Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-1619

Summary
Assigner-juniper
Assigner Org ID-8cbe9d5a-a066-4c94-8978-4b15efeae968
Published At-08 Apr, 2020 | 19:25
Updated At-17 Sep, 2024 | 02:27
Rejected At-
Credits

Junos OS: QFX10K Series, EX9200 Series, MX Series, PTX Series: Privilege escalation vulnerability in NG-RE.

A privilege escalation vulnerability in Juniper Networks QFX10K Series, EX9200 Series, MX Series, and PTX Series with Next-Generation Routing Engine (NG-RE), allows a local authenticated high privileged user to access the underlying WRL host. This issue only affects QFX10K Series with NG-RE, EX9200 Series with NG-RE, MX Series with NG-RE and PTX Series with NG-RE; which uses vmhost. This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3; 17.2 versions prior to 17.2R1-S9, 17.2R3-S3; 17.3 versions prior to 17.3R2-S5, 17.3R3-S7; 17.4 versions prior to 17.4R2-S7, 17.4R3; 18.1 versions prior to 18.1R3-S4; 18.2 versions prior to 18.2R3; 18.2X75 versions prior to 18.2X75-D50; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2. To identify whether the device has NG-RE with vmhost, customer can run the following command: > show vmhost status Compute cluster: rainier-re-cc Compute Node: rainier-re-cn, Online If the "show vmhost status" is not supported, then the device does not have NG-RE with vmhost.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:juniper
Assigner Org ID:8cbe9d5a-a066-4c94-8978-4b15efeae968
Published At:08 Apr, 2020 | 19:25
Updated At:17 Sep, 2024 | 02:27
Rejected At:
▼CVE Numbering Authority (CNA)
Junos OS: QFX10K Series, EX9200 Series, MX Series, PTX Series: Privilege escalation vulnerability in NG-RE.

A privilege escalation vulnerability in Juniper Networks QFX10K Series, EX9200 Series, MX Series, and PTX Series with Next-Generation Routing Engine (NG-RE), allows a local authenticated high privileged user to access the underlying WRL host. This issue only affects QFX10K Series with NG-RE, EX9200 Series with NG-RE, MX Series with NG-RE and PTX Series with NG-RE; which uses vmhost. This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3; 17.2 versions prior to 17.2R1-S9, 17.2R3-S3; 17.3 versions prior to 17.3R2-S5, 17.3R3-S7; 17.4 versions prior to 17.4R2-S7, 17.4R3; 18.1 versions prior to 18.1R3-S4; 18.2 versions prior to 18.2R3; 18.2X75 versions prior to 18.2X75-D50; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2. To identify whether the device has NG-RE with vmhost, customer can run the following command: > show vmhost status Compute cluster: rainier-re-cc Compute Node: rainier-re-cn, Online If the "show vmhost status" is not supported, then the device does not have NG-RE with vmhost.

Affected Products
Vendor
Juniper Networks, Inc.Juniper Networks
Product
Junos OS
Platforms
  • QFX10K Series, EX9200 Series, MX Series, PTX Series
Versions
Affected
  • From 16.1 before 16.1R7-S6 (custom)
  • From 16.2 before 16.2R2-S11 (custom)
  • From 17.1 before 17.1R2-S11, 17.1R3 (custom)
  • From 17.2 before 17.2R1-S9, 17.2R3-S3 (custom)
    • -> affectedfrom17.2R2
  • From 17.3 before 17.3R2-S5, 17.3R3-S7 (custom)
  • From 17.4 before 17.4R2-S7, 17.4R3 (custom)
  • From 18.1 before 18.1R3-S4 (custom)
  • From 18.2 before 18.2R3 (custom)
  • From 18.2X75 before 18.2X75-D50 (custom)
  • From 18.3 before 18.3R2 (custom)
  • From 18.4 before 18.4R2 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-264CWE-264 Permissions, Privileges, and Access Controls
CWECWE-20CWE-20 Improper Input Validation
Type: CWE
CWE ID: CWE-264
Description: CWE-264 Permissions, Privileges, and Access Controls
Type: CWE
CWE ID: CWE-20
Description: CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.16.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Version: 3.1
Base score: 6.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

The following software releases have been updated to resolve this specific issue: 16.1R7-S6, 16.2R2-S11, 17.1R2-S11, 17.1R3, 17.2R1-S9, 17.2R3-S3, 17.3R2-S5, 17.3R3-S7, 17.4R2-S7, 17.4R3, 18.1R3-S4, 18.2R3, 18.2X75-D50, 18.3R2, 18.4R2, 19.1R1 and all subsequent releases.

Configurations
Workarounds

There are no available workarounds for this issue.

Exploits

Juniper SIRT is not aware of any malicious exploitation of this vulnerability.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kb.juniper.net/JSA11002
x_refsource_CONFIRM
Hyperlink: https://kb.juniper.net/JSA11002
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kb.juniper.net/JSA11002
x_refsource_CONFIRM
x_transferred
Hyperlink: https://kb.juniper.net/JSA11002
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:sirt@juniper.net
Published At:08 Apr, 2020 | 20:15
Updated At:22 Nov, 2021 | 15:54

A privilege escalation vulnerability in Juniper Networks QFX10K Series, EX9200 Series, MX Series, and PTX Series with Next-Generation Routing Engine (NG-RE), allows a local authenticated high privileged user to access the underlying WRL host. This issue only affects QFX10K Series with NG-RE, EX9200 Series with NG-RE, MX Series with NG-RE and PTX Series with NG-RE; which uses vmhost. This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3; 17.2 versions prior to 17.2R1-S9, 17.2R3-S3; 17.3 versions prior to 17.3R2-S5, 17.3R3-S7; 17.4 versions prior to 17.4R2-S7, 17.4R3; 18.1 versions prior to 18.1R3-S4; 18.2 versions prior to 18.2R3; 18.2X75 versions prior to 18.2X75-D50; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2. To identify whether the device has NG-RE with vmhost, customer can run the following command: > show vmhost status Compute cluster: rainier-re-cc Compute Node: rainier-re-cn, Online If the "show vmhost status" is not supported, then the device does not have NG-RE with vmhost.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Secondary3.16.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:-:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r3-s10:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r3-s11:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r4-s12:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r4-s2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r4-s3:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r4-s4:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r4-s6:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r5:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r5-s4:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r6-s1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r6-s6:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r7:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r7-s2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r7-s3:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r7-s4:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.1
cpe:2.3:o:juniper:junos:16.1:r7-s5:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.2
cpe:2.3:o:juniper:junos:16.2:-:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.2
cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.2
cpe:2.3:o:juniper:junos:16.2:r2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.2
cpe:2.3:o:juniper:junos:16.2:r2-s1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.2
cpe:2.3:o:juniper:junos:16.2:r2-s10:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.2
cpe:2.3:o:juniper:junos:16.2:r2-s2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.2
cpe:2.3:o:juniper:junos:16.2:r2-s5:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.2
cpe:2.3:o:juniper:junos:16.2:r2-s6:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.2
cpe:2.3:o:juniper:junos:16.2:r2-s7:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.2
cpe:2.3:o:juniper:junos:16.2:r2-s8:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>16.2
cpe:2.3:o:juniper:junos:16.2:r2-s9:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.1
cpe:2.3:o:juniper:junos:17.1:-:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.1
cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.1
cpe:2.3:o:juniper:junos:17.1:r2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.1
cpe:2.3:o:juniper:junos:17.1:r2-s1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.1
cpe:2.3:o:juniper:junos:17.1:r2-s10:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.1
cpe:2.3:o:juniper:junos:17.1:r2-s2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.1
cpe:2.3:o:juniper:junos:17.1:r2-s3:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.1
cpe:2.3:o:juniper:junos:17.1:r2-s4:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.1
cpe:2.3:o:juniper:junos:17.1:r2-s5:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.1
cpe:2.3:o:juniper:junos:17.1:r2-s6:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.1
cpe:2.3:o:juniper:junos:17.1:r2-s7:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.1
cpe:2.3:o:juniper:junos:17.1:r2-s8:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.1
cpe:2.3:o:juniper:junos:17.1:r2-s9:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.2
cpe:2.3:o:juniper:junos:17.2:-:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.2
cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.2
cpe:2.3:o:juniper:junos:17.2:r1-s1:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.2
cpe:2.3:o:juniper:junos:17.2:r1-s2:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>17.2
cpe:2.3:o:juniper:junos:17.2:r1-s3:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE-20Secondarysirt@juniper.net
CWE-264Secondarysirt@juniper.net
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-20
Type: Secondary
Source: sirt@juniper.net
CWE ID: CWE-264
Type: Secondary
Source: sirt@juniper.net
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://kb.juniper.net/JSA11002sirt@juniper.net
Vendor Advisory
Hyperlink: https://kb.juniper.net/JSA11002
Source: sirt@juniper.net
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

592Records found
CVE-2018-0051
Matching Score-6
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Juniper Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.41% / 60.24%
||
7 Day CHG~0.00%
Published-10 Oct, 2018 | 18:00
Updated-16 Sep, 2024 | 23:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: Denial of Service vulnerability in MS-PIC, MS-MIC, MS-MPC, MS-DPC and SRX flow daemon (flowd) related to SIP ALG

A Denial of Service vulnerability in the SIP application layer gateway (ALG) component of Junos OS based platforms allows an attacker to crash MS-PIC, MS-MIC, MS-MPC, MS-DPC or SRX flow daemon (flowd) process. This issue affects Junos OS devices with NAT or stateful firewall configuration in combination with the SIP ALG enabled. SIP ALG is enabled by default on SRX Series devices except for SRX-HE devices. SRX-HE devices have SIP ALG disabled by default. The status of ALGs in SRX device can be obtained by executing the command: show security alg status Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77; 12.3X48 versions prior to 12.3X48-D70; 15.1X49 versions prior to 15.1X49-D140; 15.1 versions prior to 15.1R4-S9, 15.1R7-S1; 15.1F6; 16.1 versions prior to 16.1R4-S9, 16.1R6-S1, 16.1R7; 16.2 versions prior to 16.2R2-S7, 16.2R3; 17.1 versions prior to 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.3 versions prior to 17.3R1-S5, 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R2. No other Juniper Networks products or platforms are affected by this issue.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosJunos OS
CWE ID-CWE-20
Improper Input Validation
CVE-2018-0062
Matching Score-6
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Juniper Networks, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.49% / 64.45%
||
7 Day CHG~0.00%
Published-10 Oct, 2018 | 18:00
Updated-17 Sep, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: Denial of Service in J-Web

A Denial of Service vulnerability in J-Web service may allow a remote unauthenticated user to cause Denial of Service which may prevent other users to authenticate or to perform J-Web operations. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D60 on SRX Series; 15.1 versions prior to 15.1R7; 15.1F6; 15.1X49 versions prior to 15.1X49-D120 on SRX Series; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400 Series; 15.1X53 versions prior to 15.1X53-D67 on QFX10K Series; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D470, 15.1X53-D495 on NFX Series; 16.1 versions prior to 16.1R6; 16.2 versions prior to 16.2R2-S6, 16.2R3; 17.1 versions prior to 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R2. No other Juniper Networks products or platforms are affected by this issue.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-qfx5200ex2300junosqfx5110qfx10000nfx_seriesex3400Junos OS
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1257
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.61% / 68.72%
||
7 Day CHG~0.00%
Published-15 Jan, 2016 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Routing Engine in Juniper Junos OS 13.2R5 through 13.2R8, 13.3R1 before 13.3R8, 13.3R7 before 13.3R7-S3, 14.1R1 before 14.1R6, 14.1R3 before 14.1R3-S9, 14.1R4 before 14.1R4-S7, 14.1X51 before 14.1X51-D65, 14.1X53 before 14.1X53-D12, 14.1X53 before 14.1X53-D28, 14.1X53 before 4.1X53-D35, 14.2R1 before 14.2R5, 14.2R3 before 14.2R3-S4, 14.2R4 before 14.2R4-S1, 15.1 before 15.1R3, 15.1F2 before 15.1F2-S2, and 15.1X49 before 15.1X49-D40, when LDP is enabled, allows remote attackers to cause a denial of service (RPD routing process crash) via a crafted LDP packet.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.
Product-junosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2023-0026
Matching Score-6
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Juniper Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.89%
||
7 Day CHG~0.00%
Published-21 Jun, 2023 | 00:00
Updated-06 Dec, 2024 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
2023-06: Out-of-Cycle Security Bulletin: Junos OS and Junos OS Evolved: A BGP session will flap upon receipt of a specific, optional transitive attribute

An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a BGP update message is received over an established BGP session, and that message contains a specific, optional transitive attribute, this session will be torn down with an update message error. This issue cannot propagate beyond an affected system as the processing error occurs as soon as the update is received. This issue is exploitable remotely as the respective attribute can propagate through unaffected systems and intermediate AS (if any). Continuous receipt of a BGP update containing this attribute will create a sustained Denial of Service (DoS) condition. Some customers have experienced these BGP session flaps which prompted Juniper SIRT to release this advisory out of cycle before fixed releases are widely available as there is an effective workaround. This issue affects: Juniper Networks Junos OS 15.1R1 and later versions prior to 20.4R3-S8; 21.1 version 21.1R1 and later versions prior to 21.2R3-S6; 21.3 versions prior to 21.3R3-S5; 21.4 versions prior to 21.4R3-S4; 22.1 versions prior to 22.1R3-S4; 22.2 versions prior to 22.2R3-S2; 22.3 versions prior to 22.3R2-S2, 22.3R3-S1; 22.4 versions prior to 22.4R2-S1, 22.4R3; 23.1 versions prior to 23.1R1-S1, 23.1R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S8-EVO; 21.1 version 21.1R1-EVO and later versions prior to 21.2R3-S6-EVO; 21.3 versions prior to 21.3R3-S5-EVO; 21.4 versions prior to 21.4R3-S4-EVO; 22.1 versions prior to 22.1R3-S4-EVO; 22.2 versions prior to 22.2R3-S2-EVO; 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO; 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO; 23.1 versions prior to 23.1R1-S1-EVO, 23.1R2-EVO.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junos_os_evolvedjunosJunos OSJunos OS Evolved
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7748
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.52% / 65.70%
||
7 Day CHG~0.00%
Published-19 Oct, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Juniper chassis with Trio (Trinity) chipset line cards and Junos OS 13.3 before 13.3R8, 14.1 before 14.1R6, 14.2 before 14.2R5, and 15.1 before 15.1R2 allow remote attackers to cause a denial of service (MPC line card crash) via a crafted uBFD packet.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.
Product-junosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-5369
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.38% / 58.42%
||
7 Day CHG~0.00%
Published-11 Aug, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pulse Connect Secure (aka PCS and formerly Juniper PCS) PSC6000, PCS6500, and MAG PSC360 8.1 before 8.1r5, 8.0 before 8.0r13, 7.4 before 7.4r13.5, and 7.1 before 7.1r22.2 and PPS 5.1 before 5.1R5 and 5.0 before 5.0R13, when Hardware Acceleration is enabled, does not properly validate the Finished TLS handshake message, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted Finished message.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.
Product-pulse_connect_securemag_pcs360pcs6000pcs6500n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-3004
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.25% / 48.40%
||
7 Day CHG~0.00%
Published-10 Apr, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

J-Web in Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D35, 12.1X46 before 12.1X46-D25, 12.1X47 before 12.1X47-D10, 12.3X48 before 12.3X48-D10, 12.2 before 12.2R9, 12.3 before 12.3R7, 13.2 before 13.2R6, 13.2X51 before 13.2X51-D20, 13.3 before 13.3R5, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, and 14.2 before 14.2R1 allows remote attackers to conduct clickjacking attacks via an X-Frame-Options header.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.
Product-junosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-6618
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9||HIGH
EPSS-8.86% / 92.19%
||
7 Day CHG~0.00%
Published-05 Nov, 2013 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.
Product-junosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-2340
Matching Score-6
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Juniper Networks, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.41% / 60.61%
||
7 Day CHG~0.00%
Published-24 Apr, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On Juniper Networks Junos OS 15.1 releases from 15.1R3 to 15.1R4, 16.1 prior to 16.1R3, on M/MX platforms where Enhanced Subscriber Management for DHCPv6 subscribers is configured, a vulnerability in processing IPv6 ND packets originating from subscribers and destined to M/MX series routers can result in a PFE (Packet Forwarding Engine) hang or crash.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosJunos OS on M/MX platforms where Enhanced Subscriber Management for DHCPv6 subscribers is configured
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0278
Matching Score-6
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Juniper Networks, Inc.
CVSS Score-8.8||HIGH
EPSS-0.17% / 38.32%
||
7 Day CHG~0.00%
Published-15 Jul, 2021 | 20:00
Updated-17 Sep, 2024 | 03:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: J-Web allows a locally authenticated attacker to escalate their privileges to root.

An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device. junos:18.3R3-S5 junos:18.4R3-S9 junos:19.1R3-S6 junos:19.3R2-S6 junos:19.3R3-S3 junos:19.4R1-S4 junos:19.4R3-S4 junos:20.1R2-S2 junos:20.1R3 junos:20.2R3-S1 junos:20.3X75-D20 junos:20.3X75-D30 junos:20.4R2-S1 junos:20.4R3 junos:21.1R1-S1 junos:21.1R2 junos:21.2R1 junos:21.3R1 This issue affects: Juniper Networks Junos OS 19.3 versions 19.3R1 and above prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.3R1.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosJunos OS
CWE ID-CWE-20
Improper Input Validation
CVE-2019-5780
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.99%
||
7 Day CHG~0.00%
Published-19 Feb, 2019 | 17:00
Updated-04 Aug, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events.

Action-Not Available
Vendor-Google LLCRed Hat, Inc.Apple Inc.Fedora ProjectDebian GNU/Linux
Product-enterprise_linux_serverdebian_linuxchromeenterprise_linux_workstationfedoramacosenterprise_linux_desktopChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2007-0436
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.07% / 21.75%
||
7 Day CHG~0.00%
Published-04 Feb, 2007 | 00:00
Updated-07 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Barron McCann X-Kryptor Driver BMS1446HRR (Xgntr BMS1351 Install BMS1472) in X-Kryptor Secure Client does not drop privileges when launching an Explorer window in response to a help command, which allows local users to gain LocalSystem privileges via interactive use of Explorer.

Action-Not Available
Vendor-barron_mccannn/a
Product-installx-kryptor_secure_clientx-kryptor_driverxgntrn/a
CWE ID-CWE-264
Not Available
CVE-2007-0843
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.42% / 60.98%
||
7 Day CHG~0.00%
Published-23 Feb, 2007 | 00:00
Updated-07 Aug, 2024 | 12:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, Server 2003, and Vista does not check permissions for child objects, which allows local users to bypass permissions by opening a directory with LIST (READ) access and using ReadDirectoryChangesW to monitor changes of files that do not have LIST permissions, which can be leveraged to determine filenames, access times, and other sensitive information.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_2003_serverwindows_xpwindows_vistawindows_2000n/a
CWE ID-CWE-264
Not Available
CVE-2013-6049
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.46%
||
7 Day CHG~0.00%
Published-20 Oct, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

apt-listbugs before 0.1.10 creates temporary files insecurely, which allows attackers to have unspecified impact via unknown vectors.

Action-Not Available
Vendor-apt-listbugs_projectn/aDebian GNU/Linux
Product-apt-listbugsdebian_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-6650
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.58% / 67.81%
||
7 Day CHG~0.00%
Published-22 May, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Telnet CLI command of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into the Telnet CLI command. An exploit could allow the attacker to read or write arbitrary files at the user's privilege level outside of the user's path. Cisco Bug IDs: CSCvb86771.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-nexus_5548upnexus_5596upnexus_5624qnexus_5596tnexus_5696qnexus_5672up-16gnx-osnexus_5648qnexus_5672upnexus_56128pCisco Nexus Series Switches
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2017-7218
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.22% / 44.49%
||
7 Day CHG~0.00%
Published-14 Apr, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters.

Action-Not Available
Vendor-n/aPalo Alto Networks, Inc.
Product-pan-osn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-6649
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.58% / 67.81%
||
7 Day CHG~0.00%
Published-22 May, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command. An exploit could allow the attacker to read or write arbitrary files at the user's privilege level outside of the user's path. Cisco Bug IDs: CSCvb86787, CSCve60516, CSCve60555.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-nexus_5548upnexus_5596upnexus_5624qnexus_5596tnexus_5696qnexus_5672up-16gnx-osnexus_5648qnexus_5672upnexus_56128pCisco Nexus Series Switches
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2017-6773
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 15.75%
||
7 Day CHG~0.00%
Published-17 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions and execute commands on the underlying operating system. The vulnerability is due to insufficient input sanitization of user-supplied input at the CLI. An attacker could exploit this vulnerability by crafting a script on the device that will allow them to bypass built-in restrictions. An exploit could allow the unauthorized user to launch the CLI directly from a command shell. Cisco Bug IDs: CSCvd47722. Known Affected Releases: 21.0.v0.65839.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_5000_softwareStarOS for ASR 5000 Series Aggregated Services Routers
CWE ID-CWE-20
Improper Input Validation
CVE-2017-6261
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-8.2||HIGH
EPSS-0.07% / 20.71%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 13:18
Updated-05 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NVIDIA’s Vibrante Linux version 1.1, 2.0, and 2.2 contains a vulnerability in the user space driver in which protection mechanisms are insufficient, may lead to denial of service or information disclosure

NVIDIA Vibrante Linux version 1.1, 2.0, and 2.2 contains a vulnerability in the user space driver in which protection mechanisms are insufficient, may lead to denial of service or information disclosure.

Action-Not Available
Vendor-NVIDIA Corporation
Product-vibrante_linuxNVIDIA Vibrante Linux
CWE ID-CWE-693
Protection Mechanism Failure
CWE ID-CWE-20
Improper Input Validation
CVE-2017-6345
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 23.53%
||
7 Day CHG~0.00%
Published-01 Mar, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-6256
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.62%
||
7 Day CHG~0.00%
Published-28 Jul, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to denial of service or potential escalation of privileges.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-gpu_driverwindowsNVIDIA Windows GPU Display Driver
CWE ID-CWE-20
Improper Input Validation
CVE-2006-6383
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.13% / 33.72%
||
7 Day CHG~0.00%
Published-10 Dec, 2006 | 20:00
Updated-07 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and open_basedir restrictions via a malicious path and a null byte before a ";" in a session_save_path argument, followed by an allowed path, which causes a parsing inconsistency in which PHP validates the allowed path but sets session.save_path to the malicious path.

Action-Not Available
Vendor-n/aThe PHP Group
Product-phpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-44454
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus(R) Prime Pro Edition
CWE ID-CWE-20
Improper Input Validation
CVE-2024-47238
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.03% / 7.86%
||
7 Day CHG~0.00%
Published-12 Dec, 2024 | 17:38
Updated-04 Feb, 2025 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.

Action-Not Available
Vendor-Dell Inc.
Product-edge_gateway_3000embedded_box_pc_3000_firmwareedge_gateway_3003edge_gateway_5100_firmwareedge_gateway_5100embedded_box_pc_3000edge_gateway_3002_firmwareedge_gateway_3003_firmwareedge_gateway_3002edge_gateway_3001_firmwareedge_gateway_3200_firmwareedge_gateway_3001edge_gateway_3000_firmwareedge_gateway_5000_firmwareedge_gateway_3200edge_gateway_5000Dell Client Platform BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2021-4210
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 30.04%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 20:30
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability in the SMI callback function used in the NVME driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkstation_p520_firmwareideacentre_aio_3-27itl6_firmwarethinkcentre_m910zideacentre_aio_3-27itl6ideacentre_aio_3-22ada6ideacentre_aio_3-22ada6_firmwarethinkcentre_m800v410z_firmwarethinkcentre_m900ideacentre_g5-14imb05_firmwarethinkstation_p520thinkcentre_m90a_gen2v50t-13imbthinkcentre_x1thinkcentre_m700thinkcentre_m75n_firmwarethinkstation_p310_firmwarethinkstation_p310thinkedge_se30thinkcentre_m700_firmwarethinkcentre_m810zthinkcentre_m800_firmwarethinkcentre_m75nthinkcentre_m810z_firmwareideacentre_aio_3-22itl6_firmwarethinkedge_se30_firmwarethinkcentre_m70a_firmwareideacentre_aio_3-24ada6_firmwarethinkcentre_m900_firmwarea540-27icbstadia_ggp-120_firmwareideacentre_aio_3-22iil5_firmwarev410zstadia_ggp-120ideacentre_c5-14imb05thinkcentre_m900x_firmwarea540-27icb_firmwareideacentre_5-14imb05thinkcentre_m700_tinyideacentre_aio_3-24itl6thinkstation_p520c_firmwarethinkcentre_m90a_gen2_firmwareideacentre_c5-14imb05_firmwarea540-24icbthinkcentre_m70aideacentre_aio_3-24ada6thinkcentre_m820z_firmwareideacentre_aio_3-24itl6_firmwarev540-24iwl_firmwarea540-24icb_firmwareideacentre_aio_3-22iil5ideacentre_5-14imb05_firmwarev50t-13imb_firmwarethinkcentre_m820zthinkcentre_m900xideacentre_aio_3-24iil5thinkcentre_m910z_firmwareideacentre_aio_3-22itl6ideacentre_g5-14imb05thinkcentre_x1_firmwareideacentre_aio_3-24iil5_firmwarethinkcentre_m700_tiny_firmwarev540-24iwlthinkstation_p520cBIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2017-18050
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.38%
||
7 Day CHG~0.00%
Published-16 Mar, 2018 | 22:00
Updated-16 Sep, 2024 | 22:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev_map in wma_tbttoffset_update_event_handler(), which is received from firmware, leads to potential buffer overwrite and out of bounds memory read.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2019-5678
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 35.18%
||
7 Day CHG~0.00%
Published-31 May, 2019 | 21:12
Updated-04 Aug, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GeForce Experience versions prior to 3.19 contains a vulnerability in the Web Helper component, in which an attacker with local system access can craft input that may not be properly validated. Such an attack may lead to code execution, denial of service or information disclosure.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-windowsgeforce_experienceNVIDIA GeForce Experience
CWE ID-CWE-20
Improper Input Validation
CVE-2017-18413
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.17%
||
7 Day CHG~0.00%
Published-02 Aug, 2019 | 13:51
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cPanel before 67.9999.103, the backup system overwrites root's home directory when a mount disappears (SEC-299).

Action-Not Available
Vendor-n/acPanel (WebPros International, LLC)
Product-cpaneln/a
CWE ID-CWE-264
Not Available
CVE-2021-4211
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 10.88%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 20:30
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability in the SMI callback function used in the SMBIOS event log driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-a340-24ickthinkcentre_m90a_\(gen_2\)thinkcentre_m90a_\(gen_2\)_firmwarev30a-24imlthinkcentre_m910xideacentre_aio_3-27itl6_firmwarethinkcentre_m720eideacentre_aio_3-22ada6ideacentre_aio_3-27itl6se30_firmwareideacentre_aio_3-22ada6_firmwarethinkstation_p320a340-22icb_firmwarethinkcentre_m800thinkstation_p320_tinyv410z_firmwareideacentre_510s-07icbthinkcentre_m900thinkcentre_m910sthinkcentre_m710q_firmwarethinkstation_p320_firmwarev520thinkcentre_m710ethinkcentre_m710t_firmwarethinkcentre_m75n_firmwarethinkstation_p310_firmwarethinkcentre_m910qthinkstation_p310thinkcentre_m720e_firmwareideacentre_5-14iob6v530-15icb_firmwareideacentre_510s-07ick_firmwarev530s-07icb_firmwarethinkcentre_m810zthinkcentre_m800_firmwarethinkcentre_m75nthinkcentre_m810z_firmwareideacentre_5-14iob6_firmwarethinkcentre_m710qideacentre_aio_3-22itl6_firmwarethinkcentre_m710tv30a-24iml_firmwarethinkcentre_m70a_firmwarea340-22ickv530-15icrideacentre_aio_3-24ada6_firmwarev530s-07icbthinkcentre_m710e_firmwarethinkcentre_m900_firmwarev530-15icba540-27icbv520s_firmwareideacentre_aio_3-22iil5_firmwareideacentre_510s-07icb_firmwarea340-24ick_firmwarev410zthinkstation_p320_tiny_firmwarea340-24icb_firmwareideacentre_creator_5-14iob6se30thinkcentre_m900x_firmwarea540-27icb_firmwarethinkcentre_m700_tinyv30a-22imlv520_firmwareideacentre_aio_3-24itl6thinkcentre_m710q_\(10yc\)ideacentre_aio_3-24ada6a540-24icbthinkcentre_m70av30a-22iml_firmwarethinkcentre_m820z_firmwareideacentre_aio_3-24itl6_firmwarev530s-07icr_firmwarev540-24iwl_firmwareideacentre_510s-07icka540-24icb_firmwarev530s-07icrthinkcentre_m710s_firmwareideacentre_aio_3-22iil5thinkcentre_m910x_firmwarethinkcentre_m910s_firmwarethinkcentre_m820zthinkcentre_m910t_firmwarev50t-13iob_g2_firmwarev50t-13iob_g2a340-22icbthinkcentre_m710sideacentre_gaming_5-14iob6_firmwarethinkcentre_m900xideacentre_aio_3-24iil5thinkcentre_m710q_\(10yc\)_firmwareideacentre_gaming_5-14iob6v520sideacentre_aio_3-22itl6thinkcentre_m910tv530-15icr_firmwareideacentre_aio_3-24iil5_firmwarethinkcentre_m700_tiny_firmwarethinkcentre_m600_firmwareideacentre_creator_5-14iob6_firmwarea340-24icbv540-24iwlthinkcentre_m600thinkcentre_m910q_firmwarea340-22ick_firmwareBIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2017-18054
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.72%
||
7 Day CHG~0.00%
Published-16 Mar, 2018 | 22:00
Updated-16 Sep, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for num_vdev_mac_entries in wma_pdev_hw_mode_transition_evt_handler(), which is received from firmware, leads to potential buffer overflow.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2017-18415
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.73%
||
7 Day CHG~0.00%
Published-02 Aug, 2019 | 13:53
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cPanel before 67.9999.103 allows code execution in the context of the mailman account because of incorrect environment-variable filtering (SEC-302).

Action-Not Available
Vendor-n/acPanel (WebPros International, LLC)
Product-cpaneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-18430
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.18% / 40.54%
||
7 Day CHG~0.00%
Published-02 Aug, 2019 | 15:55
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cPanel before 66.0.2, user and group ownership may be incorrectly set when using reassign_post_terminate_cruft (SEC-294).

Action-Not Available
Vendor-n/acPanel (WebPros International, LLC)
Product-cpaneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-18055
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.72%
||
7 Day CHG~0.00%
Published-16 Mar, 2018 | 22:00
Updated-17 Sep, 2024 | 02:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for wmi_event->num_vdev_mac_entries in wma_pdev_set_hw_mode_resp_evt_handler(), which is received from firmware, leads to potential buffer overflow.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2023-25936
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-5.1||MEDIUM
EPSS-0.02% / 3.04%
||
7 Day CHG~0.00%
Published-23 Jun, 2023 | 08:56
Updated-08 Nov, 2024 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Action-Not Available
Vendor-Dell Inc.
Product-inspiron_24_5410_all-in-onelatitude_5401vostro_5391_firmwareoptiplex_7770_all-in-onexps_15_9510_firmwareinspiron_3470inspiron_7300_firmwarelatitude_3520inspiron_13_5330precision_3561_firmwarevostro_3669xps_17_9710_firmwareoptiplex_tower_plus_7010_firmwareprecision_7770_firmwareprecision_7560inspiron_5590_firmwareg7_17_7790_firmwarelatitude_7380_firmwarevostro_3888xps_13_9315inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_14_rugged_5414precision_7540wyse_7040_thin_clientinspiron_15_3511_firmwarewyse_5070latitude_9420inspiron_5490_firmwareprecision_5470_firmwarealienware_area_51m_r1_firmwarelatitude_5590optiplex_5080inspiron_5502latitude_5511inspiron_5620_firmwareinspiron_7501latitude_7390_2-in-1inspiron_7300_2-in-1chengming_3911_firmwareprecision_5530_2-in-1precision_5550xps_17_9700inspiron_16_7630_2-in-1alienware_x14_firmwareinspiron_3583precision_7720alienware_m17_r3_firmwarelatitude_5300vostro_3400alienware_x14g3_3500precision_5530_firmwareoptiplex_5050alienware_aurora_r11g5_15_5500_firmwarelatitude_7300inspiron_7710optiplex_7090precision_3620_towerg7_17_7700_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_5490_aio_firmwareinspiron_7000latitude_3420inspiron_3782latitude_3590_firmwarelatitude_7490_firmwarevostro_3020_talienware_m15_r2vostro_5491_firmwareprecision_5520latitude_5310_2-in-1_firmwareprecision_3570inspiron_7490_firmwareinspiron_5409xps_8950precision_5720_aiolatitude_7400latitude_5591optiplex_5270_all-in-one_firmwarexps_13_9320xps_8960_firmwarexps_13_9320_firmwareinspiron_3471inspiron_3511_firmwarelatitude_5531_firmwareoptiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwareinspiron_14_5410optiplex_7460_all-in-oneprecision_3570_firmwareoptiplex_5070latitude_3400precision_5770_firmwareinspiron_14_7430_2-in-1latitude_3420_firmwareg5_5000alienware_aurora_r15xps_15_9575_2-in-1inspiron_5491_2-in-1_firmwareoptiplex_3090_firmwareg15_5520_firmwarelatitude_3530vostro_3581_firmwareinspiron_7506_2-in-1_firmwarelatitude_7320_detachable_firmwarevostro_3581latitude_9410optiplex_7070vostro_3020_sffoptiplex_7080_firmwarevostro_16_5630latitude_5420_rugged_firmwareinspiron_3521inspiron_5491_aio_firmwarealienware_m16latitude_5310latitude_5530vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedoptiplex_7090_ultra_firmwareoptiplex_7000_oemvostro_3268_firmwareinspiron_7000_firmwareg16_7620alienware_x15_r1precision_3450chengming_3900inspiron_5420latitude_7390_2-in-1_firmwareinspiron_5400latitude_7330_firmwarelatitude_7480_firmwarexps_15_9520_firmwarevostro_5591vostro_5090precision_5560latitude_3190inspiron_3510_firmwareinspiron_3020soptiplex_5400latitude_7430_firmwarelatitude_3330_firmwareinspiron_3881_firmwarelatitude_5488latitude_5521inspiron_3020_firmwarelatitude_7380optiplex_5480_all-in-one_firmwareprecision_3540alienware_aurora_r11_firmwarealienware_x17_r2_firmwareinspiron_3910inspiron_7510_firmwareprecision_5570_firmwareinspiron_3580_firmwareinspiron_3781_firmwareinspiron_7500_2-in-1_black_firmwarewyse_5070_firmwarevostro_3670_firmwareinspiron_3510inspiron_3280_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520wyse_5470_all-in-one_firmwareprecision_7820_toweroptiplex_3090latitude_7290vostro_5410vostro_7620_firmwarelatitude_7212_rugged_extreme_tablet_firmwarealienware_area_51m_r1inspiron_16_7620_2-in-1inspiron_5402latitude_13_3380_firmwarelatitude_5430_firmwareinspiron_3582latitude_7230_rugged_extreme_tabletlatitude_7285_2-in-1_firmwarelatitude_7480precision_7540_firmwarevostro_3401_firmwareinspiron_7391_firmwarevostro_3881vostro_5401wyse_5470_firmwareinspiron_5593latitude_5420_firmwareprecision_3561optiplex_5000inspiron_5770alienware_m17_r2_firmwarelatitude_3580vostro_5300precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwarevostro_5301xps_15_9510inspiron_16_plus_7620inspiron_5481_2-in-1inspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarealienware_m15_r7_firmwarealienware_m15_r6_firmwareoptiplex_5270_all-in-oneoptiplex_xe3vostro_3584optiplex_7000_firmwarelatitude_3301_firmwarevostro_3481_firmwareinspiron_3502latitude_5491latitude_3140_firmwarelatitude_9520_firmwareprecision_5560_firmwarelatitude_5330vostro_3690_firmwarealienware_aurora_r12latitude_5520_firmwareoptiplex_5090inspiron_24_5410_all-in-one_firmwareoptiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarealienware_aurora_r15_firmwarelatitude_7280latitude_5400alienware_aurora_r13_firmwarelatitude_5410precision_7865_towerprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwareprecision_3551latitude_5401_firmwarealienware_m17_r3vostro_5491precision_5820_towerinspiron_3520precision_7730precision_3640_tower_firmwareinspiron_7610vostro_5301_firmwareg7_17_7790vostro_5890inspiron_5400_2-in-1optiplex_7770_all-in-one_firmwarelatitude_5400_firmwareinspiron_7610_firmwareinspiron_5400_2-in-1_firmwareg7_15_7590inspiron_7391alienware_m17_r4latitude_9330_firmwareinspiron_7700_all-in-onevostro_3671_firmwareprecision_3440latitude_rugged_7220ex_firmwareprecision_7510_firmwarevostro_5402optiplex_7090_ultrag5_5000_firmwareoptiplex_7470_all-in-oneoptiplex_5250_firmwarealienware_m15_r3_firmwareinspiron_3671_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwareinspiron_3781vostro_3690g16_7620_firmwareinspiron_5300_firmwareprecision_3460_small_form_factor_firmwareoptiplex_7000_oem_firmwarelatitude_7530optiplex_3050_firmwareoptiplex_7490_all-in-onevostro_7500alienware_m15_r7inspiron_7590_firmwareinspiron_7791_firmwareprecision_7740_firmwarelatitude_7285_2-in-1alienware_m15_r2_firmwarelatitude_7389vostro_3681precision_7920_towerinspiron_5570_firmwarelatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareprecision_3530inspiron_3582_firmwarelatitude_5411_firmwarelatitude_3510_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultrainspiron_15_5518_firmwareprecision_7740optiplex_tower_plus_7010inspiron_3481_firmwareprecision_5530latitude_7310_firmwareoptiplex_3000_thin_clientinspiron_7306_2-in-1latitude_7530_firmwareinspiron_3790_firmwareinspiron_3584_firmwareoptiplex_3050_all-in-onelatitude_9510optiplex_3280_all-in-onexps_13_7390_firmwarexps_13_9310_firmwareinspiron_3583_firmwareinspiron_5770_firmwareprecision_5760_firmwarelatitude_3180_firmwarevostro_3420_firmwarevostro_3681_firmwarevostro_3580_firmwareinspiron_3581_firmwarelatitude_9510_firmwarevostro_5890_firmwareinspiron_3910_firmwareinspiron_5406_2-in-1precision_7760_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwareinspiron_3511vostro_3668xps_13_9305_firmwareinspiron_5410optiplex_7760_all-in-onelatitude_7280_firmwarevostro_5502vostro_3670latitude_5280inspiron_7420_firmwareoptiplex_7780_all-in-oneinspiron_5490inspiron_3501_firmwareinspiron_27_7720_all-in-one_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5481_2-in-1_firmwarelatitude_5480_firmwareprecision_3930_rackprecision_7865_tower_firmwarexps_17_9720vostro_3490inspiron_5391g5_15_5590_firmwareinspiron_5598inspiron_3482inspiron_14_plus_7420latitude_5320_firmwareg7_15_7590_firmwareoptiplex_3080xps_13_9315_firmwarelatitude_3480inspiron_3782_firmwarexps_13_9300_firmwareprecision_5750alienware_m15_r4latitude_rugged_5430precision_5570vostro_3671inspiron_7591latitude_7310inspiron_14_5410_firmwareinspiron_7790inspiron_5420_firmwarelatitude_5421_firmwareinspiron_7500inspiron_7790_firmwareg15_5511inspiron_5620precision_5760vostro_3584_firmwarealienware_m16_firmwarelatitude_3390_2-in-1_firmwarechengming_3990_firmwareoptiplex_7480_all-in-oneprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwarelatitude_9430optiplex_7070_ultra_firmwarevostro_3400_firmwarevostro_5310_firmwareoptiplex_7060latitude_5290_firmwarelatitude_7424_rugged_extremeinspiron_7710_firmwareoptiplex_7480_all-in-one_firmwareg5_5090_firmwarelatitude_7390vostro_3500g3_15_3590precision_3240_compactxps_13_9315_2-in-1alienware_aurora_r12_firmwarelatitude_3520_firmwareinspiron_5490_aiolatitude_5285_2-in-1_firmwarechengming_3991_firmwareinspiron_16_7630_2-in-1_firmwareprecision_7510vostro_3401vostro_3480_firmwarevostro_7590_firmwareinspiron_14_5418inspiron_7400latitude_9430_firmwareprecision_3650_tower_firmwarelatitude_7389_firmwareoptiplex_7470_all-in-one_firmwarevostro_3510precision_3630_tower_firmwarexps_13_9310_2-in-1inspiron_3581inspiron_5400_firmwarelatitude_5424_ruggedlatitude_5488_firmwareoptiplex_7760_all-in-one_firmwareinspiron_7500_firmwareprecision_3541_firmwareinspiron_5591_2-in-1latitude_7330alienware_x15_r2inspiron_7506_2-in-1latitude_5330_firmwareprecision_3650_towervostro_3881_firmwarevostro_3490_firmwarelatitude_7200_2-in-1latitude_5511_firmwarelatitude_3430_firmwareinspiron_5493optiplex_7410_all-in-oneprecision_3550inspiron_3891_firmwareoptiplex_3090_ultra_firmwarexps_13_7390_2-in-1_firmwareoptiplex_5070_firmwarealienware_aurora_r13inspiron_5501latitude_3390_2-in-1latitude_3310_2-in-1vostro_5501_firmwareoptiplex_3090_ultralatitude_5490vostro_5620_firmwarealienware_m17_r2inspiron_3520_firmwarevostro_3070_firmwareprecision_5720_aio_firmwareinspiron_3020latitude_3190_2-in-1optiplex_7071vostro_3481optiplex_3000_firmwareinspiron_3891xps_13_9305vostro_5310latitude_9410_firmwarevostro_7590latitude_5280_firmwarelatitude_3180inspiron_7300_2-in-1_firmwareinspiron_7706_2-in-1_firmwareinspiron_13_5330_firmwarelatitude_12_rugged_extreme_7214_firmwarelatitude_5300_2-in-1latitude_7424_rugged_extreme_firmwareoptiplex_7090_firmwareoptiplex_3070_firmwarevostro_3020_t_firmwareg15_5511_firmwarelatitude_7410_firmwarevostro_3667alienware_x15_r2_firmwareprecision_3660optiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1vostro_3910inspiron_5491_aioinspiron_3780inspiron_14_5418_firmwarelatitude_7230_rugged_extreme_tablet_firmwarelatitude_rugged_7330_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarelatitude_5430vostro_5090_firmwarexps_13_7390latitude_3530_firmwarelatitude_3400_firmwarevostro_3890latitude_3510chengming_3901_firmwareprecision_3560_firmwareinspiron_3502_firmwareprecision_3520vostro_5401_firmwareinspiron_3880_firmwareinspiron_5310_firmwareinspiron_5501_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareg7_15_7500optiplex_5080_firmwareinspiron_14_5430inspiron_5493_firmwarevostro_3471xps_17_9700_firmwareinspiron_3480_firmwareinspiron_5320alienware_m15_r3vostro_3520_firmwarelatitude_5530_firmwareprecision_5470optiplex_5060_firmwareinspiron_16_5630_firmwareoptiplex_3050_all-in-one_firmwarevostro_16_5630_firmwarevostro_3590optiplex_small_form_factor_plus_7010inspiron_15_5510vostro_5590_firmwareinspiron_16_plus_7620_firmwareprecision_7530_firmwarealienware_m17_r4_firmwarealienware_x17_r1inspiron_3790optiplex_7000chengming_3901vostro_3583_firmwarelatitude_3190_firmwareinspiron_5494optiplex_7460_all-in-one_firmwarexps_8960g3_3779_firmwarexps_13_9300xps_15_9500latitude_5500inspiron_5508_firmwarelatitude_3500_firmwarechengming_3900_firmwarechengming_3991latitude_5288_firmwareinspiron_7501_firmwareinspiron_7500_2-in-1_blackxps_8950_firmwareg15_5510_firmwarevostro_7510_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwarevostro_7510inspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501vostro_5320_firmwareprecision_3450_firmwarechengming_3990precision_3460_small_form_factorinspiron_5301inspiron_7420vostro_3583alienware_x17_r2latitude_5491_firmwarevostro_5880_firmwarexps_17_9710inspiron_3493optiplex_7400precision_5750_firmwareoptiplex_small_form_factor_plus_7010_firmwareoptiplex_3060optiplex_5060latitude_5285_2-in-1optiplex_5000_firmwarechengming_3988_firmwareinspiron_3584latitude_5520latitude_3410_firmwarewyse_5470_all-in-oneinspiron_7510inspiron_7400_firmwareprecision_3530_firmwarelatitude_3320xps_13_9310_2-in-1_firmwarelatitude_5580_firmwarevostro_5320xps_13_9315_2-in-1_firmwarelatitude_3189xps_15_9575_2-in-1_firmwarevostro_3580latitude_13_3380inspiron_24_5421_all-in-one_firmwarelatitude_3430embedded_box_pc_5000inspiron_3020s_firmwarelatitude_3320_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579optiplex_5490_all-in-one_firmwareoptiplex_7080g15_5510inspiron_15_5518alienware_area_51m_r2_firmwarevostro_7500_firmwarealienware_m15_r4_firmwarexps_17_9730latitude_9330inspiron_16_7620_2-in-1_firmwarelatitude_5480inspiron_15_3511inspiron_5310vostro_5510_firmwarelatitude_14_rugged_5414_firmwarelatitude_5424_rugged_firmwarelatitude_rugged_7330chengming_3910_firmwarelatitude_7300_firmwarealienware_x15_r1_firmwarelatitude_5421inspiron_16_5630latitude_9420_firmwareinspiron_24_5420_all-in-onelatitude_5510optiplex_3000g7_17_7700inspiron_5401_aio_firmwareinspiron_24_5421_all-in-onevostro_5300_firmwarewyse_5470optiplex_5090_firmwarevostro_3501_firmwareinspiron_3593_firmwareoptiplex_7780_all-in-one_firmwarevostro_3710_firmwareinspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarealienware_x17_r1_firmwarelatitude_3310_2-in-1_firmwareg7_15_7500_firmwarelatitude_5320latitude_3330latitude_7410inspiron_3590_firmwarelatitude_5501_firmwareprecision_3571xps_13_7390_2-in-1optiplex_3280_all-in-one_firmwarexps_15_9500_firmwarelatitude_5411vostro_3020_sff_firmwarelatitude_12_rugged_extreme_7214precision_7760xps_17_9720_firmwareoptiplex_7450_firmwareinspiron_7306_2-in-1_firmwareoptiplex_7450vostro_3500_firmwareinspiron_3521_firmwarelatitude_7320_detachableg3_3579_firmwarelatitude_9520inspiron_5509latitude_3480_firmwarelatitude_3189_firmwarevostro_3520vostro_3590_firmwareinspiron_5406_2-in-1_firmwareinspiron_5498inspiron_7500_2-in-1_silver_firmwareinspiron_7591_firmwarelatitude_5290inspiron_5300inspiron_7706_2-in-1inspiron_5508latitude_5289_firmwareprecision_5550_firmwarechengming_3980_firmwareprecision_7670inspiron_5491_2-in-1inspiron_24_5420_all-in-one_firmwarelatitude_3120_firmwarelatitude_5590_firmwareinspiron_5590vostro_5490precision_7670_firmwareg15_5530inspiron_5301_firmwarevostro_3267g3_15_3590_firmwareinspiron_3671inspiron_5408_firmwareinspiron_5498_firmwareprecision_3571_firmwareprecision_5540vostro_5490_firmwarevostro_5620inspiron_3480latitude_3490optiplex_3000_thin_client_firmwareprecision_3930_rack_firmwarevostro_3710inspiron_3670latitude_5420inspiron_7300inspiron_3793_firmwareinspiron_5402_firmwareprecision_3430_tower_firmwareoptiplex_7400_firmwareprecision_7560_firmwarelatitude_3300_firmwarexps_15_9530_firmwarexps_17_9730_firmwarelatitude_7400_2-in-1precision_3640_towervostro_5510inspiron_3490precision_7770latitude_7210_2-in-1_firmwarelatitude_rugged_5430_firmwarexps_13_9310latitude_5510_firmwarevostro_3510_firmwareinspiron_3670_firmwareinspiron_5410_firmwarelatitude_7212_rugged_extreme_tabletinspiron_15_5510_firmwareinspiron_14_7430_2-in-1_firmwareinspiron_5408vostro_5410_firmwarevostro_5502_firmwareprecision_3540_firmwareinspiron_3482_firmwarexps_15_9530latitude_5289g3_3500_firmwarelatitude_7430precision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwarelatitude_3410vostro_5402_firmwarelatitude_rugged_7220precision_3420_towerg5_15_5590inspiron_7700_all-in-one_firmwareinspiron_3881optiplex_7490_all-in-one_firmwarexps_13_9380latitude_5531latitude_7414_rugged_extremeprecision_3660_firmwareprecision_3420_tower_firmwarealienware_area_51m_r2chengming_3910vostro_3420inspiron_7500_2-in-1_silverlatitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_3140latitude_3500latitude_5310_firmwareoptiplex_5400_firmwarevostro_3070inspiron_3793inspiron_27_7720_all-in-oneprecision_3430_towerprecision_5520_firmwarealienware_m15_r6vostro_3890_firmwarechengming_3988xps_15_7590latitude_3300latitude_5580precision_3620_tower_firmwarevostro_5590precision_5540_firmwareinspiron_5401_firmwarevostro_5501xps_15_9520xps_8940_firmwareoptiplex_5490_all-in-onelatitude_3120latitude_rugged_7220_firmwareg15_5530_firmwareprecision_3560vostro_3480inspiron_5401_aiog5_15_5500optiplex_5260_all-in-one_firmwarelatitude_rugged_7220exinspiron_5509_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwareoptiplex_7410_all-in-one_firmwarevostro_3582_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_14_5430_firmwareinspiron_5598_firmwarevostro_3470optiplex_3070inspiron_3280vostro_3910_firmwarelatitude_7290_firmwareprecision_5770chengming_3911precision_7530vostro_7620inspiron_5391_firmwareinspiron_5502_firmwareinspiron_5320_firmwarexps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareinspiron_14_plus_7420_firmwareg15_5520inspiron_5409_firmwarexps_13_9380_firmwarelatitude_7490latitude_5288optiplex_7060_firmwareprecision_3240_compact_firmwarelatitude_5521_firmwareg3_3779inspiron_5401optiplex_5250vostro_3582vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwareCPG BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2021-41133
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.06% / 19.11%
||
7 Day CHG~0.00%
Published-08 Oct, 2021 | 00:00
Updated-04 Aug, 2024 | 02:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sandbox bypass via recent VFS-manipulating syscalls

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host-OS services into treating the Flatpak app as though it was an ordinary, non-sandboxed host-OS process. They can do this by manipulating the VFS using recent mount-related syscalls that are not blocked by Flatpak's denylist seccomp filter, in order to substitute a crafted `/.flatpak-info` or make that file disappear entirely. Flatpak apps that act as clients for AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can escalate the privileges that the corresponding services will believe the Flatpak app has. Note that protocols that operate entirely over the D-Bus session bus (user bus), system bus or accessibility bus are not affected by this. This is due to the use of a proxy process `xdg-dbus-proxy`, whose VFS cannot be manipulated by the Flatpak app, when interacting with these buses. Patches exist for versions 1.10.4 and 1.12.0, and as of time of publication, a patch for version 1.8.2 is being planned. There are no workarounds aside from upgrading to a patched version.

Action-Not Available
Vendor-flatpakflatpakflatpakDebian GNU/LinuxFedora Project
Product-fedoradebian_linuxflatpakflatpakfedoradebian_linuxflatpak
CWE ID-CWE-20
Improper Input Validation
CVE-2017-16237
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 56.36%
||
7 Day CHG~0.00%
Published-03 Nov, 2017 | 05:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Vir.IT eXplorer Anti-Virus before 8.5.42, the driver file (VIAGLT64.SYS) contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8273007C.

Action-Not Available
Vendor-tgsoftn/a
Product-vir.it_explorern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-3951
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.06% / 19.26%
||
7 Day CHG~0.00%
Published-05 Jun, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path beginning with the stack-guard= substring, as demonstrated by an iOS untethering attack or an attack against a setuid Mac OS X program.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xiphone_oswatchosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-5680
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 22.65%
||
7 Day CHG~0.00%
Published-19 Jul, 2019 | 19:57
Updated-04 Aug, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In NVIDIA Jetson TX1 L4T R32 version branch prior to R32.2, Tegra bootloader contains a vulnerability in nvtboot in which the nvtboot-cpu image is loaded without the load address first being validated, which may lead to code execution, denial of service, or escalation of privileges.

Action-Not Available
Vendor-NVIDIA Corporation
Product-jetson_tx1jetson_tx1_firmwareNVIDIA Jetson TX1
CWE ID-CWE-20
Improper Input Validation
CVE-2019-1839
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 28.35%
||
7 Day CHG~0.00%
Published-21 Aug, 2019 | 18:10
Updated-20 Nov, 2024 | 17:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Remote PHY Device Software Command Injection Vulnerability

A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attacker who has valid administrator access to an affected device could exploit this vulnerability by supplying various CLI commands with crafted arguments. A successful exploit could allow the attacker to run arbitrary commands as the root user, allowing complete compromise of the system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-cbr-8_firmwareremote_phy_120remote_phy_120_firmwareremote_phy_shelf_7200_firmwareremote_phy_220_firmwarecbr-8remote_phy_220remote_phy_shelf_7200Cisco Remote PHY
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-15845
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.70%
||
7 Day CHG~0.00%
Published-10 Jan, 2018 | 22:00
Updated-16 Sep, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an invalid input of firmware size (negative value) from user space can potentially lead to the memory leak or buffer overflow during the WLAN cal data store operation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2017-16837
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.27%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 02:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain function pointers in Trusted Boot (tboot) through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module (TPM) by hooking these function pointers.

Action-Not Available
Vendor-trusted_boot_projectn/a
Product-trusted_bootn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-1819
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.05% / 15.78%
||
7 Day CHG~0.00%
Published-06 Mar, 2013 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel before 3.7.6 does not validate block numbers, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the ability to mount an XFS filesystem containing a metadata inode with an invalid extent map.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-39763
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.99%
||
7 Day CHG~0.00%
Published-30 Mar, 2022 | 16:02
Updated-04 Aug, 2024 | 02:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Settings, there is a possible way to make the user enable WiFi due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-199176115

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2006-4541
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.34% / 55.93%
||
7 Day CHG~0.00%
Published-05 Sep, 2006 | 23:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected.

Action-Not Available
Vendor-issn/a
Product-blackice_pc_protectionn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-3970
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.44% / 62.30%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 20:30
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models BIOS may allow an attacker with local access and elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-l340-17irh_firmwareideapad_3-17ada05_firmwarev14_g2-itl_firmwareideapad_3-17itl6legion_5-15ith6hideapad_3-14ada05legion_y545_firmwarelegion_5-15imh6s145-15api_firmwareslim_9-14itl05slim_7_pro-14ihu5legion_y545ideapad_3-17itl6_firmwareyoga_slim_7_pro-14ihu5_olegion_5-17ach6legion_5-15ith6h_firmwarel340-17iwlyoga_c740-14imllegion_5_pro-16ith6legion_5-17ith6hyoga_slim_7_pro-14itl5ideapad_3-17are05_firmwares145-14ast_firmwares145-14iil_firmwarelegion_5-15ach6alegion_5-17ith6_firmwareyoga_slim_9-14itl05_firmwarelegion_y540-15irh-pg0ideapad_3-14igl05_firmwarev14-ada_firmwareideapad_3-14itl05_firmwareyoga_slim_7_pro-14ach5_od_firmwareideapad_3-14iml05_firmwarelegion_5-15imh6_firmwarev140-15iwl_firmwarev14-iilyoga_c940-14iillegion_5_pro-16ach6h_firmwares145-14igmslim_7_pro-14ihu5_firmwarelegion_5-17ach6h_firmwarev15_g1-imlv17-iils540-13iml_firmwareideapad_3-17alc6v14-iil_firmwarelegion_y540-17irhl340-15irhideapad_3-17iml05ideapad_3-17iil05_firmwares540-13api_firmwarev340-17iwlideapad_3-15igl05s145-14igm_firmwareyoga_slim_7_pro-14itl5_firmwares145-15ast_firmwareideapad_5-15are05_firmwareideapad_3-15itl6ideapad_3-15alc6yoga_7-14acn6_firmwareideapad_3-15ada05legion_y540-17irh_firmwareideapad_3-17are05ideapad_3-15ada6legion_5-15ach6legion_7-16ithg6_firmwarelegion_5-15ach6h_firmwareideapad_3-17ada6_firmwareideapad_3-17ada05l3-15itl6_firmwareideapad_3-14iml05yoga_slim_7_pro-14ihu5_o_firmwarev14-ares145-15astyoga_c740-15imls145-15igmv17_g2-itlideapad_3-15iml05s145-15iill340-15iwl_touchlegion_s7-15ach6_firmwareyoga_slim_7_pro-14ach5_firmwareyoga_slim_7_pro-14ach5_oideapad_3-15iil05_firmwarev15_g2-alc_firmwarelegion_5_pro-16ach6legion_y540-15irh_firmwares145-15apiv15_g2-itl_firmwarev14_g1-imllegion_5_pro-16ith6hl340-17irhyoga_slim_7_pro-14ach5_dyoga_slim_7_pro-14ach5ideapad_3-14are05_firmwareideapad_3-14alc6_firmwarelegion_5_pro-16ach6_firmwarev140-15iwllegion_y545-pg0ideapad_3-14igl05l3_15iml05v15-igl_firmwareideapad_gaming_3-15imh05_firmwareideapad_3-15itl05legion_7-16ithg6ideapad_3-15iml05_firmwarelegion_5-17ach6hl340-15iwl_touch_firmwarev15-iillegion_s7-15ach6ideapad_3-15iil05ideapad_3-14ada6ideapad_3-15ada6_firmwareideapad_3-17iml05_firmwarel340-15iwl_firmwarev14-igl_firmwareideapad_3-17ada6legion_5-15ach6a_firmwareyoga_c740-14iml_firmwarev15-ada_firmwareideapad_3-14are05legion_5-17ith6legion_5_pro-16ach6hv14_g2-acllegion_5-17ach6_firmwarelegion_y540-15irh-pg0_firmwareyoga_slim_7_pro-14arh5v15_g2-itlyoga_7-14acn6legion_5-17ith6h_firmwarelegion_5_pro-16ith6h_firmwarelegion_y7000-2019-pg0ideapad_3-14itl6ideapad_gaming_3-15imh05ideapad_3-15are05s540-13imlv15-adas14_g2_itls145-15igm_firmwareideapad_creator_5-15imh05yoga_slim_7_pro-14ach5_odv15_g1-iml_firmwarev15-iglideapad_5-15iil05_firmwarelegion_5-15ith6v17-iil_firmwarev17_g2-itl_firmwareyoga_slim_9-14itl05ideapad_gaming_3-15arh05_firmwarelegion_y540-17irh-pg0_firmwareideapad_3-15are05_firmwareyoga_slim_7_pro-14ach5_d_firmwarel340-15iwlideapad_3-15igl05_firmwareideapad_3-15itl05_firmwareideapad_5-15iil05s145-14api_firmwarelegion_y7000-2019-pg0_firmwarelegion_y545-pg0_firmwareyoga_slim_7_pro-14ach5_o_firmwarev14_g1-iml_firmwarelegion_y7000-2019_firmwareyoga_slim_7_pro-14arh5_firmwares145-14iilideapad_3-14alc6s145-15iil_firmwareslim_9-14itl05_firmwarev14-iglideapad_3-15itl6_firmwarev14_g2-itll340-17iwl_firmwares145-14astv15_g2-alcv15-iil_firmwareyoga_slim_7_pro-14ihu5ideapad_3-14itl6_firmwareideapad_5-15are05legion_y540-17irh-pg0legion_5-15ith6_firmwares14_g2_itl_firmwarel3_15iml05_firmwares145-14apiideapad_3-14ada05_firmwarev14-adav14_g2-acl_firmwareideapad_3-15alc6_firmwarev14-are_firmwareideapad_3-14ada6_firmwarev340-17iwl_firmwareideapad_3-17alc6_firmwareideapad_3-17iil05ideapad_3-15ada05_firmwareideapad_3-14iil05ideapad_3-14iil05_firmwareideapad_creator_5-15imh05_firmwareideapad_gaming_3-15arh05legion_y7000-2019yoga_c940-14iil_firmwareideapad_3-14itl05legion_y540-15irhl3-15itl6legion_5-15ach6_firmwares540-13apilegion_7-16achg6_firmwareyoga_c740-15iml_firmwareyoga_slim_7_pro-14ihu5_firmwarel340-15irh_firmwarelegion_5-15ach6hlegion_5_pro-16ith6_firmwarelegion_7-16achg6Notebook BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2019-4620
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.04% / 12.00%
||
7 Day CHG~0.00%
Published-28 Jan, 2020 | 18:30
Updated-17 Sep, 2024 | 03:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM MQ Appliance 8.0 and 9.0 LTS could allow a local attacker to bypass security restrictions caused by improper validation of environment variables. IBM X-Force ID: 168863.

Action-Not Available
Vendor-IBM Corporation
Product-mq_applianceMQ Appliance
CWE ID-CWE-20
Improper Input Validation
CVE-2021-3843
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 9.83%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 22:05
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability in the SMI function to access EEPROM in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkpad_l15_gen_1thinkpad_x380_yogathinkpad_11e_4th_gen_i7_firmwarethinkpad_11e_4th_gen_celeron_firmwarethinkpad_t460_firmwarethinkpad_x260_firmwarethinkpad_x390_yoga_firmwarethinkpad_11e_4th_gen_i3_firmwarethinkpad_l380_firmwarethinkpad_l390thinkpad_11e_4th_gen_celeronthinkpad_l15_gen_1_firmwarethinkpad_11e_4th_gen_i3thinkpad_l14_gen_1thinkpad_l380thinkpad_11e_5th_genthinkpad_x1_fold_gen_1thinkpad_l390_yogathinkpad_11e_3rd_genthinkpad_s2_yoga_gen_6_firmwarethinkpad_x390_yogathinkpad_l15_firmwarethinkpad_s5_2nd_gen_firmwarethinkpad_x12_detachable_gen_1thinkpad_11e_5th_gen_firmwarethinkpad_x12_detachable_gen_1_firmwarethinkpad_l13_yoga_gen_2thinkpad_l13_firmwarethinkpad_l380_yogathinkpad_s5_2nd_genthinkpad_l14_gen_1_firmwarethinkpad_x1_fold_gen_1_firmwarethinkpad_l14thinkpad_l13thinkpad_l390_firmwarethinkpad_l13_yoga_gen_2_firmwarethinkpad_l14_firmwarethinkpad_t460thinkpad_l390_yoga_firmwarethinkpad_13_gen_2thinkpad_l15thinkpad_l13_gen_2_firmwarethinkpad_s2_yoga_gen_6thinkpad_x380_yoga_firmwarethinkpad_11e_4th_gen_i7thinkpad_l13_gen_2thinkpad_l380_yoga_firmwarethinkpad_11e_4th_gen_i5thinkpad_s2_gen_6thinkpad_11e_3rd_gen_firmwarethinkpad_x260thinkpad_l13_yogathinkpad_11e_yoga_gen_6_firmwarethinkpad_11e_4th_gen_i5_firmwarethinkpad_s2_gen_6_firmwarethinkpad_11e_yoga_gen_6thinkpad_yoga_370thinkpad_13_gen_2_firmwarethinkpad_l13_yoga_firmwareThinkPad BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2021-38304
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.62%
||
7 Day CHG~0.00%
Published-17 Sep, 2021 | 15:51
Updated-04 Aug, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the National Instruments NI-PAL driver in versions 20.0.0 and prior may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-nin/a
Product-ni-paln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-3719
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 9.83%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 22:05
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability in the SMI callback function that saves and restore boot script tables used for resuming from sleep state in some ThinkCentre and ThinkStation models may allow an attacker with local access and elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkcentre_m4500q_firmwarethinkcentre_m8500t\/sthinkcentre_m83thinkcentre_m800thinkcentre_m6500t\/s_firmwarethinkcentre_m900thinkcentre_m818z_firmwarethinkcentre_m73pthinkstation_p900thinkcentre_m900x_firmwarethinkcentre_m93p_firmwarethinkcentre_m93thinkcentre_m818zthinkcentre_m700_tinythinkstation_p500thinkcentre_m8500t\/s_firmwarethinkcentre_m6500t\/sthinkcentre_m93_firmwarethinkcentre_e93_firmwarethinkstation_p700_firmwarethinkcentre_m73p_firmwarethinkcentre_m73thinkcentre_x1thinkstation_p700thinkstation_p900_firmwarethinkcentre_m4500qthinkcentre_m73_firmwarethinkcentre_m93pthinkstation_p500_firmwarethinkcentre_m800_firmwarethinkcentre_e93thinkcentre_m900xthinkcentre_m83_firmwarethinkcentre_x1_firmwarethinkcentre_m700_tiny_firmwarethinkcentre_m600_firmwarethinkstation_p300thinkstation_p300_firmwarethinkcentre_m600thinkcentre_m900_firmwareThinkCentre and ThinkStation BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2012-3409
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 23.09%
||
7 Day CHG~0.00%
Published-20 Dec, 2019 | 13:33
Updated-06 Aug, 2024 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation

Action-Not Available
Vendor-ecryptfsecryptfs-utilsDebian GNU/Linux
Product-ecryptfs-utilsdebian_linuxecryptfs-utils
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 11
  • 12
  • Next
Details not found