Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-0584

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-12 Nov, 2020 | 17:59
Updated At-04 Aug, 2024 | 06:02
Rejected At-
Credits

Buffer overflow in firmware for Intel(R) SSD DC P4800X and P4801X Series, Intel(R) Optane(TM) SSD 900P and 905P Series may allow an unauthenticated user to potentially enable a denial of service via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:12 Nov, 2020 | 17:59
Updated At:04 Aug, 2024 | 06:02
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in firmware for Intel(R) SSD DC P4800X and P4801X Series, Intel(R) Optane(TM) SSD 900P and 905P Series may allow an unauthenticated user to potentially enable a denial of service via local access.

Affected Products
Vendor
n/a
Product
Intel(R) SSD DC P4800X and P4801X Series, Intel(R) Optane(TM) SSD 900P and 905P Series
Versions
Affected
  • See references
Problem Types
TypeCWE IDDescription
textN/Aa denial of service
Type: text
CWE ID: N/A
Description: a denial of service
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00362
x_refsource_MISC
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00362
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00362
x_refsource_MISC
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00362
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:12 Nov, 2020 | 18:15
Updated At:19 Nov, 2020 | 14:48

Buffer overflow in firmware for Intel(R) SSD DC P4800X and P4801X Series, Intel(R) Optane(TM) SSD 900P and 905P Series may allow an unauthenticated user to potentially enable a denial of service via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.2MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 6.2
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 2.1
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Intel Corporation
intel
>>ssd_dc_p4800x_firmware>>Versions before e2010485(exclusive)
cpe:2.3:o:intel:ssd_dc_p4800x_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>ssd_dc_p4800x>>-
cpe:2.3:h:intel:ssd_dc_p4800x:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>ssd_dc_p4801x_firmware>>Versions before e2010485(exclusive)
cpe:2.3:o:intel:ssd_dc_p4801x_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>ssd_dc_p4801x>>-
cpe:2.3:h:intel:ssd_dc_p4801x:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>optane_ssd_900p_firmware>>Versions before e2010480(exclusive)
cpe:2.3:o:intel:optane_ssd_900p_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>optane_ssd_900p>>-
cpe:2.3:h:intel:optane_ssd_900p:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>optane_ssd_905p_firmware>>Versions before e2010480(exclusive)
cpe:2.3:o:intel:optane_ssd_905p_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>optane_ssd_905p>>-
cpe:2.3:h:intel:optane_ssd_905p:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Primarynvd@nist.gov
CWE ID: CWE-120
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00362secure@intel.com
Patch
Vendor Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00362
Source: secure@intel.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

207Records found
CVE-2020-24501
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.29% / 52.14%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:42
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_adapter_e810-cqda1_for_ocp_3.0ethernet_network_adapter_e810-cqda1_for_ocpethernet_network_adapter_e810-cqda2ethernet_network_adapter_e810-xxvda2ethernet_network_adapter_e810-xxvda2_for_ocpethernet_network_adapter_e810-xxvda4ethernet_network_adapter_e810-cqda1ethernet_network_adapter_e810-xxvda2_for_ocp_3.0ethernet_network_adapter_e810_firmwareethernet_network_adapter_e810-cqda2_for_ocp_3.0Intel(R) E810 Ethernet Controllers
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-0115
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.17% / 38.15%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aNetApp, Inc.Intel Corporation
Product-core_i7-6870hqxeon_e-2286gatom_c3950core_i3-9100ecore_i3-10100xeon_silver_4109tcore_i3-7300core_i5-1038ng7core_i5-11400core_i9-7900xcore_i7-10510yxeon_d-1548xeon_bronze_3106xeon_platinum_8260yxeon_d-1633nxeon_d-1653nxeon_platinum_8153xeon_e-2246gcore_i5-6350hqcore_i9-9960xcore_i3-6300txeon_e-2374gxeon_gold_5218txeon_w-2123core_i5-11260hxeon_e-2236xeon_gold_5218nxeon_w-1270exeon_d-1531core_i5-6500tcore_i5-7500core_i5-6260uxeon_e-2278gecore_i5-7440hqxeon_platinum_8156core_i7-8709gatom_c3758xeon_d-2177ntxeon_gold_6142fxeon_silver_4214ycore_i9-11900kfxeon_w-10855mxeon_gold_6230txeon_silver_4210rxeon_w-1270xeon_w-3235core_i9-10900txeon_e-2126gcore_i5-8200ycore_i7-10700tecore_i9-10900kxeon_gold_5220rcore_i5-8260ucore_i5-11400fxeon_w-11955mcore_i5-10400txeon_w-1290ecore_i7-1185g7core_i7-9700kfcore_i9-10900xxeon_platinum_9221xeon_d-2142itcore_m7-6y75xeon_w-3335core_i9-11900kcore_i5-10500hxeon_w-11555mrecore_i5-10600kfxeon_e-2146gcore_i3-1005g1core_i7-1068ng7xeon_silver_4112xeon_gold_6140xeon_d-1637core_i5-9400fcore_i3-10100ecore_i7-6800kcore_i7-7560uatom_c3538core_i7-9700txeon_gold_5120xeon_gold_6238core_i5-11600kfcore_i5-7600tcore_i7-4820kxeon_d-1602core_i5-8365uatom_c3508xeon_w-2245core_i5-9600kfxeon_d-2145ntxeon_platinum_8256xeon_gold_6130fxeon_e-2276mxeon_e-2224gcore_i5-8269uxeon_d-2163itcore_i3-1120g4core_i7-3930kcore_i5-11400hcore_i9-11900hxeon_d-1623ncore_i7-1185g7ecore_i7-10810ucore_i3-10300txeon_d-1521core_i3-8100core_i3-8145uecore_i5-1130g7core_i9-11900core_i5-6585rcore_i5-9600kxeon_gold_6144core_i5-8265ucore_i7-10700tcore_i9-9900kfcore_i3-7100core_m5-6y54core_i5-6300hqxeon_gold_5118core_i5-1145g7core_i5-9300hcore_i5-10500ecore_i7-10750hcore_i9-10850kxeon_silver_4114tcore_i5-8500bxeon_d-2143itxeon_silver_4209txeon_e-2226gexeon_gold_6212ucore_i5-6600core_i3-8100hcore_i7-8706gcore_i3-6300core_i9-11900fxeon_silver_4215xeon_gold_6230ncore_i9-10920xcore_i9-11950hatom_c3750xeon_gold_6138pcore_i7-1195g7core_i5-10310ucore_i9-10885hcore_i7-8557ucore_i5-7440eqcore_i3-6320xeon_e-2386gcore_i7-1165g7core_m3-7y32core_i7-11850hexeon_e-2134xeon_w-1290tecore_i5-1145g7ecore_i5-6440eqcore_i5-1030g7core_i9-10980hkxeon_e-2176mxeon_w-11155mlexeon_gold_6130xeon_silver_4210txeon_e-2274gxeon_gold_6136core_i5-6287ucore_i7-8500yxeon_w-3323core_i5-9600tatom_c3558rcore_i9-7960xxeon_w-1370atom_c3808core_i5-9600xeon_d-1559xeon_gold_6134xeon_w-3375xeon_e-2174gcore_i5-8600txeon_d-1537xeon_gold_5218bxeon_gold_6128core_i7-1180g7xeon_e-2176gxeon_e-2288gcore_i3-6100hcore_i7-7500uxeon_gold_6146xeon_w-1370pxeon_gold_6254core_i3-10320xeon_gold_5218rcore_i3-10105fxeon_w-2235core_i3-6098pcore_i5-6400xeon_d-1649nxeon_w-3175xcore_i7-10875hxeon_w-3225core_i3-7101tecore_i7-7700xeon_d-1540core_i3-11100hecore_i5-10400hxeon_gold_6246rcore_i5-7300hqxeon_d-1513nxeon_w-10885mxeon_gold_6126xeon_d-1527core_i9-9940xcore_i9-9900xcore_i5-6600kcore_i9-7940xcore_i7-9700exeon_e-2254mecore_i7-9700tecore_i7-6700txeon_gold_6248rxeon_silver_4214xeon_w-2125xeon_platinum_9222core_i3-10105tcore_i5-11300hcore_i5-6500texeon_gold_5220sxeon_platinum_8260core_i5-6500core_i3-1000g4core_i3-9100hlcore_i9-10900kfcore_i3-10100tatom_c3858xeon_d-2146ntxeon_e-2144gcore_i9-9980hkxeon_w-11555mlecore_i5-11500hexeon_e-2244gcore_i3-7100tcore_i3-6102exeon_w-1390txeon_silver_4216core_i5-1140g7core_i7-11700kfcore_i7-10610ucore_i7-6770hqxeon_platinum_8180xeon_platinum_8276lxeon_gold_6138tcore_i7-7740xcore_i7-11375hcore_i7-7y75core_i7-8559ucore_i5-9500eatom_c3850core_i5-11500txeon_e-2124gcore_i7-4930kcore_i5-9400core_i7-4960xcore_i7-5960xcore_i7-6600uxeon_gold_6138core_i7-1185grecore_i3-10325xeon_gold_6138fxeon_e-2356gcore_i7-8700xeon_d-1557core_i3-7130ucore_i5-8400atom_c3436lxeon_w-3245mxeon_e-2334core_i7\+8700core_i7-9850hatom_c3708xeon_w-1350core_i5-7600core_i9-10980xecore_i7-6500ucore_i5-1035g1xeon_w-11865mlecore_i7-11850hxeon_w-1290xeon_e-2186gxeon_silver_4210core_i3-10110uxeon_gold_6234atom_c3336core_i7-4930mxxeon_w-1350pcore_i9-10900xeon_w-1250core_i5-9400tcore_i5-7360ucore_i5-7300ucore_i7-11800hcore_i3-10300core_i5-6600tcore_i7-8565uxeon_gold_6154xeon_silver_4110core_i7-7700katom_c3830xeon_platinum_8176core_i7-10870hcore_i3-10100fcore_i7-10510uxeon_bronze_3104xeon_w-1290pcore_i5-8310yxeon_gold_5217core_i5-6440hqcore_i7-6850kxeon_gold_5120txeon_e-2324gxeon_w-3245core_i7-6660ucore_i9-7980xecore_i3-6100exeon_gold_6210ucore_i5-7200uxeon_gold_5115core_i7-9700fxeon_w-3345core_i5-10210ucore_i7-6820hqxeon_d-1528xeon_w-2295xeon_e-2234core_i3-9100tcore_i5-10500core_i5-8400bcore_i3-7100hcore_i7-8850hxeon_gold_5215core_i3-6100ucore_i9-9900kscore_i9-7920xxeon_w-11865mrecore_i5-11600kcore_i9-10900tecore_i9-8950hkcore_i5-6360ucore_i3-6157ucore_i5-9500fcore_i3-10100yxeon_e-2378core_i7-7820xcore_i3-1115g4ecore_i5-10600tcore_i5-7640xcore_i7-7800xxeon_w-3275mxeon_gold_6250lcore_i5-9400hxeon_gold_6209ucore_i9-9920xxeon_platinum_8253xeon_gold_6252ncore_i7-7660ucore_i3-9320xeon_platinum_8158core_i7-7700hqatom_c3308xeon_platinum_8280core_i5-6402pcore_m3-7y30xeon_w-11155mrexeon_gold_6252xeon_w-2135core_i3-10105core_i5-11400tcore_i7-11700kcore_i7-4940mxcore_i7-8550uxeon_e-2276mlxeon_gold_6246xeon_silver_4214rcore_i9-10940xcore_i7-9700core_i7-6700hqcore_i3-8300core_i7-9850hexeon_gold_6230rcore_i7-10700kfcore_i5-8400tcore_i5-7500txeon_d-2187ntxeon_silver_4116tcore_i7-1065g7xeon_d-1518core_i7-9800xxeon_silver_4208core_i5-6267ucore_i3-1000g1xeon_gold_6126txeon_w-2225xeon_silver_4116xeon_e-2276mecore_i5-7y54xeon_w-1250ecore_i5-7400core_i7-6950xfas\/aff_biosxeon_platinum_8160fxeon_platinum_8164core_i7-6567uxeon_platinum_8176fxeon_gold_5215lcore_i5-7287uxeon_platinum_8168core_i7-3970xcore_i7-3960xcore_i7-11600hcore_i7-7920hqcore_i7-10700core_i5-1145grecore_i3-7020uxeon_d-1533nxeon_gold_6240lxeon_w-3265mxeon_gold_6248core_i5-1135g7xeon_w-2195xeon_e-2136core_i5-9300hfxeon_w-1270pcore_i3-1115g4xeon_gold_6258rxeon_platinum_9282core_i3-8145ucore_i3-9300core_i5-10400xeon_d-2173itxeon_d-2161icore_i7-7567uxeon_w-1250pcore_i7-8700kcore_i5-1155g7core_i3-9300tcore_i7-7820hqcore_i7-7820eqcore_i7-9700kxeon_d-2123itxeon_platinum_8160tcore_i3-8109ucore_i5-8365uexeon_gold_6142core_i3-1110g4xeon_bronze_3206rxeon_gold_6148core_i7-3820xeon_w-3275xeon_gold_6240core_i3-7320core_i7-10700ecore_i5-8350ucore_i7-3940xmxeon_gold_5220xeon_gold_6126fcore_i3-10100tecore_m5-6y57xeon_e-2388gcore_i7-11390hxeon_platinum_8268xeon_e-2226gcore_i5-7y57core_i7-6700texeon_gold_6240rcore_i7-3920xmcore_i5-7260uxeon_e-2278gxeon_silver_4215rcore_i9-10900ecore_i3-9100core_i7-9750hxeon_e-2124core_i5-8250ucore_i5-8600core_i9-11980hkxeon_w-3265core_i5-10500tecore_i5-11500core_i3-6100tecore_i7-11700xeon_platinum_8160xeon_gold_5119tcore_i7-8700bcore_i5-10500txeon_gold_6148fcore_i5-10600core_i5-10310yxeon_w-1250texeon_gold_6208ucore_i3-9100teatom_c3338core_i5-8259uxeon_gold_6242core_i7-10700kxeon_e-2336xeon_d-1627xeon_e-2186mxeon_e-2286mcore_i9-9880hcore_i7-6650ucore_i7-11370hcore_i5-7442eqcore_i7-8665uecore_i3-8130ucore_i3-7167ucore_i3-8300tcore_i5-11500hcore_i5-1035g4core_i5-11600tcore_i7-8650ucore_i5-10200hcore_i9-9900kcore_i7-8705gxeon_platinum_8276xeon_d-1529xeon_gold_5220tcore_i7-5930kcore_i5-10400fcore_i7-1160g7core_i7-7600uxeon_gold_6244xeon_gold_6242rcore_i3-7100exeon_w-2275xeon_w-2265core_i5-9500xeon_gold_6226rcore_i3-7101ecore_i9-9900xeon_bronze_3204core_i9-9820xxeon_d-1567xeon_w-3365core_i7-9850hlcore_i5-8400hcore_i5-6300ucore_m3-6y30core_i7-9750hfxeon_d-2141ixeon_w-2175xeon_silver_4108core_i3-10110ycore_i5-1035g7core_i7-7820hkxeon_e-2254mlxeon_w-11855mcore_i5-8305gcore_i3-6100xeon_gold_6240ycore_i3-9350kxeon_gold_6238lxeon_w-1390cloud_backupcore_i3-1115grecore_i5-11600core_i5-7400tcore_i7-11700fcore_i3-6100tcore_i7-8750hcore_i7-8665ucore_i3-10305txeon_d-2183itcore_i5-8300hcore_i3-8140ucore_i3-8350kcore_i5-10600kcore_i7-8086kxeon_gold_5222core_i7-10850hxeon_d-1523nxeon_gold_6256core_i5-9500teatom_c3958xeon_gold_6130tatom_c3338rxeon_d-1520core_i3-8100bcore_i3-6167ucore_i5-8279uxeon_platinum_8280lcore_m3-8100ycore_i5-7267ucore_i5-8600kcore_i3-7100uxeon_d-1543ncore_i5-6442eqcore_i7-8700txeon_silver_4114xeon_d-1541core_i7-11700txeon_d-1622xeon_platinum_9242core_i7-6700kcore_i7-6970hqxeon_w-2223core_i7-6822eqcore_i3-7300txeon_gold_6238tatom_c3955core_i5-8500core_i9-11900tcore_i5-8210ycore_i7-6785rcore_i7-6560ucore_i7-1060g7core_i5-8257ucore_i7-8569ucore_i7-5820kcore_i9-9900tcore_i7-6900kcore_i7-7700tcore_i9-9980xeatom_c3558core_i5-6685rxeon_w-2133xeon_gold_6250core_i3-9350kfxeon_platinum_8260lxeon_platinum_8270xeon_w-1290tcore_i5-8500tcore_i7-8809gxeon_gold_6226core_i5-11320hxeon_d-1577xeon_gold_6132xeon_e-2314core_i5-6400tcore_i3-10305xeon_d-2166ntcore_i3-7350kxeon_w-1390pcore_i5-10505xeon_d-1539core_i7-6700core_i7-6820eqcore_i7-6920hqcore_i5-7600kcore_i7-6820hkxeon_w-2255xeon_gold_6262vcore_i3-6006ucore_i7-10710ucore_i5-10210ycore_i5-10300hxeon_w-1270texeon_e-2224xeon_gold_5218xeon_w-2145xeon_gold_6238rcore_i3-9100fxeon_platinum_8170core_i9-10900fcore_i3-1125g4xeon_e-2278gelxeon_d-1553ncore_i5-1030g4xeon_e-2378gcore_i3-8100tcore_i5-9500txeon_w-3223xeon_w-2155xeon_gold_6152core_i3-7102exeon_gold_6150xeon_e-2276gcore_i5-6200uxeon_gold_6222vcore_i7-10700fxeon_d-1571xeon_gold_5122atom_c3758rxeon_gold_6230Intel(R) Processors
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8729
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.85%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:56
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer copy without checking size of input for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8710
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.19% / 41.55%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:31
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the bootloader for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8719
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.19% / 41.55%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:29
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-0576
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.35% / 56.83%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 16:58
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Intel(R) Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_mfs2600ki_firmwarecompute_module_mfs2600kiIntel(R) Modular Server Compute Module
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-0504
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 23.13%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 17:42
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Intel(R) Graphics Drivers before versions 15.40.44.5107, 15.45.30.5103, and 26.20.100.7158 may allow an authenticated user to potentially enable escalation of privilege and denial of service via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel(R) Graphics Drivers
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-0530
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 20:55
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html

Action-Not Available
Vendor-Intel Corporation
Product-nuc_kit_nuc7i5bnknuc_board_d34010wybnuc_kit_nuc8i7beknuc_kit_nuc7i5dnhenuc_8_enthusiast_pc_nuc8i7bekqa_firmwarenuc_7_enthusiast_pc_nuc7i7bnhxgnuc_kit_nuc7i3bnhx1_firmwarenuc_7_home_a_mini_pc_nuc7i3bnhxfnuc_8_mainstream-g_kit_nuc8i7inh_firmwarenuc_kit_nuc6i5syk_firmwarenuc_kit_nuc5i5ryk_firmwarecompute_stick_stk1a32sc_firmwarenuc_kit_nuc6i3syh_firmwarenuc_kit_nuc5i5myhenuc_8_mainstream-g_kit_nuc8i5inhnuc_kit_nuc5i5ryknuc_kit_nuc7i5bnhnuc_kit_nuc5i3myhenuc_kit_nuc7i7dnkenuc_kit_nuc7i3bnknuc_board_nuc5i3mybe_firmwarenuc_kit_nuc7i5dnke_firmwarenuc_kit_nuc5i7ryh_firmwarenuc_kit_nuc7i7bnhnuc_kit_nuc7i3bnh_firmwarenuc_8_home_pc_nuc8i3cysmnuc_kit_nuc7i3bnhx1nuc_8_business_pc_nuc8i7hnkqcnuc_kit_nuc6i7kyk_firmwarenuc_kit_de3815tykhenuc_7_home_a_mini_pc_nuc7i5bnhxf_firmwarenuc_board_nuc7i7dnbenuc_kit_nuc7i5bnh_firmwarenuc_board_de3815tybe_firmwarenuc_board_d54250wyb_firmwarecompute_stick_stk2m3w64cc_firmwarenuc_kit_nuc5i3ryhsnuc_kit_d34010wyknuc_7_home_a_mini_pc_nuc7i3bnhxf_firmwarecompute_stick_stck1a8lfc_firmwarecompute_stick_stk1aw32sc_firmwarecompute_stick_stk1aw32scnuc_kit_nuc6cayh_firmwarenuc_kit_nuc7i5bnhx1_firmwarenuc_kit_nuc7i3bnk_firmwarenuc_kit_nuc5i5ryh_firmwarenuc_8_mainstream-g_kit_nuc8i5inh_firmwarenuc_kit_nuc7i7bnhx1nuc_kit_nuc5i5myhe_firmwarenuc_kit_nuc5i3ryh_firmwarenuc_8_rugged_kit_nuc8cchkr_firmwarecompute_stick_stk2m364ccnuc_kit_nuc6cays_firmwarecompute_stick_stk2m364cc_firmwarenuc_kit_nuc7i7dnke_firmwarenuc_kit_nuc6i3syhnuc_board_nuc7i3dnbe_firmwarenuc_kit_nuc7i7dnhenuc_kit_d54250wyknuc_kit_nuc7i3dnhe_firmwarenuc_kit_nuc5i3myhe_firmwarecompute_stick_stck1a32wfcnuc_kit_nuc7i5dnkenuc_7_home_a_mini_pc_nuc7i5bnkp_firmwarenuc_8_mainstream-g_mini_pc_nuc8i7inh_firmwarenuc_kit_d54250wyk_firmwarenuc_kit_nuc7pjyhnuc_kit_de3815tykhe_firmwarecompute_stick_stk1a32scnuc_kit_nuc5i3ryknuc_8_mainstream-g_mini_pc_nuc8i7inhnuc_kit_nuc5i3ryhs_firmwarenuc_board_nuc8cchbnuc_board_nuc5i5mybenuc_kit_nuc8i7hnknuc_7_essential_pc_nuc7cjysalnuc_board_d54250wybcompute_stick_stk2m3w64ccnuc_board_nuc5i3mybenuc_7_essential_pc_nuc7cjysal_firmwarenuc_kit_nuc7i5bnhx1nuc_kit_nuc6i3syk_firmwarenuc_kit_nuc7i3dnhenuc_kit_nuc5i3ryk_firmwarenuc_board_nuc8cchb_firmwarenuc_kit_nuc7i5dnhe_firmwarenuc_kit_nuc8i7hnk_firmwarecompute_stick_stck1a8lfcnuc_8_home_pc_nuc8i3cysm_firmwarenuc_kit_d34010wykhnuc_kit_nuc7cjyhnuc_board_nuc5i5mybe_firmwarenuc_kit_d54250wykh_firmwarenuc_board_nuc7i5dnbenuc_kit_nuc5cpyhnuc_kit_nuc6caysnuc_board_nuc7i7dnbe_firmwarenuc_kit_nuc7i7bnh_firmwarenuc_kit_nuc7i3dnke_firmwarenuc_8_business_pc_nuc8i7hnkqc_firmwarenuc_8_enthusiast_pc_nuc8i7bekqanuc_kit_nuc6i5syhnuc_board_nuc7i3dnbenuc_kit_nuc5i3ryhnuc_kit_nuc6cayhnuc_kit_nuc5ppyhnuc_kit_nuc8i7bek_firmwarenuc_8_mainstream-g_kit_nuc8i7inhnuc_board_nuc7i5dnbe_firmwarenuc_board_d34010wyb_firmwarenuc_kit_nuc5i3ryhsn_firmwarenuc_kit_nuc5i7ryhnuc_kit_nuc5pgyh_firmwarenuc_kit_nuc7i5bnk_firmwarenuc_kit_nuc5i5ryhsnuc_kit_nuc7i7bnhx1_firmwarenuc_kit_nuc5pgyhnuc_8_rugged_kit_nuc8cchkrnuc_kit_nuc6i5syknuc_kit_nuc5i5ryhs_firmwarenuc_kit_nuc7cjyh_firmwarenuc_kit_nuc7pjyh_firmwarenuc_7_enthusiast_pc_nuc7i7bnhxg_firmwarenuc_kit_nuc6i5syh_firmwarenuc_kit_nuc5cpyh_firmwarenuc_kit_nuc5ppyh_firmwarenuc_kit_d54250wykhcompute_stick_stck1a32wfc_firmwarenuc_kit_d34010wyk_firmwarenuc_kit_nuc6i7kyknuc_kit_nuc7i7dnhe_firmwarenuc_7_home_a_mini_pc_nuc7i5bnhxfnuc_kit_nuc5i5ryhnuc_kit_nuc6i3syknuc_board_de3815tybenuc_kit_d34010wykh_firmwarenuc_7_home_a_mini_pc_nuc7i5bnkpnuc_kit_nuc7i3dnkenuc_kit_nuc7i3bnhnuc_kit_nuc5i3ryhsnIntel(R) NUC Firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-38581
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.13% / 32.77%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-02 Aug, 2024 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) Power Gadget software for Windowspower_gadget_software
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8712
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.17% / 38.67%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:42
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in a verification process for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8707
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.27% / 50.13%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:27
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-48426
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.11% / 30.49%
||
7 Day CHG~0.00%
Published-24 Oct, 2024 | 00:00
Updated-28 May, 2025 | 21:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address (0x1000c9714971).

Action-Not Available
Vendor-assimpn/aassimp
Product-assimpn/aassimp
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-5257
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 17.73%
||
7 Day CHG~0.00%
Published-13 Dec, 2019 | 22:16
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace) have a resource management vulnerability. An attacker who logs in to the board may send crafted messages from the internal network.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-ips_firmwaresecospace_usg6300nip6300_firmwarenip6600ap2000espace_u1981_firmwarenip6800_firmwareipssemg9811_firmwareespace_u1981ngfw_firmwaresecospace_usg6500_firmwaresvn5800nip6300svn5800_firmwaresecospace_usg6500svn5600_firmwaresecospace_usg6600_firmwaresemg9811usg6000vap2000_firmwarengfws5700_firmwaresvn5600usg6000v_firmwarenip6800secospace_antiddos8000_firmwaresecospace_usg6300_firmwarenip6600_firmwares5700secospace_antiddos8000svn5800-csecospace_usg6600svn5800-c_firmwareAP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-5247
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 22.75%
||
7 Day CHG~0.00%
Published-29 Nov, 2019 | 20:05
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei Atlas 300, Atlas 500 have a buffer overflow vulnerability. A local, authenticated attacker may craft specific parameter and send to the process to exploit this vulnerability. Successfully exploit may cause service crash.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-atlas_500atlas_300atlas_500_firmwareatlas_300_firmwareAtlas 300, Atlas 500
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-5258
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 22.75%
||
7 Day CHG~0.00%
Published-13 Dec, 2019 | 22:41
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-ips_firmwaresecospace_usg6300nip6300_firmwarenip6600ap2000espace_u1981_firmwarenip6800_firmwareipssemg9811_firmwareespace_u1981ngfw_firmwaresecospace_usg6500_firmwaresvn5800nip6300svn5800_firmwaresecospace_usg6500svn5600_firmwaresecospace_usg6600_firmwaresemg9811usg6000vap2000_firmwarengfws5700_firmwaresvn5600usg6000v_firmwarenip6800secospace_antiddos8000_firmwaresecospace_usg6300_firmwarenip6600_firmwares5700secospace_antiddos8000svn5800-csecospace_usg6600svn5800-c_firmwareAP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-41496
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.34%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 19:56
Updated-04 Aug, 2024 | 04:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values. NOTE: The vendor does not agree this is a vulnerability; the negative dimensions can only be created by an already privileged user (or internally)

Action-Not Available
Vendor-numpyn/a
Product-numpyn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-6192
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-4.4||MEDIUM
EPSS-1.38% / 79.54%
||
7 Day CHG~0.00%
Published-10 Dec, 2019 | 18:05
Updated-17 Sep, 2024 | 04:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a buffer overflow which could cause a denial of service.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkpad_a275thinkpad_e15thinkpad_x1_yoga_gen_2thinkpad_x380_yogathinkpad_a485thinkpad_25thinkpad_s2_yoga_gen_5thinkpad_e490thinkpad_s2_gen_2thinkpad_p53sthinkpad_t480sthinkpad_t570thinkpad_s1_gen_4thinkpad_t490thinkpad_p51sthinkpad_t590thinkpad_x390_yogathinkpad_p53thinkpad_e575thinkpad_e14thinkpad_e570thinkpad_l590thinkpad_p7thinkpad_l570thinkpad_x1_carbon_gen_5thinkpad_p52thinkpad_p43sthinkpad_a475thinkpad_l480thinkpad_e475power_management_driverthinkpad_s5_gen_2thinkpad_x1_yoga_gen_4thinkpad_13_gen_2thinkpad_e495thinkpad_l580thinkpad_x270thinkpad_a285thinkpad_e580thinkpad_p1thinkpad_x1_tablet_gen_2thinkpad_x280thinkpad_x390thinkpad_s3_gen_2thinkpad_p1_gen_2thinkpad_x1_yoga_gen_3thinkpad_r14thinkpad_yoga_370thinkpad_l470thinkpad_x1_carbon_gen_7thinkpad_x395thinkpad_t470thinkpad_l390thinkpad_e570cthinkpad_l380thinkpad_t580thinkpad_l390_yogathinkpad_r480thinkpad_x1_extremethinkpad_e480thinkpad_l490thinkpad_l380_yogathinkpad_p51thinkpad_l13thinkpad_t490sthinkpad_p73thinkpad_e470thinkpad_s2_gen_5thinkpad_x1_tablet_gen_3thinkpad_e590thinkpad_t470sthinkpad_p72thinkpad_t470pthinkpad_e470cthinkpad_e595thinkpad_t495thinkpad_l13_yogathinkpad_t480thinkpad_x1_extreme_2ndthinkpad_p52sthinkpad_x1_carbon_gen_6Power Management driver
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-14354
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-3.3||LOW
EPSS-0.19% / 40.86%
||
7 Day CHG~0.00%
Published-13 May, 2021 | 13:38
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. This flaw possibly allows an attacker to crash the service that uses c-ares lib. The highest threat from this vulnerability is to this service availability.

Action-Not Available
Vendor-c-aresn/aFedora Project
Product-fedorac-aresc-ares
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-416
Use After Free
CWE ID-CWE-415
Double Free
CVE-2021-36724
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
ShareView Details
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
CVSS Score-6.1||MEDIUM
EPSS-0.04% / 8.75%
||
7 Day CHG~0.00%
Published-29 Dec, 2021 | 17:02
Updated-16 Sep, 2024 | 20:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ForeScout - SecureConnector Local Service DoS

ForeScout - SecureConnector Local Service DoS - A low privilaged user which doesn't have permissions to shutdown the secure connector service writes a large amount of characters in the installationPath. This will cause the buffer to overflow and override the stack cookie causing the service to crash.

Action-Not Available
Vendor-Forescout Technologies, Inc.
Product-secureconnectoreServices / eNvoice
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-36333
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 11.74%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 20:00
Updated-16 Sep, 2024 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. A local low privileged attacker, may potentially exploit this vulnerability, leading to an application crash.

Action-Not Available
Vendor-Dell Inc.
Product-emc_cloud_linkCloudLink
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-34557
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.05% / 15.30%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 15:54
Updated-04 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XScreenSaver 5.45 can be bypassed if the machine has more than ten disconnectable video outputs. A buffer overflow in update_screen_layout() allows an attacker to bypass the standard screen lock authentication mechanism by crashing XScreenSaver. The attacker must physically disconnect many video outputs.

Action-Not Available
Vendor-xscreensaver_projectn/aFedora Project
Product-fedoraxscreensavern/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-35410
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.04% / 10.24%
||
7 Day CHG-0.01%
Published-08 Nov, 2024 | 00:00
Updated-17 Jun, 2025 | 01:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

wac commit 385e1 was discovered to contain a heap overflow via the interpret function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file.

Action-Not Available
Vendor-kanakan/akanaka
Product-wacn/awac
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-35420
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.04% / 8.64%
||
7 Day CHG~0.00%
Published-08 Nov, 2024 | 00:00
Updated-17 Jun, 2025 | 01:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

wac commit 385e1 was discovered to contain a heap overflow.

Action-Not Available
Vendor-kanakan/akanaka
Product-wacn/awac
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-35418
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.04% / 8.64%
||
7 Day CHG-0.01%
Published-08 Nov, 2024 | 00:00
Updated-17 Jun, 2025 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

wac commit 385e1 was discovered to contain a heap overflow via the setup_call function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file.

Action-Not Available
Vendor-kanakan/akanaka
Product-wacn/awac
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2011-2700
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.07% / 20.32%
||
7 Day CHG~0.00%
Published-06 Sep, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in the si4713_write_econtrol_string function in drivers/media/radio/si4713-i2c.c in the Linux kernel before 2.6.39.4 on the N900 platform might allow local users to cause a denial of service or have unspecified other impact via a crafted s_ext_ctrls operation with a (1) V4L2_CID_RDS_TX_PS_NAME or (2) V4L2_CID_RDS_TX_RADIO_TEXT control ID.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-28564
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.04% / 12.26%
||
7 Day CHG~0.00%
Published-20 Mar, 2024 | 00:00
Updated-28 Mar, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the Imf_2_2::CharPtrIO::readChars() function when reading images in EXR format.

Action-Not Available
Vendor-freeimage_projectn/afreeimage_project
Product-freeimagen/afreeimage
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-25580
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.07% / 22.23%
||
7 Day CHG~0.00%
Published-27 Mar, 2024 | 00:00
Updated-30 Jun, 2025 | 12:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.

Action-Not Available
Vendor-qtn/a
Product-qtn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-23079
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.03% / 5.42%
||
7 Day CHG~0.00%
Published-08 Apr, 2024 | 00:00
Updated-31 Oct, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-24022
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 14.94%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 10:32
Updated-25 Oct, 2024 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in FortiAnalyzer CLI 6.4.5 and below, 6.2.7 and below, 6.0.x and FortiManager CLI 6.4.5 and below, 6.2.7 and below, 6.0.x may allow an authenticated, local attacker to perform a Denial of Service attack by running the `diagnose system geoip-city` command with a large ip value.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortianalyzerfortimanagerFortinet FortiAnalyzer, FortiManager
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-22305
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-3.3||LOW
EPSS-0.03% / 5.79%
||
7 Day CHG~0.00%
Published-06 Feb, 2021 | 02:20
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a buffer overflow vulnerability in Mate 30 10.1.0.126(C00E125R5P3). A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause buffer overflow, compromising normal service.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-mate_30mate_30_firmwareHUAWEI Mate 30
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-9240
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 5.13%
||
7 Day CHG~0.00%
Published-12 Oct, 2020 | 14:05
Updated-04 Aug, 2024 | 10:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buffer overflow vulnerability. A function in a module does not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected device.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-taurus-an00b_firmwaretaurus-an00bTaurus-AN00B
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2009-1186
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.09% / 25.82%
||
7 Day CHG~0.00%
Published-17 Apr, 2009 | 14:00
Updated-07 Aug, 2024 | 05:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.

Action-Not Available
Vendor-udev_projectn/aSUSEDebian GNU/LinuxFedora ProjectopenSUSECanonical Ltd.
Product-ubuntu_linuxlinux_enterprise_serverdebian_linuxopensusefedoralinux_enterprise_debuginfoudevlinux_enterprise_desktopn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-50246
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.16% / 37.70%
||
7 Day CHG~0.00%
Published-13 Dec, 2023 | 20:43
Updated-25 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
jq has heap-buffer-overflow vulnerability in the function decToString in decNumber.c

jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this issue.

Action-Not Available
Vendor-jqlangjqlang
Product-jqjq
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-53425
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.03% / 8.55%
||
7 Day CHG~0.00%
Published-21 Nov, 2024 | 00:00
Updated-13 Jun, 2025 | 14:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash.

Action-Not Available
Vendor-assimpn/aassimp
Product-assimpn/aassimp
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2016-8668
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6||MEDIUM
EPSS-0.16% / 37.11%
||
7 Day CHG~0.00%
Published-04 Nov, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The rocker_io_writel function in hw/net/rocker/rocker.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging failure to limit DMA buffer size.

Action-Not Available
Vendor-n/aQEMUopenSUSE
Product-leapqemun/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-50821
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.95%
||
7 Day CHG~0.00%
Published-09 Apr, 2024 | 08:34
Updated-26 Feb, 2025 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC04), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 1), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 16), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products do not properly validate the input provided in the login dialog box. An attacker could leverage this vulnerability to cause a persistent denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC WinCC Runtime Professional V19SIMATIC WinCC V7.5SIMATIC WinCC Runtime Professional V18SIMATIC WinCC V8.0SIMATIC PCS 7 V9.1SIMATIC WinCC Runtime Professional V17
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-45184
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.04% / 10.22%
||
7 Day CHG~0.00%
Published-11 Oct, 2024 | 00:00
Updated-17 Jun, 2025 | 15:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with chipset Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, Modem 5123, and Modem 5300. A USAT out-of-bounds write due to a heap buffer overflow can lead to a Denial of Service.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_990_firmwareexynos_1480exynos_2400_firmwareexynos_2100_firmwareexynos_1280exynos_9825_firmwareexynos_1380_firmwareexynos_w920exynos_980_firmwareexynos_1080exynos_1330_firmwareexynos_9825exynos_1280_firmwareexynos_1380exynos_w920_firmwareexynos_modem_5123exynos_2400exynos_980exynos_9820_firmwareexynos_850exynos_9820exynos_9110_firmwareexynos_modem_5300_firmwareexynos_1080_firmwareexynos_2200_firmwareexynos_990exynos_2100exynos_w930_firmwareexynos_modem_5123_firmwareexynos_modem_5300exynos_w930exynos_850_firmwareexynos_1330exynos_9110exynos_1480_firmwareexynos_2200n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-53426
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.01% / 1.10%
||
7 Day CHG~0.00%
Published-21 Nov, 2024 | 00:00
Updated-26 Nov, 2024 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-buffer-overflow vulnerability has been identified in ntopng 6.2 in the Flow::dissectMDNS function.

Action-Not Available
Vendor-n/antop
Product-n/antopng
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2016-6834
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.12% / 30.96%
||
7 Day CHG~0.00%
Published-10 Dec, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the current fragment length.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-47990
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.02% / 2.21%
||
7 Day CHG~0.00%
Published-18 Jan, 2023 | 18:19
Updated-03 Apr, 2025 | 13:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM AIX denial of service

IBM AIX 7.1, 7.2, 7.3 and VIOS , 3.1 could allow a non-privileged local user to exploit a vulnerability in X11 to cause a buffer overflow that could result in a denial of service or arbitrary code execution. IBM X-Force ID: 243556.  

Action-Not Available
Vendor-IBM Corporation
Product-aixviosAIX
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2016-7422
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6||MEDIUM
EPSS-0.09% / 27.16%
||
7 Day CHG~0.00%
Published-10 Dec, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value.

Action-Not Available
Vendor-n/aQEMURed Hat, Inc.openSUSE
Product-enterprise_linuxvirtualizationqemuleapopenstackn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2016-6490
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.08% / 24.25%
||
7 Day CHG~0.00%
Published-10 Dec, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the descriptor buffer.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-21742
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-6.2||MEDIUM
EPSS-0.11% / 30.32%
||
7 Day CHG~0.00%
Published-20 Jun, 2022 | 05:30
Updated-17 Sep, 2024 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Realtek USB FE/1GbE/2.5GbE/5GbE NIC Family - Buffer Overflow

Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services.

Action-Not Available
Vendor-Realtek Semiconductor Corp.
Product-rtl8153brtl8156rtl8154b_firmwarertl8153_firmwarertl8154_firmwarertl8152b_firmwarertl8154rtl8154brtl8152brtl8156b_firmwarertl8156_firmwarertl8156brtl8153b_firmwarertl8153USB FE/1GbE/2.5GbE/5GbE NIC Family
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-31712
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5.1||MEDIUM
EPSS-0.01% / 0.47%
||
7 Day CHG~0.00%
Published-03 Jun, 2025 | 05:50
Updated-10 Jun, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cplog service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t9300sc9863at8300sc7731et820t616t750t310t770t618t612t765t760s8000sc9832eandroidt606t610SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T750/T765/T760/T770/T820/S8000/T8300/T9300
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-29210
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 10.25%
||
7 Day CHG~0.00%
Published-20 May, 2022 | 23:25
Updated-23 Apr, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap buffer overflow due to incorrect hash function in TensorFlow

TensorFlow is an open source platform for machine learning. In version 2.8.0, the `TensorKey` hash function used total estimated `AllocatedBytes()`, which (a) is an estimate per tensor, and (b) is a very poor hash function for constants (e.g. `int32_t`). It also tried to access individual tensor bytes through `tensor.data()` of size `AllocatedBytes()`. This led to ASAN failures because the `AllocatedBytes()` is an estimate of total bytes allocated by a tensor, including any pointed-to constructs (e.g. strings), and does not refer to contiguous bytes in the `.data()` buffer. The discoverers could not use this byte vector anyway because types such as `tstring` include pointers, whereas they needed to hash the string values themselves. This issue is patched in Tensorflow versions 2.9.0 and 2.8.1.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-30552
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 27.23%
||
7 Day CHG~0.00%
Published-08 Jun, 2022 | 12:32
Updated-03 Aug, 2024 | 06:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Das U-Boot 2022.01 has a Buffer Overflow.

Action-Not Available
Vendor-denxn/a
Product-u-bootn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-29481
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.03% / 6.60%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 00:00
Updated-15 Apr, 2025 | 15:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker to execute arbitrary code via the bpf_object__init_prog` function of libbpf.

Action-Not Available
Vendor-libbpf_projectn/a
Product-libbpfn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-29482
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.03% / 6.60%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 00:00
Updated-15 Apr, 2025 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO (Sample Adaptive Offset) processing of libde265.

Action-Not Available
Vendor-strukturn/a
Product-libheifn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-27242
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 19.63%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 09:47
Updated-03 Aug, 2024 | 05:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in OpenV2G (V0.9.4). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption.

Action-Not Available
Vendor-Siemens AG
Product-openv2gOpenV2G
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-24956
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.03% / 6.77%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 10:29
Updated-12 Feb, 2025 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in OpenV2G (All versions < V0.9.6). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption.

Action-Not Available
Vendor-Siemens AG
Product-OpenV2G
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found