Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-13646

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-05 Jun, 2020 | 20:46
Updated At-04 Aug, 2024 | 12:25
Rejected At-
Credits

In Cheetah free WiFi 5.1, the driver file (liebaonat.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020f8, 0x830020E0, 0x830020E4, or 0x8300210c.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:05 Jun, 2020 | 20:46
Updated At:04 Aug, 2024 | 12:25
Rejected At:
▼CVE Numbering Authority (CNA)

In Cheetah free WiFi 5.1, the driver file (liebaonat.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020f8, 0x830020E0, 0x830020E4, or 0x8300210c.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/y5s5k5/CVE-2020-13646
x_refsource_MISC
Hyperlink: https://github.com/y5s5k5/CVE-2020-13646
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/y5s5k5/CVE-2020-13646
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/y5s5k5/CVE-2020-13646
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:05 Jun, 2020 | 21:15
Updated At:15 Jun, 2020 | 20:15

In Cheetah free WiFi 5.1, the driver file (liebaonat.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020f8, 0x830020E0, 0x830020E4, or 0x8300210c.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.06.1MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:C
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 6.1
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:C
CPE Matches
ijinshan
ijinshan
>>cheetah_free_wifi>>5.1
cpe:2.3:a:ijinshan:cheetah_free_wifi:5.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/y5s5k5/CVE-2020-13646cve@mitre.org
Exploit
Third Party Advisory
Hyperlink: https://github.com/y5s5k5/CVE-2020-13646
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

506Records found
CVE-2023-21558
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.20% / 42.10%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Error Reporting Service Elevation of Privilege Vulnerability

Windows Error Reporting Service Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_11windows_10windows_server_2022windows_server_2019Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 20H2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-20
Improper Input Validation
CVE-2023-21092
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.79%
||
7 Day CHG~0.00%
Published-19 Apr, 2023 | 00:00
Updated-05 Feb, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In retrieveServiceLocked of ActiveServices.java, there is a possible way to dynamically register a BroadcastReceiver using permissions of System App due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-242040055

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2023-20960
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.43%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 00:00
Updated-25 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In launchDeepLinkIntentToRight of SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-250589026

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2023-21656
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.49%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:39
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in WLAN HOST

Memory corruption in WLAN HOST while receiving an WMI event from firmware.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresm7325-ae_firmwaresa6150p_firmwareqcs610qca8337qam8775pwcd9360_firmwarewcn3950_firmwaresa8150p_firmwaresm4450_firmwareqca6595au_firmwaresa6155sm8350csra6620_firmwarecsra6640_firmwarewcn685x-1sm7350-ab_firmwaresm4375wcn3998qca6554a_firmwareqam8295pwcn3950qcn6024_firmwaresd_8_gen1_5g_firmwaresm6375_firmwarewcn3660bsm7315_firmwaresm7325-aeqca6574au_firmwaresm4250-aawcd9375_firmwarewcn3998_firmwareqca8081_firmwaresa6155_firmwaresm6225-adwcd9360snapdragon_xr2\+_gen_1_platformsnapdragon_auto_5g_modem-rf_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwaresm6225-ad_firmwareqca6698aqsa4155p_firmwaresa8155_firmwarewcd9340sw5100qca6436sa6155pqca6698aq_firmwarewcn685x-1_firmwarewcd9341qam8775p_firmwaresa8255pqca6696_firmwareqca6797aqsm4350_firmwaresa8150psm8250-ac_firmwarewsa8830_firmwaresd865_5g_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988sm4250-aa_firmwaresa8195p_firmwaresm8475wcn6750_firmwaresa8295p_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwaressg2125psdm429wsw5100psnapdragon_w5\+_gen_1_wearable_platformqca6564ausdm429qca6574snapdragon_7c\+_gen_3_computewcd9380qcs410sxr1230pwcd9335_firmwarewcn3980qcc2073_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815qca6320sdm429_firmwareqca6426_firmwaresm4450wcn3660b_firmwaresd835qcn9024wcn3980_firmwaresnapdragon_xr2\+_gen_1_platform_firmwaresa8295psm8475_firmwarewcn6740_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformqca6678aqsnapdragon_x65_5g_modem-rf_systemsm8350_firmwareqca6797aq_firmwarewcn785x-1_firmwareqcn9024_firmwarewsa8832sw5100p_firmwareqcs610_firmwaresa6145pqcs4490qca6595_firmwaresa8145pqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresm4350-ac_firmwaresdx55sd888_firmwaresa8155pcsra6640sm8250ssg2115p_firmwareqam8255psa4155par8035_firmwarewcn3991_firmwarewsa8830sa8145p_firmwaresxr2230p_firmwareqam8650pwcn785x-5csrb31024csra6620qca6390_firmwaresnapdragon_auto_4g_modem_firmwarewcd9370ssg2115pqca6426qca6584au_firmwarewcn3990_firmwaresm8450sm8250-abwcd9385_firmwarewcd9326_firmwareqam8295p_firmwaresm7325-afsa8155qca6320_firmwaresnapdragon_x55_5g_modem-rf_systemsnapdragon_835_mobile_pc_platform_firmwaresdx55_firmwareqca6595ausm7325-af_firmwareqca6436_firmwaresm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwareqca6584ausa6155p_firmwareqca6310snapdragon_x65_5g_modem-rf_system_firmwaresm6225qcs6490qcs8550_firmwaresm8250_firmwaresm8250-acwcn3988_firmwaresa6145p_firmwaresa8195pwsa8810_firmwaresm4375_firmwaresm8450_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9326wcd9335qca8081qcm4490wcd9385sxr2130_firmwareqcs6490_firmwareqca6390ar8035wcd9375wcn3620_firmwareqcm6490wsa8815_firmwarewsa8835_firmwarewcn3620sm7350-absa4150pwcn785x-1qcm4325wcn3990qca6554asd865_5gqca6595sm8350-ac_firmwaresnapdragon_835_mobile_pc_platformsd888wsa8835sxr1230p_firmwaresdm429w_firmwaresnapdragon_auto_5g_modem-rfsd_8_gen1_5gssg2125p_firmwaresxr2130qca6574asmart_audio_400_platformwcn685x-5_firmwaresm7325pqca6310_firmwaresm7325wcn6750qcc2076_firmwareqca6574_firmwaresm7325p_firmwaresxr2230psnapdragon_xr2_5g_platform_firmwareqca6175aqca6574a_firmwarewcn785x-5_firmwaresm7315sm8250-ab_firmwareqca6391snapdragon_x55_5g_modem-rf_system_firmwareqcm4490_firmwaresnapdragon_auto_4g_modemcsrb31024_firmwareqcm6490_firmwarewsa8832_firmwarewcn685x-5sm6225_firmwareqca6574ausa8155p_firmwarewcd9341_firmwarewsa8810snapdragon_ar2_gen_1_platformsd835_firmwaresm8350-acqam8650p_firmwarewcn6740qca6696qcs8550sm4350sa6150pqcn6024qcc2076sw5100_firmwareqcs410_firmwareqcc2073qca6175a_firmwaresm7325_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CVE-2023-21439
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.5||HIGH
EPSS-0.04% / 12.44%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 00:00
Updated-24 Mar, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation vulnerability in UwbDataTxStatusEvent prior to SMR Feb-2023 Release 1 allows attackers to launch certain activities.

Action-Not Available
Vendor-Samsung ElectronicsSamsung
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2023-1577
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.00%
||
7 Day CHG~0.00%
Published-31 Jul, 2024 | 20:29
Updated-01 Aug, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A path hijacking vulnerability was reported in Lenovo Driver Manager prior to version 3.1.1307.1308 that could allow a local user to execute code with elevated privileges.

Action-Not Available
Vendor-Lenovo Group Limited
Product-Driver Managerdrivers_management
CWE ID-CWE-20
Improper Input Validation
CVE-2021-1480
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-9.59% / 92.56%
||
7 Day CHG~0.00%
Published-08 Apr, 2021 | 04:07
Updated-08 Nov, 2024 | 23:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN vManage Software Vulnerabilities

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sd-wan_vmanagecatalyst_sd-wan_managerCisco SD-WAN Solution
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0154
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.75%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:36
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_e3-1565l_v5xeon_e5-2650l_v4xeon_e-2286gxeon_e7-4820_v4xeon_e5-1650_v4_firmwarexeon_e5-2603_v4_firmwarexeon_e3-1240_v6_firmwarecore_i9-7900xxeon_d-2733nt_firmwarexeon_d-1548xeon_d-1622_firmwarexeon_e3-1220_v5core_i7-7820x_firmwarexeon_e-2174g_firmwarexeon_d-1633nxeon_d-1527_firmwarexeon_e-2276ml_firmwarexeon_e3-1505m_v5_firmwarexeon_d-1653nxeon_e3-1578l_v5_firmwarexeon_d-2145nt_firmwarexeon_e-2246gxeon_d-2173it_firmwarexeon_e5-2637_v4xeon_d-1633n_firmwarecore_i9-7920xcore_i9-9960xxeon_d-1513n_firmwarexeon_e3-1230_v6core_i9-7960x_firmwarexeon_e-2374gxeon_d-1749nt_firmwarexeon_e3-1501l_v6xeon_e-2254ml_firmwarexeon_e7-4809_v4_firmwarexeon_e-2378xeon_e7-8867_v4xeon_d-1557_firmwarexeon_e5-2630_v4_firmwarexeon_e-2236xeon_e3-1220_v5_firmwarecore_i7-7820xcore_i7-3970x_firmwarexeon_e5-2699r_v4_firmwarexeon_e-2374g_firmwarexeon_e5-4640_v4xeon_d-1747nte_firmwarexeon_d-2163it_firmwarecore_i5-7640xcore_i7-7800xxeon_d-1531xeon_d-1726_firmwarexeon_e-2386g_firmwarexeon_e-2176m_firmwarexeon_e7-8891_v4xeon_e-2278g_firmwarexeon_e3-1240_v6core_i9-9920xxeon_e3-1230_v5xeon_e3-1240_v5_firmwarexeon_e-2278gexeon_d-1533n_firmwarexeon_e3-1545m_v5_firmwarexeon_e5-2650_v4_firmwarexeon_d-2146nt_firmwarexeon_d-2177ntxeon_e5-2630l_v4_firmwarexeon_e3-1275_v5_firmwarexeon_e-2278gel_firmwarexeon_e7-8894_v4xeon_d-2786nte_firmwarexeon_d-1518_firmwarexeon_e3-1505l_v6xeon_e-2254me_firmwarexeon_e5-4650_v4xeon_e-2236_firmwarexeon_d-2775te_firmwarexeon_e5-2680_v4_firmwarexeon_e-2244g_firmwarexeon_d-1571_firmwarexeon_e5-2660_v4xeon_d-1715ter_firmwarexeon_e-2126gcore_i7-6900k_firmwarexeon_e7-8893_v4_firmwarexeon_e5-4650_v4_firmwarexeon_e3-1285_v6xeon_e3-1505l_v6_firmwarexeon_e5-4627_v4core_i7-4940mxxeon_e-2276mlxeon_e5-4610_v4_firmwarexeon_e3-1235l_v5xeon_e5-1630_v4xeon_e3-1225_v5_firmwarexeon_e3-1245_v6_firmwarecore_i9-10920x_firmwarecore_i9-10940xxeon_d-2796texeon_d-1541_firmwarexeon_e3-1270_v6core_i7-5820k_firmwarecore_i9-10900xxeon_e3-1545m_v5xeon_d-1577_firmwarexeon_d-1531_firmwarexeon_e-2334_firmwarexeon_e3-1515m_v5_firmwarexeon_d-2142itxeon_e-2276me_firmwarexeon_d-1748texeon_e7-8891_v4_firmwarexeon_e5-2699r_v4xeon_d-2187ntxeon_d-2775texeon_e5-2640_v4_firmwarexeon_d-1518core_i7-9800xcore_i7-6800k_firmwarexeon_e-2136_firmwarexeon_d-1726xeon_d-1735tr_firmwarexeon_e5-2648l_v4xeon_e-2276mecore_i7-3820_firmwarexeon_e-2146gcore_i7-6950xxeon_e5-4620_v4xeon_d-2752nte_firmwarexeon_e7-8870_v4xeon_d-2796nt_firmwarexeon_e7-8880_v4_firmwarexeon_d-1637xeon_e-2356g_firmwarexeon_e5-4660_v4xeon_e-2146g_firmwarexeon_e5-2698_v4core_i7-3970xxeon_e-2286g_firmwarexeon_e3-1515m_v5xeon_d-1539_firmwarecore_i7-3960xcore_i7-6800kxeon_d-1718txeon_e-2126g_firmwarexeon_d-2753nt_firmwarexeon_d-1602xeon_e5-4655_v4core_i7-4820kxeon_d-1533nxeon_d-1529_firmwarexeon_e3-1260l_v5_firmwarexeon_d-2799xeon_e3-1240l_v5xeon_e-2136xeon_e5-4640_v4_firmwarexeon_e-2378_firmwarexeon_d-1712trcore_i9-9940x_firmwarexeon_d-2145ntxeon_e5-2697a_v4xeon_d-1736_firmwarexeon_e-2288g_firmwarexeon_e-2276mxeon_e-2224gxeon_d-2173itxeon_d-2766ntxeon_d-2161ixeon_d-2163itxeon_e5-1620_v4xeon_e5-4669_v4core_i7-3930kxeon_d-2123itxeon_e5-2609_v4_firmwarexeon_e3-1505m_v5xeon_d-1623nxeon_e3-1535m_v6_firmwarecore_i7-4960x_firmwarecore_i7-4820k_firmwarexeon_d-1521xeon_e5-2628l_v4xeon_d-1722nexeon_e5-2650_v4xeon_e7-4820_v4_firmwarexeon_d-2776ntcore_i7-3820xeon_d-2161i_firmwarexeon_e-2144g_firmwarexeon_e5-2687w_v4_firmwarexeon_d-1713nt_firmwarexeon_e3-1585l_v5xeon_e-2378g_firmwarecore_i7-3940xmxeon_e3-1275_v5xeon_e5-4610_v4xeon_e-2246g_firmwarexeon_e5-2658_v4xeon_e5-1630_v4_firmwarexeon_e-2388gxeon_e3-1558l_v5_firmwarexeon_e5-4620_v4_firmwarexeon_d-2786ntexeon_d-1537_firmwarexeon_e-2226gxeon_d-2796te_firmwarecore_i7-3920xmxeon_e-2226ge_firmwarexeon_d-2143itxeon_e-2226gexeon_e3-1225_v6_firmwarexeon_d-2753ntxeon_e-2278gxeon_d-1540_firmwarexeon_e7-8890_v4_firmwarexeon_e5-2683_v4_firmwarecore_i7-5930k_firmwarexeon_e-2124xeon_e-2186g_firmwarexeon_d-1553n_firmwarexeon_e5-2695_v4core_i9-7980xe_firmwarexeon_d-2177nt_firmwarecore_i7-3940xm_firmwarecore_i7-3930k_firmwarexeon_e3-1270_v5_firmwarecore_i9-10920xxeon_d-2798ntxeon_e5-2667_v4_firmwarexeon_d-1712tr_firmwarexeon_e3-1240l_v5_firmwarexeon_e7-8860_v4_firmwarecore_i7-6950x_firmwarexeon_e3-1501l_v6_firmwarexeon_e5-1660_v4_firmwarexeon_e3-1260l_v5xeon_d-1739_firmwarexeon_e-2386gxeon_d-1736xeon_d-2738xeon_d-1567_firmwarexeon_e5-2683_v4xeon_e-2134xeon_d-1733nt_firmwarexeon_e-2388g_firmwarexeon_d-1749ntcore_i9-9820x_firmwarexeon_d-2142it_firmwarexeon_e-2336xeon_d-1627xeon_e3-1575m_v5_firmwarexeon_d-2779_firmwarexeon_e3-1225_v5xeon_e-2186mxeon_d-1602_firmwarexeon_e3-1558l_v5xeon_e-2176mxeon_d-2733ntxeon_e-2286mxeon_d-1559_firmwarecore_i7-4930mx_firmwarexeon_d-1623n_firmwarexeon_d-1702xeon_e-2274gxeon_d-1722ne_firmwarexeon_e5-2630l_v4xeon_e7-8893_v4xeon_e7-4830_v4xeon_e5-2699_v4_firmwarexeon_e-2134_firmwarexeon_e5-4669_v4_firmwarexeon_e5-4667_v4xeon_d-1528_firmwarexeon_d-2795ntxeon_e5-4628l_v4xeon_d-1732te_firmwarecore_i5-7640x_firmwarexeon_d-2779xeon_e3-1268l_v5xeon_e-2226g_firmwarexeon_d-1529xeon_e5-1650_v4core_i9-7960xcore_i7-5930kxeon_e-2324g_firmwarexeon_d-1715terxeon_d-1559xeon_e-2278ge_firmwarexeon_e-2174gxeon_e3-1535m_v6xeon_e3-1220_v6xeon_e3-1585_v5_firmwarecore_i9-9820xxeon_e-2276m_firmwarexeon_d-1537xeon_d-1714xeon_e7-4850_v4xeon_d-1567xeon_e3-1220_v6_firmwarexeon_e7-4850_v4_firmwarexeon_e-2286m_firmwarexeon_e3-1501m_v6_firmwarexeon_e3-1245_v5xeon_d-1734nt_firmwarexeon_d-2141ixeon_e-2176gxeon_e-2288gcore_i7-3920xm_firmwarexeon_e-2274g_firmwarexeon_d-2141i_firmwarexeon_e3-1225_v6core_i7-6850k_firmwarecore_i7-3960x_firmwarexeon_e3-1280_v6xeon_e7-8880_v4xeon_e-2176g_firmwarexeon_d-2752ntexeon_d-2776nt_firmwarexeon_e-2254mlxeon_e-2124g_firmwarexeon_e5-2667_v4xeon_d-1734ntxeon_e5-2695_v4_firmwarexeon_e-2224_firmwarexeon_e5-4655_v4_firmwarexeon_e5-2608l_v4_firmwarexeon_d-1649nxeon_e7-8890_v4xeon_e5-2609_v4xeon_d-1540xeon_d-1736nt_firmwarexeon_d-2712t_firmwarexeon_d-1513ncore_i7-9800x_firmwarexeon_d-2183itxeon_d-2123it_firmwarexeon_e3-1275_v6_firmwarecore_i7-5960x_firmwarexeon_e-2224g_firmwarecore_i9-7940x_firmwarexeon_e5-2643_v4_firmwarexeon_d-1527xeon_e3-1505m_v6xeon_e7-8860_v4core_i9-9940xxeon_d-2712txeon_e5-2690_v4xeon_d-1649n_firmwarecore_i9-9980xe_firmwarexeon_e3-1535m_v5core_i9-9900xxeon_e5-2650l_v4_firmwarecore_i9-7940xxeon_e5-2699a_v4_firmwarecore_i9-7900x_firmwarexeon_e3-1505m_v6_firmwarexeon_e7-8870_v4_firmwarexeon_e-2254mexeon_d-1523nxeon_e3-1505l_v5core_i9-9900x_firmwarexeon_e7-4830_v4_firmwarexeon_d-1748te_firmwarexeon_e5-4667_v4_firmwarexeon_e5-2618l_v4xeon_d-1520xeon_d-2187nt_firmwarexeon_e3-1280_v6_firmwarecore_i7-7800x_firmwarexeon_e5-2699_v4xeon_e5-2603_v4xeon_d-2146ntxeon_e-2144gxeon_d-1713ntxeon_d-1543nxeon_e3-1270_v6_firmwarexeon_d-2752terxeon_d-1541xeon_d-1543n_firmwarexeon_e-2244gxeon_e7-8867_v4_firmwarexeon_d-2799_firmwarexeon_e3-1245_v5_firmwarexeon_d-1732texeon_d-1622xeon_d-1520_firmwarexeon_e5-2640_v4xeon_e5-4660_v4_firmwarexeon_e5-2680_v4xeon_e5-2697a_v4_firmwarexeon_e3-1235l_v5_firmwarecore_i7-7740xxeon_d-2795nt_firmwarexeon_d-1713nte_firmwarexeon_e5-2637_v4_firmwarexeon_e5-2660_v4_firmwarexeon_e3-1575m_v5xeon_e-2124gcore_i9-9920x_firmwarexeon_e5-2687w_v4core_i7-4930kcore_i9-10980xe_firmwarecore_i7-4960xcore_i7-5960xxeon_d-1521_firmwarexeon_e3-1285_v6_firmwarecore_i7-5820kcore_i9-7920x_firmwarexeon_e-2356gcore_i7-6900kcore_i9-9980xexeon_d-1557xeon_e5-2623_v4xeon_d-2796ntxeon_e3-1240_v5xeon_e3-1585l_v5_firmwarexeon_e-2336_firmwarexeon_d-1713ntexeon_e3-1585_v5xeon_d-1739xeon_e-2334xeon_d-2752ter_firmwarexeon_d-1637_firmwarexeon_d-1577xeon_e3-1501m_v6xeon_d-1735trxeon_d-2766nt_firmwarecore_i7-4930k_firmwarecore_i9-10980xexeon_e3-1505l_v5_firmwarexeon_e-2314xeon_e3-1535m_v5_firmwarexeon_e5-2690_v4_firmwarexeon_d-2166ntxeon_e3-1280_v5_firmwarexeon_e5-2608l_v4xeon_e5-2697_v4xeon_e-2186gxeon_e-2314_firmwarexeon_d-1539xeon_e5-4627_v4_firmwarexeon_e5-2658_v4_firmwarexeon_d-1718t_firmwarexeon_e5-2648l_v4_firmwarexeon_e3-1280_v5xeon_e5-1680_v4_firmwarecore_i9-10900x_firmwarecore_i7-4930mxxeon_e5-2630_v4xeon_e7-4809_v4xeon_d-1746ter_firmwarexeon_e5-2620_v4xeon_d-2143it_firmwarexeon_e3-1230_v6_firmwarexeon_e3-1275_v6xeon_e3-1565l_v5_firmwarexeon_e5-1660_v4xeon_e5-4628l_v4_firmwarexeon_e5-1680_v4xeon_e-2276g_firmwarexeon_e5-2698_v4_firmwarexeon_d-1627_firmwarexeon_d-1702_firmwarexeon_d-1733ntxeon_e-2224xeon_e5-2618l_v4_firmwarexeon_e-2124_firmwarecore_i7-4940mx_firmwarexeon_d-1653n_firmwarexeon_e5-2623_v4_firmwarexeon_e3-1230_v5_firmwarecore_i9-9960x_firmwarexeon_d-1736ntxeon_e-2278gelxeon_d-1553nxeon_e3-1578l_v5core_i9-10940x_firmwarexeon_e3-1245_v6xeon_e-2378gxeon_d-2798nt_firmwarexeon_e-2234_firmwarexeon_d-1747ntexeon_d-2166nt_firmwarexeon_e5-2699a_v4xeon_d-1523n_firmwarexeon_d-2183it_firmwarecore_i7-6850kxeon_e5-2643_v4xeon_e-2324gxeon_e3-1268l_v5_firmwarexeon_e5-2628l_v4_firmwarecore_i9-7980xexeon_e7-8894_v4_firmwarexeon_e-2276gxeon_e5-2697_v4_firmwarexeon_e3-1270_v5xeon_d-1548_firmwarexeon_d-1746terxeon_e5-1620_v4_firmwarexeon_d-1571xeon_e-2186m_firmwarexeon_d-1528xeon_d-2738_firmwarexeon_e-2234xeon_e5-2620_v4_firmwarecore_i7-7740x_firmwarexeon_d-1714_firmwareIntel(R) Processors
CWE ID-CWE-20
Improper Input Validation
CVE-2020-9855
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.50%
||
7 Day CHG~0.00%
Published-09 Jun, 2020 | 16:17
Updated-04 Aug, 2024 | 10:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.5. A local attacker may be able to elevate their privileges.

Action-Not Available
Vendor-Apple Inc.
Product-mac_os_xmacOS
CWE ID-CWE-20
Improper Input Validation
CVE-2024-31310
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.17%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 20:09
Updated-27 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In newServiceInfoLocked of AutofillManagerServiceImpl.java, there is a possible way to hide an enabled Autofill service app in the Autofill service settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-20
Improper Input Validation
CVE-2024-31959
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.09% / 25.81%
||
7 Day CHG~0.00%
Published-07 Jun, 2024 | 00:00
Updated-26 Jun, 2025 | 20:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native handles, which can result in code execution.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_2200exynos_2400_firmwareexynos_2200_firmwareexynos_1480exynos_2400exynos_1480_firmwaren/aexynos_2200exynos_1480exynos_2400
CWE ID-CWE-20
Improper Input Validation
CVE-2022-20356
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.89%
||
7 Day CHG+0.01%
Published-09 Aug, 2022 | 20:23
Updated-03 Aug, 2024 | 02:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In shouldAllowFgsWhileInUsePermissionLocked of ActiveServices.java, there is a possible way to start foreground service from background due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-215003903

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2024-3173
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-7.8||HIGH
EPSS-1.16% / 77.74%
||
7 Day CHG+0.94%
Published-16 Jul, 2024 | 22:14
Updated-01 Aug, 2024 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-chromeChromechrome
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2009-0082
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.81% / 73.22%
||
7 Day CHG~0.00%
Published-10 Mar, 2009 | 20:00
Updated-21 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate handles, which allows local users to gain privileges via a crafted application that triggers unspecified "actions," aka "Windows Kernel Handle Validation Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_server_2003windows_vistawindows_server_2008windows_xpwindows_2000n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-30087
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-2.53% / 84.84%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 16:59
Updated-16 Jul, 2025 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Win32k Elevation of Privilege Vulnerability

Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 11 version 21H2Windows Server 2022Windows 10 Version 1507Windows Server 2008 R2 Service Pack 1Windows 11 version 22H3Windows Server 2008 Service Pack 2Windows Server 2016Windows 11 version 22H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2Windows 10 Version 21H2Windows 10 Version 1809Windows Server 2012 R2Windows 11 Version 23H2Windows Server 2016 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2019 (Server Core installation)Windows Server 2019Windows Server 2008 Service Pack 2Windows 10 Version 1607
CWE ID-CWE-20
Improper Input Validation
CVE-2022-46701
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.13%
||
7 Day CHG~0.00%
Published-15 Dec, 2022 | 00:00
Updated-18 Apr, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2. Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_ostvosipadosmacostvOS
CWE ID-CWE-20
Improper Input Validation
CVE-2024-28976
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.8||HIGH
EPSS-0.04% / 12.41%
||
7 Day CHG~0.00%
Published-24 Apr, 2024 | 08:01
Updated-21 Jan, 2025 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Repository Manager, versions prior to 3.4.5, contains a Path Traversal vulnerability in API module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized write access to the files stored on the server filesystem with the privileges of the running web application.

Action-Not Available
Vendor-Dell Inc.
Product-repository_managerDell Repository Manager (DRM) repository_manager
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-45770
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.53% / 66.29%
||
7 Day CHG~0.00%
Published-26 Jan, 2023 | 00:00
Updated-31 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in adgnetworkwfpdrv.sys in Adguard For Windows x86 through 7.11 allows local privilege escalation.

Action-Not Available
Vendor-n/aAdGuard (Adguard Software Ltd.)
Product-adguardn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-20584
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.29%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-18 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In page_number of shared_mem.c, there is a possible code execution in secure world due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238366009References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2022-20512
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.10%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-21 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In navigateUpTo of Task.java, there is a possible way to launch an intent handler with a mismatched intent due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238602879

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2022-45469
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-2.2||LOW
EPSS-0.06% / 17.33%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationApple Inc.Google LLCMicrosoft Corporation
Product-androidwindowsunison_softwareiphone_osIntel Unison software
CWE ID-CWE-20
Improper Input Validation
CVE-2024-28240
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.3||HIGH
EPSS-0.04% / 10.94%
||
7 Day CHG~0.00%
Published-25 Apr, 2024 | 16:37
Updated-22 Jan, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GLPI-Agent's MSI package installation permits local users to change Agent configuration

The GLPI Agent is a generic management agent. A vulnerability that only affects GLPI-Agent installed on windows via MSI packaging can allow a local user to cause denial of agent service by replacing GLPI server url with a wrong url or disabling the service. Additionally, in the case the Deploy task is installed, a local malicious user can trigger privilege escalation configuring a malicious server providing its own deploy task payload. GLPI-Agent 1.7.2 contains a patch for this issue. As a workaround, edit GLPI-Agent related key under `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall` and add `SystemComponent` DWORD value setting it to `1` to hide GLPI-Agent from installed applications.

Action-Not Available
Vendor-GLPI Project
Product-glpi_agentglpi-agentglpi_agent
CWE ID-CWE-20
Improper Input Validation
CVE-2024-26173
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.28% / 50.61%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 16:58
Updated-03 May, 2025 | 00:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 11 version 22H3Windows Server 2012 (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2016Windows 10 Version 1507Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows 10 Version 21H2Windows 10 Version 1607Windows 11 version 22H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2Windows Server 2022Windows 11 version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-20
Improper Input Validation
CVE-2024-26170
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-2.01% / 82.97%
||
7 Day CHG+0.28%
Published-12 Mar, 2024 | 16:58
Updated-03 May, 2025 | 00:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability

Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_server_2022_23h2windows_11_22h2windows_11_21h2windows_10_22h2windows_server_2022windows_11_23h2Windows 11 version 22H3Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2Windows 11 version 21H2Windows Server 2022Windows 10 Version 22H2
CWE ID-CWE-20
Improper Input Validation
CVE-2022-42534
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.00%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible privilege escalation due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237838301References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2024-26002
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.33%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 08:12
Updated-23 Jan, 2025 | 18:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PHOENIX CONTACT: File ownership manipulation in CHARX Series

An improper input validation in the Qualcom plctool allows a local attacker with low privileges to gain root access by changing the ownership of specific files.

Action-Not Available
Vendor-Phoenix Contact GmbH & Co. KG
Product-charx_sec-3150_firmwarecharx_sec-3050charx_sec-3000_firmwarecharx_sec-3100_firmwarecharx_sec-3100charx_sec-3000charx_sec-3150charx_sec-3050_firmwareCHARX SEC-3050CHARX SEC-3000CHARX SEC-3150CHARX SEC-3100charx_sec_3150charx_sec_3050charx_sec_3100charx_sec_3000
CWE ID-CWE-20
Improper Input Validation
CVE-2016-9795
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.69%
||
7 Day CHG~0.00%
Published-27 Jan, 2017 | 22:01
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncOracle CorporationHP Inc.IBM CorporationBroadcom Inc.CA Technologies (Broadcom Inc.)
Product-systemedgeaixvirtual_assurance_for_infrastructure_managerssolarisclient_automationhp-uxlinux_kernelsystems_performance_for_infrastructure_managersuniversal_job_management_agentca_workload_automation_aen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-41942
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.9||HIGH
EPSS-0.07% / 22.27%
||
7 Day CHG~0.00%
Published-22 Nov, 2022 | 00:00
Updated-23 Apr, 2025 | 16:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sourcegraph vulnerable to Comand Injection via gitserver

Sourcegraph is a code intelligence platform. In versions prior to 4.1.0 a command Injection vulnerability existed in the gitserver service, present in all Sourcegraph deployments. This vulnerability was caused by a lack of input validation on the host parameter of the `/list-gitolite` endpoint. It was possible to send a crafted request to gitserver that would execute commands inside the container. Successful exploitation requires the ability to send local requests to gitserver. The issue is patched in version 4.1.0.

Action-Not Available
Vendor-sourcegraphsourcegraph
Product-sourcegraphsourcegraph
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-25999
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-8.4||HIGH
EPSS-0.06% / 19.19%
||
7 Day CHG+0.02%
Published-12 Mar, 2024 | 08:11
Updated-23 Jan, 2025 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PHOENIX CONTACT: Privilege escalation in the OCPP agent service

An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service. 

Action-Not Available
Vendor-Phoenix Contact GmbH & Co. KG
Product-charx_sec-3150_firmwarecharx_sec-3050charx_sec-3000_firmwarecharx_sec-3100_firmwarecharx_sec-3100charx_sec-3000charx_sec-3150charx_sec-3050_firmwareCHARX SEC-3050CHARX SEC-3000CHARX SEC-3150CHARX SEC-3100
CWE ID-CWE-20
Improper Input Validation
CVE-2024-23706
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.4||HIGH
EPSS-0.00% / 0.15%
||
7 Day CHG~0.00%
Published-07 May, 2024 | 21:03
Updated-17 Dec, 2024 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple locations, there is a possible bypass of health data permissions due to an improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-20
Improper Input Validation
CVE-2020-27614
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.12%
||
7 Day CHG~0.00%
Published-09 Dec, 2020 | 00:00
Updated-04 Aug, 2024 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AnyDesk for macOS versions 6.0.2 and older have a vulnerability in the XPC interface that does not properly validate client requests and allows local privilege escalation.

Action-Not Available
Vendor-anydeskn/a
Product-anydeskn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-38787
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.04% / 8.86%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) FPGA products before version 2.7.0 Hotfix may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-stratix_10_sx_650_fpgastratix_10_gx_400_fpga_firmwareagilex_7_fpga_f-series_006_firmwareagilex_7_fpga_i-series_022stratix_10_tx_2500_fpga_firmwarestratix_10_gx_10m_fpga_firmwarestratix_10_sx_1650_fpgastratix_10_gx_2800_fpga_firmwarestratix_10_tx_850_fpga_firmwarestratix_10_tx_1650_fpgastratix_10_gx_850_fpgastratix_10_gx_1660_fpgastratix_10_sx_400_fpga_firmwareagilex_7_fpga_i-series_022_firmwarestratix_10_dx_2100_fpgaagilex_7_fpga_i-series_035_firmwarestratix_10_tx_400_fpga_firmwarestratix_10_mx_2100_fpga_firmwareagilex_7_fpga_m-series_039stratix_10_gx_2500_fpga_firmwarestratix_10_gx_10m_fpgaagilex_7_fpga_f-series_012_firmwareagilex_7_fpga_f-series_023stratix_10_gx_2100_fpga_firmwarestratix_10_tx_1100_fpga_firmwarestratix_10_tx_1650_fpga_firmwareagilex_7_fpga_m-series_039_firmwareagilex_7_fpga_f-series_019_firmwarestratix_10_sx_1100_fpgaagilex_7_fpga_f-series_022stratix_10_tx_2800_fpga_firmwarestratix_10_tx_2800_fpgaagilex_7_fpga_i-series_023_firmwarestratix_10_sx_2500_fpga_firmwarestratix_10_gx_650_fpgaagilex_7_fpga_i-series_041agilex_7_fpga_i-series_040stratix_10_tx_1100_fpgaagilex_7_fpga_f-series_008stratix_10_gx_2100_fpgastratix_10_gx_1650_fpgaagilex_7_fpga_f-series_022_firmwarestratix_10_gx_1100_fpga_firmwarestratix_10_sx_400_fpgastratix_10_dx_1100_fpgastratix_10_sx_1100_fpga_firmwarestratix_10_gx_2110_fpga_firmwareagilex_7_fpga_f-series_027stratix_10_sx_650_fpga_firmwareagilex_7_fpga_i-series_027_firmwareagilex_7_fpga_i-series_027stratix_10_sx_850_fpgastratix_10_nx_2100_fpga_firmwareagilex_7_fpga_f-series_012stratix_10_nx_2100_fpgastratix_10_dx_1100_fpga_firmwareagilex_7_fpga_f-series_008_firmwarestratix_10_sx_850_fpga_firmwarestratix_10_sx_1650_fpga_firmwarestratix_10_gx_400_fpgastratix_10_mx_1650_fpgastratix_10_sx_2100_fpgastratix_10_gx_1660_fpga_firmwarestratix_10_tx_2100_fpga_firmwareagilex_7_fpga_i-series_040_firmwarestratix_10_sx_2800_fpgastratix_10_tx_400_fpgaagilex_7_fpga_i-series_035agilex_7_fpga_i-series_041_firmwareagilex_7_fpga_f-series_006agilex_7_fpga_f-series_027_firmwarestratix_10_tx_2100_fpgastratix_10_gx_650_fpga_firmwareagilex_7_fpga_f-series_014agilex_7_fpga_f-series_014_firmwarestratix_10_tx_2500_fpgaagilex_7_fpga_f-series_023_firmwarestratix_10_gx_1650_fpga_firmwarestratix_10_sx_2100_fpga_firmwarestratix_10_dx_2800_fpga_firmwarestratix_10_dx_2800_fpgastratix_10_tx_850_fpgastratix_10_sx_2500_fpgastratix_10_dx_2100_fpga_firmwareagilex_7_fpga_i-series_019_firmwarestratix_10_gx_850_fpga_firmwareagilex_7_fpga_i-series_019stratix_10_sx_2800_fpga_firmwarestratix_10_gx_1100_fpgaagilex_7_fpga_f-series_019stratix_10_gx_2110_fpgastratix_10_mx_1650_fpga_firmwarestratix_10_gx_2500_fpgaagilex_7_fpga_i-series_023stratix_10_gx_2800_fpgastratix_10_mx_2100_fpgaIntel(R) FPGA products
CWE ID-CWE-20
Improper Input Validation
CVE-2023-1250
Matching Score-4
Assigner-OTRS AG
ShareView Details
Matching Score-4
Assigner-OTRS AG
CVSS Score-7.4||HIGH
EPSS-0.04% / 9.96%
||
7 Day CHG~0.00%
Published-20 Mar, 2023 | 08:20
Updated-26 Feb, 2025 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Code execution through ACL creation

Improper Input Validation vulnerability in OTRS AG OTRS (ACL modules), OTRS AG ((OTRS)) Community Edition (ACL modules) allows Local Execution of Code. When creating/importing an ACL it was possible to inject code that gets executed via manipulated comments and ACL-names This issue affects OTRS: from 7.0.X before 7.0.42, from 8.0.X before 8.0.31; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.

Action-Not Available
Vendor-OTRS AG
Product-otrsOTRS((OTRS)) Community Edition
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2022-38076
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-3.8||LOW
EPSS-0.09% / 26.02%
||
7 Day CHG+0.02%
Published-11 Aug, 2023 | 02:36
Updated-13 Feb, 2025 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationDebian GNU/LinuxFedora Project
Product-wireless-ac_9461wireless-ac_9560debian_linuxfedorakillerdual_band_wireless-ac_3165dual_band_wireless-ac_8260wireless-ac_9260dual_band_wireless-ac_3168wireless_7265_\(rev_d\)wireless-ac_9462killer_wireless-ac_1550dual_band_wireless-ac_8265uefi_firmwareproset\/wireless_wifiIntel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software
CWE ID-CWE-20
Improper Input Validation
CVE-2016-5340
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.17%
||
7 Day CHG~0.00%
Published-07 Aug, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name.

Action-Not Available
Vendor-n/aGoogle LLCLinux Kernel Organization, Inc
Product-linux_kernelandroidn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-21974
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-8.8||HIGH
EPSS-0.06% / 17.05%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:16
Updated-15 Nov, 2024 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-ryzen_ai_softwareAMD Ryzen™ AI Softwareryzen_ai_software
CWE ID-CWE-20
Improper Input Validation
CVE-2022-36339
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 15.09%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for Intel(R) NUC 8 Compute Element, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element may allow a privileged user to enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-cm11ebi58w_firmwarecm8i3cb4ncm11ebc4wcm11ebi38w_firmwarecm8pcb4r_firmwareelm12hbccm8pcb4relm12hbc_firmwareelm12hbi5_firmwareelm12hbi3_firmwarecm11ebi716welm12hbi5elm12hbi3cm8i3cb4n_firmwarecm11ebi716w_firmwarecm8i7cb8n_firmwarecm8i5cb8n_firmwarecm11ebi38wcm8ccb4r_firmwarecm8ccb4rcm8i7cb8nelm12hbi7_firmwareelm12hbi7cm11ebi58wcm11ebc4w_firmwarecm8i5cb8nIntel(R) NUC 8 Compute Element, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element
CWE ID-CWE-20
Improper Input Validation
CVE-2016-5828
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.69%
||
7 Day CHG+0.05%
Published-27 Jun, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by starting and suspending a transaction before an exec system call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxNovellCanonical Ltd.
Product-suse_linux_enterprise_real_time_extensionlinux_kerneldebian_linuxubuntu_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-34866
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.54%
||
7 Day CHG~0.00%
Published-20 Jul, 2022 | 06:15
Updated-03 Aug, 2024 | 09:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Passage Drive versions v1.4.0 to v1.5.1.0 and Passage Drive for Box version v1.0.0 contain an insufficient data verification vulnerability for interprocess communication. By running a malicious program, an arbitrary OS command may be executed with LocalSystem privilege of the Windows system where the product is running.

Action-Not Available
Vendor-yrlYokogawa Rental & Lease Corporation
Product-passage_drive_for_boxpassage_drivePassage Drive
CWE ID-CWE-20
Improper Input Validation
CVE-2022-35415
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.10%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 02:21
Updated-03 Aug, 2024 | 09:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper input validation in NI System Configuration Manager before 22.5 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-nin/a
Product-configuration_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-21476
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.82%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-15 Jan, 2025 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Secure Processor

Memory corruption when the channel ID passed by user is not validated and further used.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragonaqt1000_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_8cx_compute_platform_firmwareqca1062_firmwarewsa8840_firmwareqca6431_firmwarefastconnect_6900_firmwaresc8380xp_firmwaresnapdragon_870_5g_mobile_platform_firmwaresc8180x_firmwarewsa8810_firmwaresnapdragon_888_5g_mobile_platform_firmwarewcd9341_firmwarefastconnect_7800_firmwareqca6420_firmwaresxr2130_firmwareqca6430_firmwareqca1064_firmwareqca6391_firmwarewcd9385_firmwarewcd9340_firmwarewsa8830_firmwarewsa8845_firmwaresd865_5g_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewsa8815_firmwarewsa8835_firmwarefastconnect_6200_firmwaresdx55_firmwaresnapdragon_865_5g_mobile_platform_firmwarewsa8845h_firmwarefastconnect_6800_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6436_firmwarear8035_firmwareqsm8250_firmwareqca6421_firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33708
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.03%
||
7 Day CHG~0.00%
Published-11 Jul, 2022 | 13:36
Updated-03 Aug, 2024 | 08:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-galaxy_storeGalaxy Store
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-3388
Matching Score-4
Assigner-Hitachi Energy
ShareView Details
Matching Score-4
Assigner-Hitachi Energy
CVSS Score-8.8||HIGH
EPSS-0.43% / 61.63%
||
7 Day CHG~0.00%
Published-21 Nov, 2022 | 00:00
Updated-23 Jul, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Input Validation Vulnerability in Hitachi Energy’s MicroSCADA Pro/X SYS600 Products

An input validation vulnerability exists in the Monitor Pro interface of MicroSCADA Pro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user's role.

Action-Not Available
Vendor-Hitachi Energy Ltd.
Product-microscada_pro_sys600microscada_x_sys600MicroSCADA Pro SYS600MicroSCADA X SYS600
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33209
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.10%
||
7 Day CHG+0.04%
Published-18 Aug, 2022 | 20:03
Updated-18 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-lapbc510lapbc710_firmwarelapbc510_firmwarelapbc710Intel(R) NUC Laptop Kits
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33709
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.03%
||
7 Day CHG~0.00%
Published-11 Jul, 2022 | 13:36
Updated-03 Aug, 2024 | 08:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-galaxy_storeGalaxy Store
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-33894
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.40%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-13 Feb, 2025 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-core_i3-9100_firmwarexeon_e-2378gcore_i7-1068ng7core_i5-1035g7core_i3-10105f_firmwarecore_i3-8350k_firmwarecore_i3-9350k_firmwarexeon_e-2124g_firmwarecore_i7-9700kfcore_i5-8305g_firmwarecore_i5-7500_firmwarexeon_e-2314xeon_e-2254me_firmwarecore_i7-10870h_firmwarecore_i5-8400hxeon_e-2276me_firmwarecore_i5-7y54core_i7-1060g7_firmwarecore_i7-9700core_i5-10200hxeon_e-2226gcore_i9-9900kfcore_i3-10100f_firmwarecore_i5-1035g4core_i5-10400hcore_i3-8145ucore_i7-10700k_firmwarexeon_e-2276m_firmwarecore_i5-9600_firmwarecore_i5-9600t_firmwarecore_i3-10100ycore_i3-7020ucore_i7-9700tecore_i5-10400tcore_i3-8109ucore_i5-10310ucore_i7-7600ucore_i5-9400f_firmwarexeon_e-2224xeon_e-2186m_firmwarecore_i5-7y57_firmwarecore_i7-10700t_firmwarecore_i7-9700f_firmwarecore_i5-9500e_firmwarecore_i3-7100e_firmwarecore_i3-7100ecore_i3-7300xeon_e-2378core_i5-8269u_firmwarexeon_e-2278gexeon_e-2134_firmwarecore_i5-10600_firmwarecore_i3-9100hlcore_i5-10400core_i7-7600u_firmwarecore_i5-8400bcore_i3-9300t_firmwarecore_i7-10610u_firmwarecore_i7-10710u_firmwarecore_i5-10500tecore_i7-7820hkcore_i5-9500_firmwarecore_i5-8400h_firmwarecore_i3-9100tecore_i7-9700fcore_i9-10980hkcore_i5-8600xeon_e-2136core_i7-10510ucore_i7-9700kcore_i5-10400t_firmwarecore_i5-9400_firmwarecore_i7-8500y_firmwarecore_i3-10100ecore_i3-8100core_i7-1060g7core_i9-10900xeon_e-2374g_firmwarecore_i3-7300_firmwarecore_i3-10100tcore_i5-7287u_firmwarecore_i7-7700xeon_e-2386gcore_i9-10900kcore_i3-10325_firmwarecore_i7-7820hq_firmwarecore_i3-7102ecore_i7-7920hq_firmwarecore_i5-8600kcore_i7-10700te_firmwarexeon_e-2124_firmwarecore_i9-10900fcore_i7-8700k_firmwarecore_i7-8700_firmwarecore_i7-8750hcore_i3-10105t_firmwarecore_i5-8365uxeon_e-2226ge_firmwarecore_i5-9600kfcore_i5-8500b_firmwarecore_i3-10100tecore_i3-7100u_firmwarecore_i5-10400_firmwarecore_i5-7600core_i7-10700fxeon_e-2286mcore_i5-1030g4_firmwarecore_i7-9850he_firmwarecore_i7-8557u_firmwarecore_i7-1068ng7_firmwarecore_i7-10750hcore_i7-7820eq_firmwarexeon_e-2276gcore_i3-8300core_i3-1000g4xeon_e-2186gcore_i5-7267u_firmwarecore_i5-7400txeon_e-2174gcore_i3-7100core_i7-8809gcore_i3-8145uecore_i5-10400h_firmwarecore_i5-7260ucore_i7-8700bcore_i5-10500_firmwarecore_i7-7500u_firmwarecore_i5-7267uxeon_e-2334_firmwarecore_i5-10210ycore_i7-7820hk_firmwarecore_i5-10500ecore_i9-9900kf_firmwarecore_i5-9400tcore_i5-10210u_firmwarecore_i5-9500fcore_i5-8300hcore_i5-8600t_firmwarecore_i5-10600txeon_e-2356gcore_i7-9850hecore_i3-10110ycore_i5-10600kfcore_i3-7300t_firmwarecore_i7-10700ecore_i5-10500h_firmwarecore_i9-9900kscore_i5-9600core_i7-10870hcore_i5-7300u_firmwarecore_i5-8600_firmwarecore_i3-9100fcore_i5-9600kf_firmwarexeon_e-2224_firmwarecore_i7-9750hfcore_i5-9300h_firmwarexeon_e-2274gcore_i7-10700kcore_i5-9500core_i3-9320_firmwarexeon_e-2278gelcore_i3-8145ue_firmwarecore_i5-10500te_firmwarecore_i5-8400b_firmwarecore_i3-8100_firmwarexeon_e-2124core_i9-9880hcore_i7-10710ucore_i5-7287ucore_i7-10700kfcore_i5-8500t_firmwarecore_i3-7100h_firmwarecore_i5-8300h_firmwarexeon_e-2136_firmwarexeon_e-2276g_firmwarexeon_e-2276mecore_i7-8565ucore_m3-7y32_firmwarecore_i5-7300hq_firmwarexeon_e-2274g_firmwarecore_i3-10300_firmwarecore_i5-7300hqcore_i7-7560ucore_i7-8706g_firmwarecore_i5-7400t_firmwarecore_i3-8100t_firmwarecore_i5-8259ucore_i9-9900core_i7-10510y_firmwarecore_i3-10100e_firmwarecore_i7-9850hl_firmwarexeon_e-2146g_firmwarecore_i7-8850h_firmwarecore_i5-1038ng7_firmwarecore_i3-8140uxeon_e-2336xeon_e-2388gcore_i7-9700kf_firmwarecore_i3-10105core_i7-9850h_firmwarecore_i3-10100te_firmwarecore_i3-7100_firmwarecore_i5-7600tcore_i9-10900k_firmwarexeon_e-2278g_firmwarecore_i7-7500ucore_i7-8550uxeon_e-2276ml_firmwarexeon_e-2224gcore_i3-9100tcore_i5-8310y_firmwarexeon_e-2226gecore_i3-10300t_firmwarecore_i5-9300hcore_i9-10900_firmwarecore_i3-7167u_firmwarecore_i7-8559u_firmwarecore_i7-8086k_firmwarecore_i7-10610ucore_i5-10505_firmwarecore_i5-1035g1_firmwarecore_i7-8665u_firmwarexeon_e-2176g_firmwarecore_i3-7167ucore_i5-9400hcore_i7-8500ycore_i7-7567ucore_i9-9900tcore_i3-8145u_firmwarecore_i7-9700e_firmwarecore_i5-10300h_firmwarecore_i7-7660u_firmwarecore_i7-7820hqcore_i5-8210ycore_i7-8750h_firmwarecore_i5-10200h_firmwarecore_i3-7300tcore_i5-7400_firmwarecore_i3-8109u_firmwarecore_i3-8300t_firmwarecore_i7-9700k_firmwarexeon_e-2288g_firmwarecore_i3-9100f_firmwarecore_i5-7y54_firmwarexeon_e-2246g_firmwarexeon_e-2176m_firmwarexeon_e-2174g_firmwarecore_i3-10300tcore_i3-7101ecore_i3-8100b_firmwarecore_i9-8950hk_firmwarecore_i5-8500core_i5-9500te_firmwarecore_i5-7600_firmwarecore_i5-8265ucore_i7-10700kf_firmwarexeon_e-2254mecore_i7-9750hxeon_e-2336_firmwarecore_i7-7y75core_i7-7560u_firmwarexeon_e-2286g_firmwarecore_i5-7y57core_i3-10305tcore_i7-10700_firmwarecore_i3-8350kcore_i5-7500tcore_i5-9600k_firmwarecore_i9-9900t_firmwarecore_i3-9100xeon_e-2224g_firmwarexeon_e-2276mcore_i7-7700kcore_i7-8705gcore_i5-9500ecore_i7-8665ucore_i3-8300tcore_i7-7660ucore_i7-8706gxeon_e-2236core_i9-9880h_firmwarecore_i7-10850hxeon_e-2236_firmwarecore_i7-8700t_firmwarexeon_e-2126g_firmwarecore_i7-8700core_i5-10400fcore_i5-8259u_firmwarecore_i7-8665ue_firmwarecore_i3-7130u_firmwarecore_i5-8400core_i7-8705g_firmwarecore_i9-10900te_firmwarecore_i3-10300core_i7-7700tcore_i7-10700tcore_i3-7100tcore_i7-8086kcore_i5-10210ucore_i5-7260u_firmwarecore_i5-7600k_firmwarecore_i5-8257ucore_i5-8365ue_firmwarecore_i7-8700kcore_i5-7200u_firmwarecore_i5-8600k_firmwarecore_i7-10510u_firmwarecore_i5-7442eqxeon_e-2134xeon_e-2226g_firmwarecore_i3-10100_firmwarecore_i5-10505core_i5-1030g7core_i5-7442eq_firmwarecore_i5-10310y_firmwarecore_i7-8569u_firmwarecore_i7\+8700_firmwarexeon_e-2144g_firmwarecore_i3-1000g1core_i7-10510ycore_i5-7360u_firmwarecore_i5-10600kf_firmwarecore_i3-10110ucore_i5-8210y_firmwarecore_i3-9100e_firmwarecore_i5-9600kcore_i3-10305t_firmwarecore_i5-10310u_firmwarecore_i7-7700hqcore_i9-10900f_firmwarecore_i3-9100hl_firmwarecore_i3-10105fcore_i3-8100hcore_i3-9100t_firmwarexeon_e-2386g_firmwarecore_i5-10300hcore_i5-8350ucore_i3-1005g1_firmwarecore_i5-7300uxeon_e-2246gcore_i5-8500tcore_i3-10100y_firmwarecore_i5-7500core_i5-7200ucore_i5-8350u_firmwarecore_i7-8700b_firmwarecore_i9-8950hkcore_i9-10900ecore_i9-10850kcore_i7-7920hqcore_i5-9300hf_firmwarexeon_e-2314_firmwarexeon_e-2254mlcore_i9-9900ks_firmwarecore_i3-9300_firmwarecore_i5-8400tcore_i7-10700core_i3-9100te_firmwarexeon_e-2254ml_firmwarecore_i7-10750h_firmwarexeon_e-2334core_i3-7350k_firmwarecore_i3-10105tcore_i9-10885hcore_i3-10325core_i3-7100hcore_i3-7101te_firmwarecore_i3-9300xeon_e-2276mlcore_i7-10875hxeon_e-2244gcore_i9-9900kcore_i3-9350kf_firmwarexeon_e-2176gxeon_e-2324gcore_i7-8709gcore_i3-10100core_i7-7y75_firmwarecore_i5-8200y_firmwarecore_i7-8550u_firmwarecore_i5-1035g7_firmwarecore_i7-10700f_firmwarecore_i5-9400core_m3-8100y_firmwarecore_i3-8100tcore_i7-8557uxeon_e-2278ge_firmwarecore_i5-9500tcore_i5-7500t_firmwarecore_i3-10305_firmwarecore_i7-8700tcore_i5-8260u_firmwarecore_m3-7y32core_i5-7400core_i7-8650ucore_i3-7102e_firmwarecore_m3-7y30_firmwarecore_i9-10900e_firmwarexeon_e-2286m_firmwarecore_i3-7320xeon_e-2378g_firmwarecore_i7-9750h_firmwarexeon_e-2234_firmwarecore_i5-1035g1core_i5-1038ng7core_i7-8565u_firmwarecore_i7-10700e_firmwarexeon_e-2186g_firmwarecore_i5-1035g4_firmwarecore_i3-10110y_firmwarexeon_e-2124gcore_i5-7600t_firmwarecore_i5-8500bcore_i5-8269ucore_i5-7440hq_firmwarecore_i5-1030g4core_i7-10700texeon_e-2288gcore_i3-9100exeon_e-2234core_i5-10500core_i7-8709g_firmwarexeon_e-2356g_firmwarecore_i7-9850hcore_i5-9400fcore_i7-9700t_firmwarecore_i5-10500e_firmwarecore_i5-7440eqcore_i5-8279ucore_i5-8279u_firmwarecore_i3-8130u_firmwarecore_i5-9500f_firmwarecore_i5-10600t_firmwarecore_i5-9300hfcore_i3-7100ucore_i5-10210y_firmwarecore_i3-7101tecore_i3-7350kcore_i5-7600kcore_i5-8250ucore_i3-10305core_i3-8140u_firmwarecore_i3-1000g4_firmwarexeon_e-2126gcore_i7-9700tcore_i3-7100t_firmwarecore_i7-7820eqcore_i7-9850hlcore_i5-7360ucore_i7-8650u_firmwarecore_i5-10600kcore_i3-9350kfxeon_e-2388g_firmwarecore_i9-9900k_firmwarecore_i7-7700k_firmwarecore_m3-8100ycore_i9-10900kfcore_i5-8250u_firmwarexeon_e-2186mcore_i7-9700ecore_i7-7567u_firmwarecore_i3-7320_firmwarecore_i5-8400_firmwarexeon_e-2176mcore_i7-7700hq_firmwarecore_i5-7440eq_firmwarecore_i3-1000g1_firmwarecore_i5-10600k_firmwarecore_i7-9750hf_firmwarecore_i5-10310ycore_i5-8400t_firmwarexeon_e-2286gcore_i5-8365u_firmwarecore_i5-10500hcore_i5-8260ucore_i9-10900t_firmwarecore_i7-10810u_firmwarecore_i3-10100t_firmwarecore_i3-9300txeon_e-2244g_firmwarecore_i7-10810ucore_i5-10400f_firmwarexeon_e-2278gcore_i3-8100h_firmwarecore_i3-10105_firmwarecore_i7-10875h_firmwarexeon_e-2378_firmwarecore_i7-8850hcore_i5-10500t_firmwarecore_i3-7130ucore_i5-8265u_firmwarexeon_e-2374gcore_i3-10100fcore_i3-8300_firmwarecore_i9-9900_firmwarecore_i7-1065g7_firmwarecore_i5-10600core_i7\+8700core_i5-8257u_firmwarecore_i9-10900kf_firmwarecore_m3-7y30core_i3-9350kcore_i5-8500_firmwarecore_i9-10850k_firmwarecore_i5-8365uecore_i7-8665uecore_i7-8809g_firmwarecore_i9-10885h_firmwarecore_i7-7700t_firmwarecore_i9-9980hk_firmwarecore_i5-1030g7_firmwarecore_i5-9400h_firmwarecore_i3-10320core_i9-10900tcore_i5-8200ycore_i5-8310ycore_i3-10110u_firmwarexeon_e-2324g_firmwarexeon_e-2278gel_firmwarecore_i5-9500texeon_e-2144gcore_i5-7440hqcore_i5-9500t_firmwarecore_i7-8569ucore_i7-9700te_firmwarecore_i7-7700_firmwarecore_i5-10500tcore_i3-10320_firmwarecore_i3-1005g1core_i3-8100bcore_i5-9600tcore_i3-7020u_firmwarecore_i3-7101e_firmwarecore_i3-9320core_i7-10850h_firmwarecore_i7-1065g7core_i5-9400t_firmwarecore_i9-9980hkcore_i5-8305gcore_i7-8559ucore_i5-8600tcore_i9-10900texeon_e-2146gcore_i9-10980hk_firmwarecore_i7-9700_firmwarecore_i3-8130uIntel(R) Processors
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33704
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.5||HIGH
EPSS-0.04% / 10.39%
||
7 Day CHG~0.00%
Published-11 Jul, 2022 | 13:36
Updated-03 Aug, 2024 | 08:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2022-34147
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.40%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in BIOS firmware for some Intel(R) NUC 9 Extreme Laptop Kits, Intel(R) NUC Performance Kits, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute Element, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board, and Intel(R) NUC Compute Element may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc10i7fnhaa_firmwarecm8i3cb4nnuc10i7fnk_firmwarecm8pcb4r_firmwarenuc10i7fnhc_firmwarenuc8i3pnk_firmwarenuc10i3fnhja_firmwarenuc10i3fnhfnuc10i5fnhnnuc10i7fnhccm8i5cb8n_firmwarenuc9i9qn_firmwarenuc10i5fnknuc8i3pnh_firmwarenuc10i3fnkn_firmwarelapqc71d_firmwarenuc10i5fnhja_firmwarenuc10i7fnkpanuc10i7fnh_firmwarenuc10i3fnhnuc10i5fnkpnuc10i5fnhjnuc10i7fnhnnuc10i3fnkcm8pcb4rnuc10i5fnkpa_firmwarenuc8i3pnknuc10i5fnkpanuc10i3fnk_firmwarenuc10i5fnh_firmwarelapqc71b_firmwarecm8i3cb4n_firmwarenuc10i3fnhncm8i7cb8n_firmwarelapqc71acm8ccb4r_firmwarelapqc71c_firmwarenuc10i7fnhjacm8i7cb8nlapqc71bnuc10i7fnkpa_firmwarenuc9i5qnnuc10i5fnhfnuc10i3fnhfanuc10i5fnhj_firmwarenuc10i7fnkn_firmwarenuc10i5fnhnuc9i7qnlapqc71dnuc10i7fnknnuc10i5fnhca_firmwarenuc10i5fnknnuc10i5fnkp_firmwarenuc10i7fnhnuc8i3pnb_firmwarenuc8i3pnbnuc9i5qn_firmwarenuc10i3fnknnuc10i3fnhfa_firmwarenuc9i7qn_firmwarenuc10i7fnhaanuc10i5fnhf_firmwarenuc8i3pnhnuc10i5fnhn_firmwarenuc10i5fnk_firmwarelapqc71cnuc10i7fnknuc10i7fnkpnuc10i7fnhn_firmwarenuc10i3fnhn_firmwarecm8ccb4rnuc10i5fnkn_firmwarenuc10i3fnhf_firmwarenuc10i7fnkp_firmwarenuc10i3fnhjanuc9i9qnlapqc71a_firmwarenuc10i5fnhjanuc10i5fnhcanuc10i7fnhja_firmwarenuc10i3fnh_firmwarecm8i5cb8nIntel(R) NUC 9 Extreme Laptop Kits, Intel(R) NUC Performance Kits, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute Element, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board, and Intel(R) NUC Compute Element
CWE ID-CWE-20
Improper Input Validation
CVE-2022-34443
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.94%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 04:19
Updated-27 Mar, 2025 | 14:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Rugged Control Center, versions prior to 4.5, contain an Improper Input Validation in the Service EndPoint. A Local Low Privilege attacker could potentially exploit this vulnerability, leading to an Escalation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-rugged_control_centerRugged Control Center (RCC)
CWE ID-CWE-20
Improper Input Validation
CVE-2024-21315
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 50.46%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 18:02
Updated-03 May, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability

Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_server_2022_23h2windows_server_2016windows_10_1809windows_server_2012defender_for_endpointwindows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Microsoft Defender for Endpoint for Windows
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 10
  • 11
  • Next
Details not found