755mt6893mt6873mt6885mt6891mt6879mt6895androidmt6853mt6789mt8775mt6985mt8796mt6853tmt6875mt6781mt6761mt6768MT6580, MT6761, MT6762, MT6768, MT6781, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT6989, MT8678, MT8755, MT8775, MT8792, MT8796mt6883mt6983mt6877mt6886mt6762mt6855mt6580mt8792mt6989mt6833mt6889mt8755mt6893mt6873mt6885mt6891mt6879mt6895mt6853mt6789mt8775mt8796mt6985mt6853tmt6875mt6781mt6761mt6768
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32487
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.02% / 4.31%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5401vostro_5391_firmwareinspiron_3470latitude_e7270inspiron_7570vostro_3669inspiron_5590_firmwareinspiron_5477_firmwareg7_17_7790_firmwareoptiplex_3280_aio_firmwarelatitude_7380_firmwarevostro_3888xps_13_9370inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_e5270precision_7540wyse_7040_thin_clientwyse_5070inspiron_5490_firmwarealienware_area_51m_r1_firmwarelatitude_5590optiplex_5080latitude_5511latitude_7390_2-in-1latitude_7214_rugged_extreme_firmwareprecision_5530_2-in-1inspiron_7580_firmwarealienware_x14_firmwarealienware_m15_r1_firmwareprecision_7720vostro_5581_firmwarealienware_m17_r3_firmwarelatitude_5300alienware_x14precision_5530_firmwareoptiplex_5050alienware_aurora_r11latitude_7300optiplex_3050_aioprecision_3620_toweroptiplex_5055_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_7000inspiron_3782latitude_3590_firmwarelatitude_7490_firmwarealienware_m15_r2latitude_5310_2-in-1_firmwareinspiron_7490_firmwarexps_8950precision_5720_aiolatitude_7400latitude_5591inspiron_3471latitude_3390optiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwareinspiron_7586optiplex_3040_firmwareoptiplex_5070g5_5000optiplex_3280_aioxps_15_9575_2-in-1inspiron_5491_2-in-1_firmwareoptiplex_3090_firmwarexps_13_9370_firmwarevostro_3581_firmwarevostro_3581latitude_9410inspiron_7777optiplex_7070optiplex_7080_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwarelatitude_5310vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedvostro_3268_firmwarealienware_aurora_r8inspiron_7000_firmwarelatitude_7220_rugged_extreme_tabletalienware_x15_r1latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7480_firmwarelatitude_e5470_firmwarevostro_5591vostro_5090latitude_3190latitude_7220ex_rugged_extreme_tablet_firmwarealienware_aurora_r8_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_5488latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540alienware_aurora_r11_firmwarealienware_x17_r2_firmwareinspiron_3580_firmwareinspiron_3781_firmwarewyse_5070_firmwarevostro_3670_firmwarelatitude_7214_rugged_extremeinspiron_3280_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520wyse_5470_all-in-one_firmwareinspiron_5482precision_7820_toweroptiplex_3090latitude_7290latitude_7212_rugged_extreme_tablet_firmwarealienware_area_51m_r1precision_7540_firmwareinspiron_3582inspiron_7700_aiolatitude_7480vostro_3401_firmwareinspiron_7391_firmwarevostro_3881wyse_5470_firmwareedge_gateway_5000_firmwareinspiron_5593inspiron_7580vostro_5390_firmwareinspiron_5770alienware_m17_r2_firmwarelatitude_3580precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwareinspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarevostro_3584optiplex_xe3precision_5510latitude_3301_firmwareinspiron_7370vostro_3481_firmwareinspiron_3502latitude_5491optiplex_7040inspiron_7386alienware_aurora_r12optiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_5400alienware_aurora_r13_firmwarelatitude_5410inspiron_7373_firmwareprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwarelatitude_3379_firmwarelatitude_5401_firmwareprecision_3551alienware_m17_r3precision_5820_towerprecision_7730inspiron_7380precision_3640_tower_firmwarelatitude_7275_2-in-1_firmwareg7_17_7790embedded_box_pc_3000inspiron_7570_firmwarelatitude_5400_firmwareinspiron_7391alienware_m17_r4vostro_3671_firmwareoptiplex_7460_all_in_one_firmwareprecision_3440precision_7510_firmwareg5_5000_firmwareoptiplex_7470_all-in-oneinspiron_5680_firmwarealienware_m15_r3_firmwareinspiron_3671_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwareinspiron_3781optiplex_3050_firmwarealienware_aurora_r10_firmwareinspiron_7590_firmwareinspiron_7791_firmwareprecision_7740_firmwareinspiron_15_3567alienware_m15_r2_firmwarelatitude_7389vostro_3681inspiron_5570_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareinspiron_3582_firmwarelatitude_5411_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultraprecision_7740inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareinspiron_3790_firmwarexps_13_7390_firmwarelatitude_9510inspiron_5770_firmwareinspiron_7586_firmwarelatitude_3180_firmwarevostro_3681_firmwarealienware_m17_r1_firmwarevostro_3580_firmwareinspiron_3581_firmwarelatitude_9510_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwarevostro_3668vostro_3670edge_gateway_3000latitude_5280inspiron_5490inspiron_3501_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareinspiron_3277precision_3930_rackprecision_7550vostro_3490inspiron_5391inspiron_5598inspiron_3482xps_7590_firmwareinspiron_15_2-in-1_5582_firmwareoptiplex_3080alienware_m17_r1latitude_3480inspiron_3782_firmwarexps_13_9300_firmwarealienware_m15_r4optiplex_7460_all_in_onevostro_3671inspiron_7591latitude_7310inspiron_7790inspiron_7790_firmwarelatitude_3379vostro_3584_firmwareoptiplex_7480_all-in-onechengming_3990_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareinspiron_7700_aio_firmwareoptiplex_7060latitude_5290_firmwareinspiron_15_2-in-1_5582latitude_7424_rugged_extremeoptiplex_7480_all-in-one_firmwareg5_5090_firmwarelatitude_7390g3_15_3590latitude_3390_firmwareprecision_3240_compactprecision_7750_firmwarealienware_aurora_r12_firmwarelatitude_5285_2-in-1_firmwareprecision_7510vostro_3401chengming_3991_firmwarevostro_3480_firmwarevostro_7590_firmwarealienware_aurora_r10precision_3510_firmwareinspiron_7370_firmwarelatitude_7389_firmwareoptiplex_7470_all-in-one_firmwarelatitude_e7470precision_3630_tower_firmwareinspiron_3581inspiron_5400_firmwarelatitude_5488_firmwareinspiron_5583precision_3541_firmwareinspiron_5591_2-in-1alienware_m15_r1alienware_x15_r2inspiron_5680vostro_3881_firmwareinspiron_7373latitude_7200_2-in-1latitude_5511_firmwarevostro_3490_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550latitude_7370latitude_7370_firmwarexps_13_7390_2-in-1_firmwareoptiplex_5070_firmwarealienware_aurora_r13latitude_3310_2-in-1inspiron_5390_firmwarelatitude_5490alienware_m17_r2vostro_3070_firmwareinspiron_7390_firmwareprecision_5720_aio_firmwarexps_7590latitude_3190_2-in-1optiplex_7071edge_gateway_5000vostro_3481inspiron_7786latitude_9410_firmwarevostro_7590latitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180latitude_5300_2-in-1latitude_7424_rugged_extreme_firmwarelatitude_e5470optiplex_3070_firmwarelatitude_7410_firmwarevostro_3667alienware_x15_r2_firmwarelatitude_e7470_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1inspiron_5491_aioinspiron_3780inspiron_7380_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarevostro_5090_firmwarexps_13_7390g3_15_5590_firmwareinspiron_3502_firmwareinspiron_5584precision_3520inspiron_7573_firmwarelatitude_5495_firmwarelatitude_e5570inspiron_3880_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareoptiplex_5055optiplex_5080_firmwarelatitude_e5270_firmwareinspiron_5493_firmwarevostro_3471inspiron_3480_firmwarealienware_m15_r3optiplex_5060_firmwarevostro_3590vostro_5390vostro_5590_firmwareprecision_7530_firmwarealienware_m17_r4_firmwarealienware_x17_r1inspiron_3790vostro_3583_firmwarelatitude_3190_firmwareinspiron_5494g7_17_7590g3_3779_firmwarexps_13_9300latitude_5500precision_7550_firmwareinspiron_5477chengming_3991inspiron_5480xps_8950_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwareinspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501chengming_3990vostro_3583alienware_x17_r2latitude_5491_firmwarevostro_5880_firmwareinspiron_3493optiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarewyse_5470_all-in-oneinspiron_5583_firmwarelatitude_5580_firmwareinspiron_3477_firmwarelatitude_3189xps_15_9575_2-in-1_firmwarevostro_3580precision_7750inspiron_14_3467_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579inspiron_7386_firmwareoptiplex_7080alienware_aurora_r9alienware_area_51m_r2_firmwarealienware_m15_r4_firmwareg3_15_5590latitude_5480optiplex_3046latitude_5414_rugged_firmwarelatitude_7300_firmwarealienware_x15_r1_firmwarelatitude_5510wyse_5470vostro_3501_firmwareinspiron_3593_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarealienware_x17_r1_firmwarexps_8930inspiron_7786_firmwarelatitude_3310_2-in-1_firmwarelatitude_7410inspiron_3590_firmwarelatitude_5501_firmwarexps_13_7390_2-in-1latitude_5411optiplex_7450_firmwareoptiplex_7450xps_13_9365_2-in-1optiplex_3050_aio_firmwareinspiron_15_3567_firmwareg3_3579_firmwareg7_17_7590_firmwarelatitude_3480_firmwarelatitude_3189_firmwarevostro_3590_firmwareinspiron_5498inspiron_7591_firmwarelatitude_5290latitude_5289_firmwarechengming_3980_firmwareinspiron_5491_2-in-1latitude_3120_firmwarelatitude_5590_firmwareinspiron_5590vostro_3267inspiron_14_3467g3_15_3590_firmwareinspiron_3671inspiron_5498_firmwareprecision_5540inspiron_3480latitude_3490precision_3930_rack_firmwareinspiron_3670inspiron_3793_firmwareprecision_3430_tower_firmwareinspiron_7390latitude_3300_firmwarelatitude_7400_2-in-1precision_3640_towervostro_5581inspiron_3490latitude_7210_2-in-1_firmwarelatitude_5510_firmwareinspiron_3670_firmwarelatitude_7212_rugged_extreme_tabletlatitude_e5570_firmwarelatitude_7220_rugged_extreme_tablet_firmwareprecision_3540_firmwareinspiron_7777_firmwareoptiplex_3046_firmwareinspiron_3482_firmwarelatitude_5289precision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwareprecision_5510_firmwareprecision_3420_towerinspiron_3881xps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwarealienware_area_51m_r2latitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_5310_firmwarevostro_3070inspiron_3793precision_3430_towerinspiron_5481_firmwarechengming_3988xps_15_7590inspiron_3477latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareedge_gateway_3000_firmwareinspiron_3277_firmwareinspiron_5401_firmwareinspiron_7573precision_5540_firmwarevostro_5590xps_8940_firmwarelatitude_3120vostro_3480optiplex_5260_all-in-one_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwarevostro_3582_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarevostro_3470latitude_5414_ruggedalienware_aurora_r9_firmwareoptiplex_3070inspiron_3280optiplex_3040latitude_7290_firmwareprecision_7530xps_8930_firmwarexps_13_9365_2-in-1_firmwareinspiron_5391_firmwarexps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareprecision_3510xps_13_9380_firmwarelatitude_7490inspiron_5390optiplex_7060_firmwareprecision_3240_compact_firmwareg3_3779inspiron_5401vostro_3582vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwareCPG BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2024-12353
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.05% / 13.33%
||
7 Day CHG-0.01%
Published-09 Dec, 2024 | 01:00
Updated-12 Dec, 2024 | 13:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SourceCodester Phone Contact Manager System User Menu MenuDisplayStart input validation

A vulnerability, which was classified as problematic, has been found in SourceCodester Phone Contact Manager System 1.0. This issue affects the function UserInterface::MenuDisplayStart of the component User Menu. The manipulation of the argument name leads to improper input validation. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-razormistSourceCodester
Product-phone_contact_manager_systemPhone Contact Manager Systemphone_contact_manager_system
CWE ID-CWE-20
Improper Input Validation
CVE-2021-44454
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.87%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus(R) Prime Pro Edition
CWE ID-CWE-20
Improper Input Validation
CVE-2024-12355
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.04% / 10.95%
||
7 Day CHG~0.00%
Published-09 Dec, 2024 | 01:31
Updated-12 Dec, 2024 | 13:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SourceCodester Phone Contact Manager System ContactBook.cpp adding input validation

A vulnerability has been found in SourceCodester Phone Contact Manager System 1.0 and classified as problematic. Affected by this vulnerability is the function ContactBook::adding of the file ContactBook.cpp. The manipulation leads to improper input validation. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-razormistSourceCodester
Product-phone_contact_manager_systemPhone Contact Manager Systemphone_contact_manager_system
CWE ID-CWE-20
Improper Input Validation
CVE-2015-3726
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.33% / 54.89%
||
7 Day CHG~0.00%
Published-03 Jul, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Telephony subsystem in Apple iOS before 8.4 allows physically proximate attackers to execute arbitrary code via a crafted (1) SIM or (2) UIM card.

Action-Not Available
Vendor-n/aApple Inc.
Product-iphone_osn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-0127
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.52%
||
7 Day CHG-0.00%
Published-26 Oct, 2024 | 08:10
Updated-01 Nov, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA vGPU software contains a vulnerability in the GPU kernel driver of the vGPU Manager for all supported hypervisors, where a user of the guest OS can cause an improper input validation by compromising the guest OS kernel. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.

Action-Not Available
Vendor-NVIDIA Corporation
Product-vGPU and Cloud Gamingcloud_gaming_virtual_gpuvirtual_gpu_manager
CWE ID-CWE-20
Improper Input Validation
CVE-2020-14956
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.94%
||
7 Day CHG~0.00%
Published-30 Jun, 2020 | 14:37
Updated-04 Aug, 2024 | 13:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Windows cleaning assistant 3.2, the driver file (AtpKrnl.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x223CCA.

Action-Not Available
Vendor-arswpn/a
Product-windows_cleanup_assistantn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-30756
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.60%
||
7 Day CHG~0.00%
Published-11 Jul, 2022 | 13:32
Updated-03 Aug, 2024 | 06:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of Finder.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2021-4120
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-8.2||HIGH
EPSS-0.11% / 30.39%
||
7 Day CHG~0.00%
Published-17 Feb, 2022 | 22:15
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
snapd could be made to bypass intended access restrictions through snap content interfaces and layout paths

snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

Action-Not Available
Vendor-Canonical Ltd.Fedora Project
Product-snapdubuntu_linuxfedorasnapd
CWE ID-CWE-20
Improper Input Validation
CVE-2022-30726
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-6.2||MEDIUM
EPSS-0.01% / 1.87%
||
7 Day CHG~0.00%
Published-07 Jun, 2022 | 18:03
Updated-03 Aug, 2024 | 06:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unprotected component vulnerability in DeviceSearchTrampoline in SecSettingsIntelligence prior to SMR Jun-2022 Release 1 allows local attackers to launch activities of SecSettingsIntelligence.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2021-39763
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.00%
||
7 Day CHG~0.00%
Published-30 Mar, 2022 | 16:02
Updated-04 Aug, 2024 | 02:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Settings, there is a possible way to make the user enable WiFi due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-199176115

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2015-2291
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.54% / 84.86%
||
7 Day CHG+0.28%
Published-09 Aug, 2017 | 18:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-03-03||Apply updates per vendor instructions.

(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-ethernet_diagnostics_driver_iqvw32.sysethernet_diagnostics_driver_iqvw64.syswindowsn/aEthernet Diagnostics Driver for Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2022-31762
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.80%
||
7 Day CHG~0.00%
Published-13 Jun, 2022 | 14:56
Updated-03 Aug, 2024 | 07:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CWE ID-CWE-20
Improper Input Validation
CVE-2022-30754
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.60%
||
7 Day CHG~0.00%
Published-11 Jul, 2022 | 13:32
Updated-03 Aug, 2024 | 06:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Implicit Intent hijacking vulnerability in AppLinker prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of AppLinker.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2021-38304
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.63%
||
7 Day CHG~0.00%
Published-17 Sep, 2021 | 15:51
Updated-04 Aug, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the National Instruments NI-PAL driver in versions 20.0.0 and prior may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-nin/a
Product-ni-paln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-37663
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.52%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 22:45
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incomplete validation in `QuantizeV2` in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in `tf.raw_ops.QuantizeV2`, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays. The [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/quantize_op.cc#L59) has some validation but does not check that `min_range` and `max_range` both have the same non-zero number of elements. If `axis` is provided (i.e., not `-1`), then validation should check that it is a value in range for the rank of `input` tensor and then the lengths of `min_range` and `max_range` inputs match the `axis` dimension of the `input` tensor. We have patched the issue in GitHub commit 6da6620efad397c85493b8f8667b821403516708. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-20
Improper Input Validation
CVE-2015-3318
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.06% / 18.37%
||
7 Day CHG~0.00%
Published-17 Jun, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aCA Technologies (Broadcom Inc.)Linux Kernel Organization, IncIBM CorporationOracle CorporationHP Inc.
Product-universal_job_management_agentnsm_job_management_optionsolarislinux_kernelclient_automationhp-uxnetwork_and_systems_managementvirtual_assurance_for_infrastructure_managersworkload_automation_aeaixn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-3649
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.45%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The open-uri-cached rubygem allows local users to execute arbitrary Ruby code by creating a directory under /tmp containing "openuri-" followed by a crafted UID, and putting Ruby code in said directory once a meta file is created.

Action-Not Available
Vendor-open-uri-cached_projectn/a
Product-open-uri-cachedn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-3288
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.75%
||
7 Day CHG~0.00%
Published-16 Oct, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-37665
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.86%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 22:40
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incomplete validation in MKL requantization in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in MKL implementation of requantization, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays. The [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/mkl/mkl_requantization_range_per_channel_op.cc) does not validate the dimensions of the `input` tensor. A similar issue occurs in `MklRequantizePerChannelOp`. The [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/mkl/mkl_requantize_per_channel_op.cc) does not perform full validation for all the input arguments. We have patched the issue in GitHub commit 9e62869465573cb2d9b5053f1fa02a81fce21d69 and in the Github commit 203214568f5bc237603dbab6e1fd389f1572f5c9. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-20
Improper Input Validation
CVE-2015-4035
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.61% / 68.86%
||
7 Day CHG~0.00%
Published-25 Jul, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name.

Action-Not Available
Vendor-tukaanin/aRed Hat, Inc.
Product-enterprise_linuxxzn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-3612
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.01%
||
7 Day CHG~0.00%
Published-09 Jul, 2021 | 10:33
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Action-Not Available
Vendor-n/aFedora ProjectRed Hat, Inc.Linux Kernel Organization, IncNetApp, Inc.Debian GNU/LinuxOracle Corporation
Product-h300eh500scloud_backupenterprise_linuxh300s_firmwareh410c_firmwarecommunications_cloud_native_core_network_exposure_functionh410sh300scommunications_cloud_native_core_policysolidfire_baseboard_management_controllerh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwarecommunications_cloud_native_core_binding_support_functionh700eh410ch700e_firmwaresolidfire_baseboard_management_controller_firmwareh700skernel
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-35092
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 8.70%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:51
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830qcs610qca8337wcd9360_firmwaremdm9650sdx65csra6620wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370csra6620_firmwareqcs605_firmwarecsra6640_firmwarewcn3990_firmwareqrb5165n_firmwareqca9377wcn3998wcd9385_firmwarewcn3950wcd9326_firmwarewcn3615_firmwaresd_8_gen1_5g_firmwarewcn3660bsd662sd460_firmwarewcn7850qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595auqca8081_firmwaresdx12_firmwarewcd9375_firmwaresm7250p_firmwarewcn3615wcn3998_firmwareqca6420apq8053_firmwarewcd9360qrb5165nsd680_firmwaresd778gwcn7851qrb5165_firmwareqrb5165m_firmwaresd662_firmwareqcs405qca6430wcn3988_firmwaresd778g_firmwarewsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwaresd680wcd9326wcd9335wcn6851qca8081wcn7851_firmwareqca6174a_firmwarewcd9385wcd9341qca6696_firmwaresd750gsd870_firmwarear8035qca6390sd750g_firmwareaqt1000wcd9375msm8953_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresm8475wcn6750_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd780gsd865_5gsdx55m_firmwarewcn6856_firmwarewsa8835wcd9380sd888_5gqualcomm215qcs410qca6574asd690_5g_firmwarewcn6855_firmwareqca6174asm7325pqca6430_firmwarewcd9335_firmwarewcn3980wcn6750qcs605sd855wsa8815sm7325p_firmwarewcn6850mdm9650_firmwaresd765wcn3660b_firmwarewcn3680qca6574a_firmwaresd695sd768g_firmwareqrb5165mwcn3980_firmwaresd460qca6391sdx55maqt1000_firmwarewcn6740_firmwaremsm8953sdx65_firmwarear8031_firmwarewcn3680_firmwareqrb5165sd480_firmwarewcn6851_firmwareqca6574auwcd9341_firmwaresd480sd870wsa8810wcn6855qcs610_firmwaremdm9150wcn6856wcn3680bsd695_firmwaresd768gapq8096auar8031qcs405_firmwarewcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55apq8053apq8096au_firmwarecsra6640sm7250psdx12qcs410_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-20
Improper Input Validation
CVE-2023-5058
Matching Score-4
Assigner-Phoenix Technologies, Inc.
ShareView Details
Matching Score-4
Assigner-Phoenix Technologies, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.70%
||
7 Day CHG~0.00%
Published-07 Dec, 2023 | 22:29
Updated-28 Jul, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentially allows denial-of-service attacks or arbitrary code execution.

Action-Not Available
Vendor-phoenixPhoenix
Product-securecore_technologySecureCore™ Technology™ 4
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 10
  • 11
  • Next
Details not found