Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-33964

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-16 Feb, 2023 | 20:00
Updated At-27 Jan, 2025 | 18:18
Rejected At-
Credits

Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:16 Feb, 2023 | 20:00
Updated At:27 Jan, 2025 | 18:18
Rejected At:
▼CVE Numbering Authority (CNA)

Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Affected Products
Vendor
n/a
Product
Intel(R) SUR software
Default Status
unaffected
Versions
Affected
  • before version 2.4.8902
Problem Types
TypeCWE IDDescription
N/AN/Aescalation of privilege
Type: N/A
CWE ID: N/A
Description: escalation of privilege
Metrics
VersionBase scoreBase severityVector
3.17.4HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
Version: 3.1
Base score: 7.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html
N/A
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html
x_transferred
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:16 Feb, 2023 | 21:15
Updated At:27 Feb, 2023 | 19:04

Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.4HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
CPE Matches
Intel Corporation
intel
>>system_usage_report>>Versions before 2.4.8902(exclusive)
cpe:2.3:a:intel:system_usage_report:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.htmlsecure@intel.com
Patch
Vendor Advisory
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html
Source: secure@intel.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

769Records found
CVE-2018-12188
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.11% / 30.73%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-17 Sep, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access.

Action-Not Available
Vendor-Intel Corporation
Product-converged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology
CWE ID-CWE-20
Improper Input Validation
CVE-2021-44545
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.12% / 32.10%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 00:00
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wi-fi_6e_ax411_firmwarewi-fi_6e_ax211_firmwarekiller_wi-fi_6_ax1650killer_ac_1550_firmwarewi-fi_6_ax200_firmwarewi-fi_6_ax201_firmwarewi-fi_6e_ax411proset_wi-fi_6e_ax210killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwarekiller_wi-fi_6_ax1650_firmwarekiller_wi-fi_6e_ax1675killer_wi-fi_6e_ax1690wi-fi_6_ax200wi-fi_6_ax201killer_wi-fi_6e_ax1690_firmwarekiller_ac_1550wi-fi_6e_ax211Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products
CWE ID-CWE-20
Improper Input Validation
CVE-2021-33098
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 19.66%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:12
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_500_series_controllers_driverethernet_connection_x540ethernet_connection_x557ethernet_connection_x550Intel(R) Ethernet ixgbe driver for Linux
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5699
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.19%
||
7 Day CHG~0.00%
Published-18 Jan, 2018 | 02:00
Updated-16 Sep, 2024 | 17:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Input validation error in Intel MinnowBoard 3 Firmware versions prior to 0.65 allow local attacker to cause denial of service via UEFI APIs.

Action-Not Available
Vendor-Intel Corporation
Product-minnowboard_3_firmwareminnowboard_3MinnowBoard 3
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5695
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.05% / 13.90%
||
7 Day CHG~0.00%
Published-09 Aug, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Data corruption vulnerability in firmware in Intel Solid-State Drive Consumer, Professional, Embedded, Data Center affected firmware versions LSBG200, LSF031C, LSF036C, LBF010C, LSBG100, LSF031C, LSF036C, LBF010C, LSF031P, LSF036P, LBF010P, LSF031P, LSF036P, LBF010P, LSMG200, LSF031E, LSF036E, LSMG100, LSF031E, LSF036E, LSDG200, LSF031D, LSF036D allows local users to cause a denial of service via unspecified vectors.

Action-Not Available
Vendor-Intel Corporation
Product-ssd_540s_2.5\"_firmwaressd_540s_2.5\"ssd_pro_5400s_m.2_firmwaressd_e_5400s_2.5\"ssd_540s_series_m.2_firmwaressd_pro_5400s_2.5\"ssd_pro_5400s_2.5\"_firmwaressd_dc_s3100_firmwaressd_pro_5400s_m.2ssd_dc_s3100ssd_e_5400s_m.2_firmwaressd_e_5400s_m.2ssd_540s_m.2ssd_e_5400s_2.5\"_firmwareSolid-State Drive Consumer, Professional, Embedded, Data Center
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5721
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-6.66% / 90.84%
||
7 Day CHG~0.00%
Published-11 Oct, 2017 | 00:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory.

Action-Not Available
Vendor-Intel Corporation
Product-nuc7i3bnhnuc7i3bnk_firmwarenuc7i3bnh_firmwarenuc7i3bnknuc7i7bnh_firmwarenuc7i7bnhnuc7i5bnknuc7i5bnh_firmwarenuc7i5bnhnuc7i5bnk_firmwareNUC Kits
CWE ID-CWE-20
Improper Input Validation
CVE-2024-22476
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-10||CRITICAL
EPSS-62.36% / 98.30%
||
7 Day CHG+0.15%
Published-16 May, 2024 | 20:46
Updated-01 Aug, 2024 | 22:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially enable escalation of privilege via remote access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) Neural Compressor softwareneural_compressor_software
CWE ID-CWE-20
Improper Input Validation
CVE-2022-32766
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 15.25%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_stick_stk2mv64cccompute_stick_stk2mv64cc_firmwareIntel(R) BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2021-26251
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.15% / 36.36%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Toolkit may allow an authenticated user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-openvinoIntel(R) Distribution of OpenVINO(TM) Toolkit
CWE ID-CWE-20
Improper Input Validation
CVE-2022-32577
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-3.4||LOW
EPSS-0.05% / 14.93%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in BIOS Firmware for some Intel(R) NUC Kits before version PY0081 may allow a privileged user to potentially enable information disclosure or denial of service via local access

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc5pgyhnuc5cpyhnuc5ppyhnuc5ppyh_firmwarenuc5cpyh_firmwarenuc5pgyh_firmwareIntel(R) NUC Kits
CWE ID-CWE-20
Improper Input Validation
CVE-2022-38102
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.2||HIGH
EPSS-0.01% / 1.63%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:36
Updated-13 Feb, 2025 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-celeron_n3010atom_x6212receleron_j1750atom_x6211eceleron_n2840atom_x6214repentium_j6426celeron_n2808pentium_j2850celeron_j4025celeron_n2910pentium_j4205celeron_n2930h570pentium_n3510celeron_j6413c256celeron_n3350hm570celeron_n3050celeron_j1850celeron_n6210pentium_n3700w680celeron_n2920atom_x6413eceleron_n3000celeron_n2807pentium_n3520atom_x6425eceleron_n2815pentium_j3710pentium_j2900q570qm580celeron_j3060h510c252q670eceleron_n3160celeron_n6211converged_security_management_engine_firmwareceleron_n2940h670rm590eceleron_n5105pentium_n3530celeron_j3455pentium_n3540z690celeron_n4000celeron_j3455eceleron_n2830pentium_n4200eceleron_n4500atom_x6425receleron_n2820wm690pentium_n6415atom_x6427feceleron_n3450qm580eceleron_n5100h610celeron_n4020celeron_j4105pentium_n3710celeron_j3160celeron_j6412celeron_n3150b560celeron_n2810celeron_n4100celeron_j1800atom_x6200feceleron_n2805atom_x6416receleron_n2806celeron_j1900celeron_n3060z590r680eq670celeron_n4505h610ewm590celeron_j4005b660hm670celeron_j3355pentium_n4200celeron_n4120celeron_n3350ew580celeron_j3355eatom_x6414receleron_j4125hm570eIntel(R) Converged Security and Management Engine
CWE ID-CWE-20
Improper Input Validation
CVE-2022-38099
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.04% / 9.57%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in BIOS firmware for some Intel(R) NUC 11 Compute Elements before version EBTGL357.0065 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc11dbbi7_firmwarenuc_11_compute_element_cm11ebc4wnuc_11_compute_element_cm11ebi38wnuc11dbbi9nuc_11_compute_element_cm11ebi716wnuc_11_compute_element_cm11ebv58w_firmwarenuc_11_compute_element_cm11ebv716wnuc_11_compute_element_cm11ebi58w_firmwarenuc_11_compute_element_cm11ebi58wnuc_11_compute_element_cm11ebc4w_firmwarenuc_11_compute_element_cm11ebv58wnuc11dbbi7nuc_11_compute_element_cm11ebi38w_firmwarenuc11dbbi9_firmwarenuc_11_compute_element_cm11ebi716w_firmwarenuc_11_compute_element_cm11ebv716w_firmwareIntel(R) NUC 11 Compute Elements
CWE ID-CWE-20
Improper Input Validation
CVE-2022-36392
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.6||HIGH
EPSS-0.11% / 30.60%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:36
Updated-13 Feb, 2025 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-z370core_i7-8705gcore_i7-8665uz270core_i3-8300tw480core_i7-8706gh420ehm170z170cm246x299core_i5-8500bhm570core_i5-8400hcore_i5-8269ucore_i7-8700core_i5-8400wm490core_i7-8086kceleron_4305ucore_i5-8257ucore_i7-8700kq570q670eh370converged_security_management_engine_firmwareq150h670core_i3-8145uceleron_4205ucore_i5-8279uw480ecore_i3-8109ucore_i7-8565uc246core_i5-8250ucm236b365hm370hm175core_i5-8259uqm170hm470r680eceleron_4305uecore_i5-8400bcore_i3-8140ucore_m3-8100ycore_i3-8100hhm670q170b460h110core_i5-8350uw580q270c236core_i5-8600hm570ecore_i7-8550ucore_i5-8500tcore_i5-8260ucore_i3-8100c422qm175h410h570b250core_i9-8950hkcore_i7-8850hqm480w680core_i7-8500yh270core_i5-8600kq470b360core_i5-8400tcore_i7-8750hqm580core_i5-8365ucore_i7\+8700b150h510core_i5-8210yrm590ecore_i5-8365uecore_i7-8665uez690q470ecore_i3-8300core_i5-8200ywm690core_i5-8310yqm580eq370core_i7-8809gh610core_i3-8145uecore_i5-8500qm370core_i7-8700bcore_i7-8709gb560core_i7-8569uq250z490core_i5-8265ucore_i3-8100tz590q670h610eh170pentium_gold_5405uh310wm590core_i7-8557ub660core_i3-8100bcore_i7-8700tcore_i3-8350kcore_i5-8300hc232core_i5-8600tcore_i5-8305gcm238core_i7-8559ucore_i7-8650uz390c420core_i3-8130uh470c242Intel(R) AMT and Intel(R) Standard Manageability in Intel (R) CSMEintel_and_intel_standard_manageability_in_intel_csme
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CWE ID-CWE-20
Improper Input Validation
CVE-2022-34657
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6||MEDIUM
EPSS-0.03% / 6.65%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:36
Updated-02 Oct, 2024 | 14:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) PCSD BIOS before version 02.01.0013 may allow a privileged user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-r2308wftzsr2208wf0zsr1208wftysrr2208wftzspcsd_biosr1304wftysrr2312wf0nps2600wfqrr2208wf0zsrr1208wftysr2208wftzsrr1304wf0ysr2312wf0nprr1208wfqysrr2224wftzsrr2208wfqzsrs2600wftrr2224wftzsr2312wftzsrr2308wftzsrs2600wf0r1304wftysr2224wfqzss2600wfqr2208wfqzss2600wf0rr1304wf0ysrs2600wfts2600wftfr2312wfqzsr2312wftzsIntel(R) PCSD BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2022-34345
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.07% / 21.58%
||
7 Day CHG+0.01%
Published-18 Aug, 2022 | 20:05
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-lapbc710lapbc510lapbc710_firmwarelapbc510_firmwareIntel(R) NUC Laptop Kits
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33190
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.1||HIGH
EPSS-0.06% / 17.03%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_usage_reportIntel(R) SUR software
CWE ID-CWE-20
Improper Input Validation
CVE-2022-29494
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.12% / 31.77%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for OpenBMC in some Intel(R) platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_gold_6330hxeon_platinum_8368qopenbmcxeon_platinum_8358xeon_gold_5318hxeon_gold_5315yxeon_silver_4310xeon_platinum_8376hlxeon_gold_5317xeon_gold_5320hxeon_platinum_8362xeon_gold_5320xeon_gold_6334xeon_platinum_8360yxeon_platinum_8354hxeon_platinum_8356hxeon_platinum_8380hxeon_gold_6338xeon_platinum_8360hlxeon_gold_6338txeon_gold_6346c627axeon_gold_6342xeon_platinum_8376hc621axeon_gold_5318sxeon_gold_6330xeon_platinum_8352yxeon_silver_4309yxeon_gold_6338nxeon_platinum_8368xeon_gold_5320txeon_gold_6314uxeon_platinum_8352sxeon_gold_5318yxeon_gold_6326xeon_platinum_8360hxeon_silver_4310txeon_gold_6312uxeon_gold_6328hc741xeon_platinum_8380xeon_gold_6348xeon_gold_6354xeon_gold_6330nxeon_silver_4316xeon_platinum_8351nxeon_gold_6328hlxeon_platinum_8352mc629axeon_gold_5318nxeon_platinum_8353hxeon_platinum_8358pxeon_platinum_8380hlxeon_silver_4314xeon_gold_6348hxeon_platinum_8352vxeon_gold_6336yOpenBMC
CWE ID-CWE-20
Improper Input Validation
CVE-2021-33155
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.10% / 28.66%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ax211ac_9560_firmwareax200_firmwareac_9461ax210_firmwareac_8260ax201ax200ac_1550ac_3165ac_9461_firmwareax211_firmwareax1675_firmwareax210ac_9560ac3168_firmwareac_8265ac_3165_firmwareac_9462_firmwareax1675ac_9260ac_8260_firmwareac_7265_firmwareac_1550_firmwareax1650ac3168ac_9260_firmwareax1650_firmwareac_7265ac_8265_firmwareax201_firmwareac_9462Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0174
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.15% / 36.54%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Use of Validation Framework in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset_ac_3165amt_wi-fi_6_ax201proset_ac_9462amt_ac_9560_firmwareproset_ac_8265killer_wi-fi_6_ax1650amt_wi-fi_6_ax201_firmwareproset_ac_3165_firmwareamt_ac_8265_firmwareproset_ac_8260proset_ac_9461_firmwareproset_wi-fi_6_ax201_firmwareproset_wi-fi_6e_ax210proset_wireless_7265_\(rev_d\)_firmwareamt_wi-fi_6_ax210_firmwareproset_wi-fi_6_ax200_firmwarekiller_wi-fi_6_ax1650_firmwareproset_wi-fi_6_ax200proset_ac_9461proset_ac_8260_firmwareamt_wi-fi_6_ax200amt_wi-fi_6_ax210amt_ac_8260_firmwareamt_ac_8260killer_ac_1550_firmwareamt_ac_9260_firmwareproset_ac_8265_firmwareproset_wireless_7265_\(rev_d\)proset_ac_9462_firmwareproset_wi-fi_6_ax201killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwareproset_ac_9260killer_wi-fi_6e_ax1675proset_ac_9560amt_wi-fi_6_ax200_firmwareamt_ac_9260proset_ac_9260_firmwareamt_ac_8265amt_ac_9560proset_ac_9560_firmwarekiller_ac_1550proset_ac_3168proset_ac_3168_firmwareIntel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0165
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.15% / 36.54%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset_ac_3165amt_wi-fi_6_ax201proset_ac_9462amt_ac_9560_firmwareproset_ac_8265killer_wi-fi_6_ax1650amt_wi-fi_6_ax201_firmwareproset_ac_3165_firmwareamt_ac_8265_firmwareproset_ac_8260proset_ac_9461_firmwareproset_wi-fi_6_ax201_firmwareproset_wi-fi_6e_ax210proset_wireless_7265_\(rev_d\)_firmwareamt_wi-fi_6_ax210_firmwareproset_wi-fi_6_ax200_firmwarekiller_wi-fi_6_ax1650_firmwareproset_wi-fi_6_ax200proset_ac_9461proset_ac_8260_firmwareamt_wi-fi_6_ax200amt_wi-fi_6_ax210amt_ac_8260_firmwareamt_ac_8260killer_ac_1550_firmwareamt_ac_9260_firmwareproset_ac_8265_firmwareproset_wireless_7265_\(rev_d\)proset_ac_9462_firmwareproset_wi-fi_6_ax201killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwareproset_ac_9260killer_wi-fi_6e_ax1675proset_ac_9560amt_wi-fi_6_ax200_firmwareamt_ac_9260proset_ac_9260_firmwareamt_ac_8265amt_ac_9560proset_ac_9560_firmwarekiller_ac_1550proset_ac_3168proset_ac_3168_firmwareIntel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 and 11
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0183
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.18% / 39.79%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Validation of Specified Index, Position, or Offset in Input in software for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset_ac_3165amt_wi-fi_6_ax201proset_ac_9462amt_ac_9560_firmwareproset_ac_8265killer_wi-fi_6_ax1650amt_wi-fi_6_ax201_firmwareproset_ac_3165_firmwareamt_ac_8265_firmwareproset_ac_8260proset_ac_9461_firmwareproset_wi-fi_6_ax201_firmwareproset_wi-fi_6e_ax210proset_wireless_7265_\(rev_d\)_firmwareamt_wi-fi_6_ax210_firmwareproset_wi-fi_6_ax200_firmwarekiller_wi-fi_6_ax1650_firmwareproset_wi-fi_6_ax200proset_ac_9461proset_ac_8260_firmwareamt_wi-fi_6_ax200amt_wi-fi_6_ax210amt_ac_8260_firmwareamt_ac_8260killer_ac_1550_firmwareamt_ac_9260_firmwareproset_ac_8265_firmwareproset_wireless_7265_\(rev_d\)proset_ac_9462_firmwareproset_wi-fi_6_ax201killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwareproset_ac_9260killer_wi-fi_6e_ax1675proset_ac_9560amt_wi-fi_6_ax200_firmwareamt_ac_9260proset_ac_9260_firmwareamt_ac_8265amt_ac_9560proset_ac_9560_firmwarekiller_ac_1550proset_ac_3168proset_ac_3168_firmwareIntel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0079
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 21.02%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:39
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in software for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi in Windows 10 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ax1650ax1675_firmwareac_9462ac_8265ac_3165_firmwareac_9560_firmwareac_8265_firmwareax1675ax200ac_3165ac_9461ac_8260ac_9260ax1650_firmwareac_9461_firmwareac_9462_firmwareac_3168ac_9560ax200_firmware7265_firmwareac1550_firmwareac_3168_firmwareax201ax210_firmwareax201_firmwareac_9260_firmwareac1550ac_8260_firmwareax2107265Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi in Windows 10
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0070
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.11% / 30.57%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:00
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable an escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-efi_bios_7215server_board_m10jnp2sbIntel(R) Server Board M10JNP2SB
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0084
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.87%
||
7 Day CHG~0.00%
Published-11 Aug, 2021 | 12:48
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) Ethernet Controllers X722 and 800 series Linux RMDA driver before version 1.3.19 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-x722da2_firmwarex722da4fhethernet_controller_e810x722da4fh_firmwareethernet_controller_e810_firmwarex722da4g1p5_firmwarex722da4g1p5x722da2Intel(R) Ethernet Controllers X722 and 800 series Linux RMDA driver
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0168
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.72%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset_ac_3165amt_wi-fi_6_ax201proset_ac_9462amt_ac_9560_firmwareproset_ac_8265killer_wi-fi_6_ax1650amt_wi-fi_6_ax201_firmwareproset_ac_3165_firmwareamt_ac_8265_firmwareproset_ac_8260proset_ac_9461_firmwareproset_wi-fi_6_ax201_firmwareproset_wi-fi_6e_ax210proset_wireless_7265_\(rev_d\)_firmwareamt_wi-fi_6_ax210_firmwareproset_wi-fi_6_ax200_firmwarekiller_wi-fi_6_ax1650_firmwareproset_wi-fi_6_ax200proset_ac_9461proset_ac_8260_firmwareamt_wi-fi_6_ax200amt_wi-fi_6_ax210amt_ac_8260_firmwareamt_ac_8260killer_ac_1550_firmwareamt_ac_9260_firmwareproset_ac_8265_firmwareproset_wireless_7265_\(rev_d\)proset_ac_9462_firmwareproset_wi-fi_6_ax201killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwareproset_ac_9260killer_wi-fi_6e_ax1675proset_ac_9560amt_wi-fi_6_ax200_firmwareamt_ac_9260proset_ac_9260_firmwareamt_ac_8265amt_ac_9560proset_ac_9560_firmwarekiller_ac_1550proset_ac_3168proset_ac_3168_firmwareIntel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0199
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 12.16%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:17
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the firmware for the Intel(R) Ethernet Network Controller E810 before version 1.6.0.6 may allow a privileged user to potentially enable a denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_controller_e810-cam1_firmwareethernet_network_controller_e810-cam1ethernet_network_controller_e810-cam2_firmwareethernet_network_controller_e810-xxvam2ethernet_network_controller_e810-cam2ethernet_network_controller_e810-xxvam2_firmwareIntel(R) Ethernet Network Controller E810
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0178
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.15% / 36.54%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset_ac_3165amt_wi-fi_6_ax201proset_ac_9462amt_ac_9560_firmwareproset_ac_8265killer_wi-fi_6_ax1650amt_wi-fi_6_ax201_firmwareproset_ac_3165_firmwareamt_ac_8265_firmwareproset_ac_8260proset_ac_9461_firmwareproset_wi-fi_6_ax201_firmwareproset_wi-fi_6e_ax210proset_wireless_7265_\(rev_d\)_firmwareamt_wi-fi_6_ax210_firmwareproset_wi-fi_6_ax200_firmwarekiller_wi-fi_6_ax1650_firmwareproset_wi-fi_6_ax200proset_ac_9461proset_ac_8260_firmwareamt_wi-fi_6_ax200amt_wi-fi_6_ax210amt_ac_8260_firmwareamt_ac_8260killer_ac_1550_firmwareamt_ac_9260_firmwareproset_ac_8265_firmwareproset_wireless_7265_\(rev_d\)proset_ac_9462_firmwareproset_wi-fi_6_ax201killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwareproset_ac_9260killer_wi-fi_6e_ax1675proset_ac_9560amt_wi-fi_6_ax200_firmwareamt_ac_9260proset_ac_9260_firmwareamt_ac_8265amt_ac_9560proset_ac_9560_firmwarekiller_ac_1550proset_ac_3168proset_ac_3168_firmwareIntel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0172
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.15% / 36.54%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset_ac_3165amt_wi-fi_6_ax201proset_ac_9462amt_ac_9560_firmwareproset_ac_8265killer_wi-fi_6_ax1650amt_wi-fi_6_ax201_firmwareproset_ac_3165_firmwareamt_ac_8265_firmwareproset_ac_8260proset_ac_9461_firmwareproset_wi-fi_6_ax201_firmwareproset_wi-fi_6e_ax210proset_wireless_7265_\(rev_d\)_firmwareamt_wi-fi_6_ax210_firmwareproset_wi-fi_6_ax200_firmwarekiller_wi-fi_6_ax1650_firmwareproset_wi-fi_6_ax200proset_ac_9461proset_ac_8260_firmwareamt_wi-fi_6_ax200amt_wi-fi_6_ax210amt_ac_8260_firmwareamt_ac_8260killer_ac_1550_firmwareamt_ac_9260_firmwareproset_ac_8265_firmwareproset_wireless_7265_\(rev_d\)proset_ac_9462_firmwareproset_wi-fi_6_ax201killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwareproset_ac_9260killer_wi-fi_6e_ax1675proset_ac_9560amt_wi-fi_6_ax200_firmwareamt_ac_9260proset_ac_9260_firmwareamt_ac_8265amt_ac_9560proset_ac_9560_firmwarekiller_ac_1550proset_ac_3168proset_ac_3168_firmwareIntel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0173
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.15% / 36.54%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Validation of Consistency within input in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset_ac_3165amt_wi-fi_6_ax201proset_ac_9462amt_ac_9560_firmwareproset_ac_8265killer_wi-fi_6_ax1650amt_wi-fi_6_ax201_firmwareproset_ac_3165_firmwareamt_ac_8265_firmwareproset_ac_8260proset_ac_9461_firmwareproset_wi-fi_6_ax201_firmwareproset_wi-fi_6e_ax210proset_wireless_7265_\(rev_d\)_firmwareamt_wi-fi_6_ax210_firmwareproset_wi-fi_6_ax200_firmwarekiller_wi-fi_6_ax1650_firmwareproset_wi-fi_6_ax200proset_ac_9461proset_ac_8260_firmwareamt_wi-fi_6_ax200amt_wi-fi_6_ax210amt_ac_8260_firmwareamt_ac_8260killer_ac_1550_firmwareamt_ac_9260_firmwareproset_ac_8265_firmwareproset_wireless_7265_\(rev_d\)proset_ac_9462_firmwareproset_wi-fi_6_ax201killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwareproset_ac_9260killer_wi-fi_6e_ax1675proset_ac_9560amt_wi-fi_6_ax200_firmwareamt_ac_9260proset_ac_9260_firmwareamt_ac_8265amt_ac_9560proset_ac_9560_firmwarekiller_ac_1550proset_ac_3168proset_ac_3168_firmwareIntel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0162
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.22% / 44.66%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset_ac_3165amt_wi-fi_6_ax201proset_ac_9462amt_ac_9560_firmwareproset_ac_8265killer_wi-fi_6_ax1650amt_wi-fi_6_ax201_firmwareproset_ac_3165_firmwareamt_ac_8265_firmwareproset_ac_8260proset_ac_9461_firmwareproset_wi-fi_6_ax201_firmwareproset_wi-fi_6e_ax210proset_wireless_7265_\(rev_d\)_firmwareamt_wi-fi_6_ax210_firmwareproset_wi-fi_6_ax200_firmwarekiller_wi-fi_6_ax1650_firmwareproset_wi-fi_6_ax200proset_ac_9461proset_ac_8260_firmwareamt_wi-fi_6_ax200amt_wi-fi_6_ax210amt_ac_8260_firmwareamt_ac_8260killer_ac_1550_firmwareamt_ac_9260_firmwareproset_ac_8265_firmwareproset_wireless_7265_\(rev_d\)proset_ac_9462_firmwareproset_wi-fi_6_ax201killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwareproset_ac_9260killer_wi-fi_6e_ax1675proset_ac_9560amt_wi-fi_6_ax200_firmwareamt_ac_9260proset_ac_9260_firmwareamt_ac_8265amt_ac_9560proset_ac_9560_firmwarekiller_ac_1550proset_ac_3168proset_ac_3168_firmwareIntel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0083
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 14.51%
||
7 Day CHG~0.00%
Published-11 Aug, 2021 | 12:47
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) Optane(TM) PMem versions before versions 1.2.0.5446 or 2.2.0.1547 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_gold_6246rxeon_platinum_8276lxeon_platinum_8358xeon_w-2223xeon_platinum_9222xeon_gold_5315yxeon_w-11865mrexeon_w-3245mxeon_gold_5217xeon_gold_6230txeon_platinum_8362xeon_gold_6230nxeon_w-3225xeon_platinum_8354hxeon_w-3265xeon_gold_5218nxeon_w-3245xeon_gold_6338xeon_w-1370xeon_w-2125xeon_silver_4309yxeon_platinum_8352yxeon_platinum_8368xeon_gold_5220xeon_gold_6246xeon_w-2295xeon_silver_4214rxeon_gold_6326xeon_gold_6254xeon_silver_4310txeon_gold_6240yxeon_gold_6234optane_persistent_memory_firmwarexeon_platinum_8380xeon_gold_6238rxeon_silver_4316xeon_platinum_8351nxeon_w-1250xeon_w-1250texeon_w-2255xeon_gold_6208uxeon_w-11555mlexeon_platinum_8268xeon_gold_5215xeon_platinum_8352vxeon_gold_6336yxeon_w-1290exeon_gold_6262vxeon_gold_5222xeon_w-3275xeon_w-1390txeon_gold_5218xeon_w-1270xeon_silver_4209txeon_w-1270exeon_platinum_8380hxeon_gold_5215lxeon_platinum_8360hlxeon_silver_4215rxeon_gold_6252nxeon_platinum_9221xeon_w-2245xeon_platinum_8376hxeon_gold_6244xeon_gold_6330xeon_silver_4210txeon_gold_6248xeon_gold_6212uxeon_w-1270texeon_w-1370pxeon_gold_6314uxeon_platinum_8280xeon_gold_6248rxeon_w-11155mrexeon_w-3335xeon_gold_6354xeon_gold_6258rxeon_w-1290txeon_gold_6240xeon_gold_6238lxeon_platinum_8352mxeon_gold_6240lxeon_gold_6250xeon_platinum_8353hxeon_w-11865mlexeon_platinum_8256xeon_gold_6348hxeon_w-2155xeon_w-11855mxeon_gold_6330hxeon_w-1290pxeon_w-3265mxeon_w-2135xeon_gold_6222vxeon_gold_5318hxeon_w-11155mlexeon_platinum_8376hlxeon_gold_6242xeon_w-2265xeon_gold_5320hxeon_w-2145xeon_gold_5320xeon_platinum_8360yxeon_platinum_8274xeon_w-10855mxeon_platinum_8260yxeon_platinum_8270xeon_gold_6242rxeon_gold_6338txeon_gold_6346xeon_gold_5218txeon_silver_4215xeon_w-2235xeon_w-11555mrexeon_gold_5220rxeon_w-11955mxeon_gold_5318sxeon_gold_6338nxeon_silver_4214xeon_platinum_8276xeon_platinum_8360hxeon_w-1390pxeon_gold_6238txeon_w-1270pxeon_silver_4210rxeon_gold_6250lxeon_silver_4214yxeon_gold_6210uxeon_gold_6348xeon_gold_6330nxeon_gold_5218bxeon_w-1350xeon_platinum_8380hlxeon_gold_5318nxeon_platinum_8358pxeon_w-1250exeon_w-1290xeon_w-3345xeon_w-3375xeon_platinum_8368qxeon_silver_4216xeon_gold_6230xeon_platinum_8253xeon_gold_6240rxeon_w-10885mxeon_w-2195xeon_silver_4310xeon_w-1390xeon_w-3365xeon_gold_5317xeon_gold_6334xeon_w-2275xeon_w-1290texeon_platinum_8356hxeon_gold_6209uxeon_w-3223xeon_gold_6226xeon_gold_6256xeon_w-1350pxeon_gold_6342xeon_w-3323xeon_gold_6230rxeon_w-3175xxeon_gold_6238xeon_gold_6252xeon_w-1250pxeon_w-3235xeon_gold_5320txeon_silver_4208xeon_platinum_8260xeon_platinum_8352sxeon_gold_5318yxeon_gold_5218rxeon_bronze_3206rxeon_gold_6226rxeon_w-2225xeon_gold_6312uxeon_gold_6328hxeon_w-2123xeon_gold_5220sxeon_w-2133xeon_w-3275mxeon_platinum_9242xeon_platinum_9282xeon_platinum_8260lxeon_platinum_8280lxeon_bronze_3204xeon_gold_6328hlxeon_silver_4314xeon_w-2175xeon_gold_5220txeon_silver_4210Intel(R) Optane(TM) PMem versions
CWE ID-CWE-20
Improper Input Validation
CVE-2020-8742
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.72%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:15
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the firmware for Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc5i3ryhsnnuc7i7dnbenuc7i5bnhx1nuc7i5bnhxfcd1c32gk_firmwarecd1c64gknuc7i5dnkpcnuc5i3mybe_firmwarenuc8i7hvknuc7i5dnbe_firmwarede3815tykhe_firmwarenuc7i3dnktc_firmwarenuc8i7hnk_firmwarenuc7i5dnbenuc6i7kyknuc5i5ryhsnuc5i3ryk_firmwarenuc8i5behfa_firmwarenuc7i3bnb_firmwarenuc7pjyhnuc7i5dnhe_firmwarenuc7i3bnhx1_firmwarenuc5ppyh_firmwarenuc8i5behs_firmwarenuc8i5behfanuc5i7ryh_firmwarenuc8i7hvkvaw_firmwarenuc5i3ryhnuc8i7hvkvanuc6caysnuc5i5mybe_firmwarenuc5i5myhenuc7i3bnbnuc7i3bnk_firmwarenuc5i3myhe_firmwarenuc5i5ryk_firmwarenuc8i7hnkqcnuc7i3dnke_firmwarenuc8i3behfa_firmwarenuc7i3bnhnuc7i3bnknuc5i5mybenuc7pjyh_firmwarestk2mv64cc_firmwarenuc7i3bnhxf_firmwarenuc7i7bnhnuc5i5ryh_firmwarenuc8i3behnuc8i7hnknuc8i5bek_firmwarenuc5i3ryhs_firmwarenuc7i3bnh_firmwarenuc8i7beh_firmwarenuc5pgyh_firmwarenuc5i5rykcd1p64gknuc7i3dnhncnuc7i5bnkpnuc8i5bekpa_firmwarenuc7i3dnhe_firmwarenuc5i7ryhnuc6cayhde3815tybe_firmwarenuc7cjysalnuc7i5dnkenuc7i7bnkqnuc5i3ryhsn_firmwarenuc8i7hnkqc_firmwarenuc7i7bnhxgcd1c64gk_firmwarestk2mv64ccnuc6i7kyk_firmwarenuc7i3dnhnc_firmwarenuc6cays_firmwarenuc8i7hvk_firmwarenuc7i5dnke_firmwarenuc5i5ryhs_firmwarenuc8i7behga_firmwarenuc8i3behs_firmwarenuc8i7bekqa_firmwarenuc7i5bnknuc7i3dnbenuc7cjyhnuc7i5bnhxf_firmwarenuc7i5bnhnuc5i3mybenuc8i7bek_firmwarede3815tykhenuc7i3dnhenuc5i3ryhsnuc8i7behganuc7i3dnktcnuc7i7dnbe_firmwarenuc7i3dnbe_firmwarenuc8i5beh_firmwarenuc5i3ryknuc7i7dnhe_firmwarenuc7i5bnkp_firmwarenuc7i7bnbnuc5cpyhnuc5pgyhnuc5i5ryhnuc8i5bekpanuc7i5bnh_firmwarenuc7i5dnhenuc8i3beknuc7i7bnkq_firmwarecd1p64gk_firmwarenuc5ppyhnuc8i7beknuc7i5bnb_firmwarenuc8i7behnuc7i7dnke_firmwarenuc7i5dnkpc_firmwarenuc7i7bnhxg_firmwarenuc6cayh_firmwarenuc8i7bekqanuc7i3bnhxfnuc5i3ryh_firmwarenuc8i3behfanuc7i5bnk_firmwarenuc7i5bnhx1_firmwarenuc8i5behsnuc7i5bnbnuc7cjyh_firmwarenuc7i7bnhx1nuc7i7bnb_firmwarenuc7i7bnhx1_firmwarenuc7i3dnkenuc8i5beknuc5cpyh_firmwarenuc8i5behcd1c32gknuc8i7hvkva_firmwarenuc5i5myhe_firmwarenuc5i3myhenuc7i7bnh_firmwarenuc7i3bnhx1de3815tybenuc7i7dnkenuc7cjysal_firmwarenuc7i7dnhenuc8i7hvkvawnuc8i3beh_firmwarenuc8i3behsnuc8i3bek_firmwareIntel(R) NUCs Advisory
CWE ID-CWE-20
Improper Input Validation
CVE-2020-8700
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.24% / 46.30%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 18:50
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-xeon_platinum_8153xeon_e3-1230_v5xeon_e3-1558l_v5xeon_w-3245mxeon_e5-4610_v4xeon_e7-8894_v4xeon_gold_6146xeon_e5-2660_v3core_i7-1068ng7e-series_bioscore_i7-1160g7xeon_e5-1680_v3xeon_d-1527xeon_e5-2697_v4xeon_gold_5115xeon_platinum_8170xeon_gold_6136xeon_w-2125core_i9-10940xxeon_e5-4610_v3xeon_e5-4650_v4xeon_e7-8880_v4xeon_gold_6138xeon_e5-1660_v4xeon_e7-8891_v4xeon_platinum_8164xeon_e-2226gxeon_e3-1280_v5xeon_gold_6234xeon_e5-2699r_v4xeon_w-2255xeon_d-1518core_i7-11700core_i7-6822eqcore_i7-6700texeon_e3-1501l_v6xeon_gold_6262vcore_i7-11370hxeon_e5-2683_v4xeon_platinum_8168core_i7-7600uxeon_e5-2608l_v4xeon_e5-2640_v3xeon_e-2224xeon_gold_5218xeon_e5-1620_v4core_i7-11850hxeon_d-1567xeon_e5-2630l_v3xeon_e3-1505l_v6xeon_e-2278gexeon_e5-1607_v3xeon_e5-4640_v4xeon_gold_5117xeon_gold_5122xeon_w-2245xeon_d-1587xeon_e5-2699_v3xeon_d-2191xeon_gold_6248rcore_i7-7820hkxeon_e5-2689_v4xeon_e7-8870_v4xeon_w-1290tcore_i5-l16g7xeon_gold_6240core_i7-6970hqxeon_gold_6262xeon_platinum_8156xeon_e-2136core_i7-10510ucore_i7-1060g7xeon_w-2265xeon_e5-2667_v4xeon_platinum_8274xeon_w-10855mxeon_gold_6126fxeon_d-1539xeon_e3-1535m_v5xeon_e5-1680_v4core_i7-7700xeon_gold_5220rxeon_d-2146ntxeon_e3-1268l_v5xeon_platinum_8160fxeon_e5-2658_v3xeon_e5-4660_v4core_i7-8750hxeon_e3-1501m_v6xeon_gold_6250lxeon_gold_6210uxeon_d-2187ntxeon_platinum_8160mcore_i7-10700fxeon_d-2166ntxeon_e3-1270_v6xeon_e-2286mxeon_e3-1505m_v5core_i7-10750hxeon_silver_4216xeon_gold_6230xeon_platinum_8253xeon_e5-2630l_v4xeon_w-2195xeon_e5-4667_v4xeon_e5-2628l_v4xeon_e-2276gxeon_e5-2685_v3xeon_w-1390xeon_e-2186gxeon_d-2183itxeon_silver_4116txeon_e-2174gxeon_e5-2630_v4xeon_d-1622core_i7-8809gxeon_e5-4667_v3xeon_platinum_8160hcore_i7-8700bxeon_e5-2643_v3xeon_d-2145ntxeon_d-1581xeon_e5-1650_v4xeon_gold_6238xeon_e5-2630_v3xeon_w-1250pxeon_silver_4208xeon_e3-1585_v5xeon_w-2104xeon_e5-2623_v4core_i7-6560uxeon_w-2123xeon_gold_5220sxeon_w-3275mxeon_platinum_9282xeon_e5-2683_v3core_i7-10700exeon_silver_4108xeon_gold_6130txeon_silver_4210core_i7-11700kfcloud_backupcore_i7-10870hxeon_e7-8867_v4xeon_bronze_3106xeon_w-2102xeon_e-2274gcore_i7-10700kxeon_e-2278gelxeon_d-1540xeon_e3-1280_v6hci_compute_node_biosxeon_e5-2698_v4xeon_platinum_8160tcore_i7-11700kxeon_d-1528xeon_silver_4214rcore_i7-6500uxeon_e5-2697_v3xeon_e5-4627_v4xeon_e-2124core_i7-10710uxeon_d-2141icore_i7-10700kfxeon_d-1541xeon_e5-2660_v4xeon_e7-4830_v4xeon_w-1250texeon_platinum_8268xeon_platinum_8176mxeon_e-2276mecore_i7-8565uxeon_gold_5222xeon_e5-2687w_v4xeon_e5-1603_v3core_i7-7560uxeon_gold_5117fxeon_e3-1535m_v6xeon_d-1548xeon_d-1649nxeon_d-1529xeon_platinum_9221xeon_e3-1220_v5xeon_platinum_8160xeon_e5-2428l_v3core_i7-6700hqxeon_e7-4809_v4xeon_e5-4648_v3xeon_gold_6122xeon_silver_4123xeon_gold_6148fxeon_gold_6132biosxeon_e5-2618l_v4xeon_w-2155xeon_gold_6137core_i7-7500ucore_i7-8550uxeon_e-2224gxeon_w-2135xeon_d-1623nxeon_w-2145xeon_e-2226gecore_i7-6650uxeon_gold_6142core_i7-10610ucore_i7-8500ycore_i7-7567uxeon_silver_4214xeon_w-1390pxeon_d-2161ixeon_silver_4210rxeon_d-1632core_i7-7820hqxeon_e3-1585l_v5xeon_e5-2620_v3xeon_e5-2670_v3xeon_gold_5218bxeon_e5-2648l_v3xeon_gold_6142mxeon_e5-2609_v3xeon_e3-1275_v5xeon_e5-2438l_v3xeon_e3-1240_v5xeon_e5-2650_v3xeon_gold_6222core_i7-6567uxeon_e5-2648l_v4xeon_e5-4620_v4xeon_e7-8855_v4xeon_d-1513nxeon_d-1537xeon_e3-1515m_v5xeon_w-1290texeon_e3-1225_v5xeon_gold_6209uxeon_silver_4112xeon_d-1559xeon_w-3223xeon_gold_5120txeon_w-3175xxeon_gold_6134xeon_gold_6162xeon_e5-2628l_v3xeon_e-2254mexeon_w-3235core_i7-7y75xeon_e5-4669_v3xeon_w-2225xeon_gold_6130hxeon_w-2133core_i7-6700xeon_d-1557xeon_e5-4627_v3xeon_e7-4850_v4xeon_gold_6148xeon_e3-1505m_v6xeon_gold_6144xeon_gold_6140mxeon_gold_5220txeon_platinum_8276lxeon_w-2223xeon_e5-2679_v4core_i7-7700kcore_i7-8705gxeon_e-2276mcore_i7-8665uxeon_gold_6129xeon_platinum_9222xeon_gold_6230tcore_i7-7660ucore_i7-6600ucore_i7-8706gxeon_gold_6126tcore_i7-11700fxeon_platinum_8165xeon_w-3225xeon_gold_6135xeon_e3-1565l_v5xeon_e-2236xeon_w-1370core_i7-10850hxeon_e5-1603_v4core_i7-1185grexeon_e5-2408l_v3core_i7-11375hxeon_e3-1240_v6xeon_d-1573ncore_i7-8700core_i7-7700tcore_i7-10700txeon_e5-1630_v4xeon_e5-4660_v3xeon_gold_6246core_i7-8086kxeon_w-2295core_i7-6770hqcore_i7-8700kxeon_e5-2603_v3fas_biosxeon_e-2134xeon_e5-2667_v3xeon_gold_5215xeon_e5-4655_v3xeon_d-2143itxeon_d-2163itxeon_e5-2699_v4xeon_e3-1285_v6xeon_w-1390txeon_w-1270xeon_e3-1225_v6xeon_platinum_8284xeon_silver_4109tcore_i7-10510yxeon_e3-1240l_v5xeon_e5-2690_v3xeon_e5-4655_v4xeon_gold_5215lxeon_silver_4215rxeon_e5-2658_v4xeon_gold_6138fcore_i7-11800hxeon_e5-1630_v3xeon_silver_4210txeon_e5-2680_v3xeon_gold_6212uxeon_e3-1205_v6core_i7-7700hqxeon_w-1270texeon_silver_4114xeon_e5-2698_v3core_i7-6498duxeon_e3-1245_v5core_i7-6870hqxeon_gold_6258rxeon_bronze_3104xeon_d-1571xeon_gold_6240lxeon_gold_6238lxeon_e5-2637_v3xeon_e5-1620_v3xeon_gold_6250xeon_d-2173itcore_i7-11700txeon_w-11855mxeon_d-2123itxeon_gold_5219yxeon_e-2246gxeon_w-3265mxeon_d-1627xeon_e5-2637_v4xeon_e5-2687w_v3xeon_d-1602xeon_e7-8890_v4xeon_e5-2680_v4xeon_gold_5218txeon_e5-2697a_v4xeon_gold_6150xeon_gold_6140xeon_e5-2690_v4xeon_e5-2609_v4core_i7-7920hqxeon_platinum_8174xeon_d-1612xeon_e-2254mlxeon_e3-1545m_v5core_i7-10700core_i9-10920xxeon_e3-1578l_v5core_i7-6660uxeon_e3-1270_v5xeon_gold_6126xeon_e3-1260l_v5xeon_w-1250exeon_e5-2643_v4xeon_d-1563nxeon_e5-2699a_v4core_i7-10875hxeon_e-2276mlxeon_e-2244gxeon_e-2176gxeon_gold_6142fcore_i3-l13g4core_i7-8709gxeon_e5-4650_v3xeon_e5-2650l_v4xeon_gold_6130xeon_e-2104gxeon_platinum_8260core_i7-8557ucore_i7-8700txeon_platinum_9242core_i7-6820hqxeon_platinum_8280lxeon_silver_4110core_i7-8650uxeon_bronze_3204xeon_gold_5119tcore_i7-1180g7core_i7-6700tcore_i7-6920hqxeon_gold_6246rxeon_e3-1230_v6xeon_gold_5217xeon_gold_6230nxeon_gold_6143xeon_w-3265xeon_gold_5218nxeon_e5-2620_v4xeon_gold_6138txeon_w-3245xeon_gold_5120core_i7-1185g7core_i7-1195g7xeon_e-2124gcore_i7-1165g7xeon_e5-2618l_v3xeon_d-1523nxeon_e5-2608l_v3core_i7-10700texeon_e-2288gxeon_d-1653nxeon_gold_5220xeon_e-2234xeon_d-1577xeon_d-1637xeon_gold_6254xeon_gold_6269yxeon_silver_4114tcore_i7-6700kxeon_gold_6240yxeon_e5-4669_v4aff_biosxeon_gold_6154xeon_w-1250xeon_e5-2640_v4hci_storage_node_biosxeon_gold_6208uxeon_e7-8893_v4xeon_w-1290exeon_e5-1650_v3xeon_w-3275core_i7-11700bxeon_d-1553nxeon_e-2126gxeon_silver_4209txeon_e5-4620_v3xeon_silver_4116xeon_w-1270exeon_d-1633ncore_i7-7820eqxeon_gold_6252nxeon_e7-4820_v4xeon_gold_6244xeon_e5-2695_v3xeon_gold_6248xeon_e3-1220_v6xeon_w-1370pxeon_platinum_8280xeon_e-2186mxeon_e5-1660_v3xeon_d-1520xeon_e-2176mcore_i7-6785rcore_i7-6820hkxeon_platinum_8256xeon_gold_6152core_i7-1060ng7xeon_e5-2623_v3xeon_platinum_8158xeon_e5-2658a_v3xeon_e5-2418l_v3xeon_w-1290pxeon_e-2286gxeon_gold_6222vxeon_platinum_8176xeon_gold_6242xeon_e3-1275_v6xeon_d-1531core_i7-10810uxeon_e3-1575m_v5xeon_e-2278gxeon_e5-2650_v4xeon_platinum_8260yxeon_e3-1505l_v5xeon_platinum_8270xeon_d-1533nxeon_gold_6242rxeon_e3-1245_v6xeon_gold_6128xeon_silver_4215xeon_d-2142itxeon_platinum_8180mcore_i7-8850hxeon_gold_5118xeon_w-2235xeon_e5-2695_v4xeon_gold_6130fxeon_w-11955mcore_i7-6820eqxeon_gold_6134mcore_i9-10900xxeon_platinum_8276xeon_gold_6238txeon_e3-1235l_v5xeon_silver_4214yxeon_e5-2603_v4core_i9-10980xexeon_e5-4628l_v4xeon_e7-8860_v4xeon_w-1350xeon_silver_4106hxeon_gold_6138pcore_i7-8665uexeon_w-1290xeon_platinum_8176fxeon_d-1524nsolidfire_biosxeon_gold_6240rxeon_w-10885mxeon_w-2275xeon_d-1543nxeon_gold_6226xeon_e-2144gxeon_gold_6256xeon_d-1521xeon_w-1350pxeon_gold_6230rcore_i7-8569uxeon_gold_6252xeon_e5-4640_v3core_i7-1185g7exeon_gold_5218rxeon_gold_6226rxeon_bronze_3206rxeon_e5-1607_v4core_i7-1065g7xeon_platinum_8260lxeon_e5-1428l_v3core_i7-8559uxeon_platinum_8170mxeon_e-2146gxeon_platinum_8180xeon_d-2177ntxeon_e5-2650l_v3xeon_w-2175Intel(R) Processors
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33176
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.04% / 12.28%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_11_performance_kit_nuc11pahi70z_firmwarenuc_11_performance_kit_nuc11paki7nuc_11_performance_kit_nuc11pahi7_firmwarenuc_11_performance_kit_nuc11pahi30z_firmwarenuc_11_performance_mini_pc_nuc11paqi70qanuc_11_performance_kit_nuc11paki5nuc_11_performance_kit_nuc11paki3nuc_11_performance_kit_nuc11pahi5nuc_11_performance_kit_nuc11pahi30znuc_11_performance_kit_nuc11pahi5_firmwarenuc_11_performance_kit_nuc11pahi70znuc_11_performance_kit_nuc11pahi3_firmwarenuc_11_performance_kit_nuc11paki7_firmwarenuc_11_performance_mini_pc_nuc11paqi50wanuc_11_performance_kit_nuc11paki3_firmwarenuc_11_performance_kit_nuc11pahi50znuc_11_performance_kit_nuc11pahi7nuc_11_performance_kit_nuc11pahi3nuc_11_performance_kit_nuc11paki5_firmwarenuc_11_performance_mini_pc_nuc11paqi50wa_firmwarenuc_11_performance_mini_pc_nuc11paqi70qa_firmwarenuc_11_performance_kit_nuc11pahi50z_firmwareIntel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs
CWE ID-CWE-20
Improper Input Validation
CVE-2022-23425
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.6||HIGH
EPSS-0.15% / 35.76%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 17:40
Updated-03 Aug, 2024 | 03:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station.

Action-Not Available
Vendor-Google LLCSamsungSamsung Electronics
Product-androidexynosSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2024-39950
Matching Score-4
Assigner-Dahua Technologies
ShareView Details
Matching Score-4
Assigner-Dahua Technologies
CVSS Score-8.6||HIGH
EPSS-0.29% / 51.93%
||
7 Day CHG~0.00%
Published-31 Jul, 2024 | 03:45
Updated-19 Aug, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities to initiate device initialization.

Action-Not Available
Vendor-Dahua Technology Co., Ltd
Product-nvr4216-16p-4ks3nvr4216-16p-4ks2\/l_firmwarenvr4108hs-4ks3\(960g\)nvr4208-8p-4ks2\/l_firmwarenvr4108hs-p-4ks2\/lnvr4232-4ks2\/lnvr4104-4ks2\/l_firmwarenvr4832-16p-4ks2\/invr4108hs-8p-4ks2\/lnvr4416-16p-4ks2\/invr4216-4ks2\/l_firmwarenvr4104-4ks3_firmwarenvr4116-8p-4ks2\/l_firmwarenvr4104hs-p-4ks3_firmwarenvr4108-4ks2\/l_firmwarenvr4104hs-p-4ks2\/l_firmwarenvr4232-4ks2\/l_firmwarenvr4432-4ks2\/iipc-hfs8849g-z3-lednvr4104-p-4ks3nvr4116-4ks3nvr4208-4ks3nvr4104hs-4ks3nvr4208-8p-4ks3_firmwarenvr4104-p-4ks2\/l_firmwarenvr4116hs-4ks3ipc-hfs8849g-z3-led_firmwarenvr4104-p-4ks3\(960g\)nvr4416-4ks2\/i_firmwarenvr4216-4ks3_firmwarenvr4832-4ks2\/invr4816-4ks2\/i_firmwarenvr4232-16p-4ks3_firmwarenvr4208-8p-4ks3nvr4204-p-4ks3nvr4832-16p-4ks2\/i_firmwarenvr4108hs-4ks2\/lnvr4104-4ks2\/lnvr4108hs-p-4ks3nvr4108hs-4ks3_firmwarenvr4108hs-4ks3nvr4108-p-4ks3_firmwarenvr4432-16p-4ks2\/invr4104hs-p-4ks2\/lnvr4832-4ks2\/i_firmwarenvr4416-16p-4ks2\/i_firmwarenvr4104-p-4ks3_firmwarenvr4104hs-p-4ks3nvr4232-4ks3nvr4432-16p-4ks2\/i_firmwarenvr4208-4ks2\/l_firmwarenvr4232-16p-4ks2\/lnvr4116-4ks3_firmwarenvr4104-4ks3nvr4116hs-4ks2\/lnvr4104-p-4ks3\(960g\)_firmwareipc-hfs8449g-z7-led_firmwareipc-hfs8449g-z7-lednvr4204-4ks2\/l_firmwarenvr4108-p-4ks2\/lnvr4104hs-4ks3\(960g\)nvr4216-16p-4ks3_firmwarenvr4108hs-p-4ks2\/l_firmwarenvr4108hs-4ks2\/l_firmwarenvr4104hs-4ks2\/lnvr4108hs-8p-4ks3nvr4208-4ks3_firmwarenvr4116hs-4ks2\/l_firmwarenvr4116hs-8p-4ks2\/lnvr4104-p-4ks2\/lnvr4116hs-4ks3_firmwarenvr4104hs-p-4ks3\(960g\)nvr4108hs-8p-4ks2\/l_firmwarenvr4816-4ks2\/invr4816-16p-4ks2\/invr4108hs-p-4ks3_firmwarenvr4204-p-4ks2\/lnvr4104hs-4ks3_firmwarenvr4204-4ks2\/lnvr4108-4ks3nvr4204-p-4ks2\/l_firmwarenvr4108-8p-4ks2\/lnvr4208-8p-4ks2\/lnvr4108-8p-4ks3_firmwarenvr4204-4ks3nvr4204-p-4ks3_firmwarenvr4108-8p-4ks2\/l_firmwarenvr4416-4ks2\/invr4116-4ks2\/l_firmwarenvr4232-16p-4ks3nvr4232-16p-4ks2\/l_firmwarenvr4108-p-4ks2\/l_firmwarenvr4104hs-p-4ks3\(960g\)_firmwarenvr4232-4ks3_firmwarenvr4108-4ks3_firmwarenvr4204-4ks3_firmwarenvr4816-16p-4ks2\/i_firmwarenvr4116-8p-4ks3nvr4108-p-4ks3nvr4104hs-4ks3\(960g\)_firmwarenvr4104hs-4ks2\/l_firmwarenvr4432-4ks2\/i_firmwarenvr4108-8p-4ks3nvr4108-4ks2\/lnvr4116-8p-4ks3_firmwarenvr4116-4ks2\/lnvr4116hs-8p-4ks3nvr4116-8p-4ks2\/lnvr4208-4ks2\/lnvr4216-16p-4ks2\/lnvr4216-4ks3nvr4216-4ks2\/lnvr4108hs-8p-4ks3_firmwarenvr4108hs-4ks3\(960g\)_firmwarenvr4116hs-8p-4ks3_firmwarenvr4116hs-8p-4ks2\/l_firmwareNVR4XXX and IPC-HX8XXXipc-hf8xxx_firmwareipc-hfw8xxxnvr4832-i
CWE ID-CWE-20
Improper Input Validation
CVE-2022-23992
Matching Score-4
Assigner-CA Technologies - A Broadcom Company
ShareView Details
Matching Score-4
Assigner-CA Technologies - A Broadcom Company
CVSS Score-9.8||CRITICAL
EPSS-1.69% / 81.50%
||
7 Day CHG~0.00%
Published-14 Feb, 2022 | 21:04
Updated-03 Aug, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XCOM Data Transport for Windows, Linux, and UNIX 11.6 releases contain a vulnerability due to insufficient input validation that could potentially allow remote attackers to execute arbitrary commands with elevated privileges.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-xcom_data_transportXCOM Data Transport for Windows, Linux, and UNIX
CWE ID-CWE-20
Improper Input Validation
CVE-2024-3968
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
CVSS Score-7.8||HIGH
EPSS-2.24% / 83.88%
||
7 Day CHG~0.00%
Published-15 May, 2024 | 16:39
Updated-21 Jan, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Code Execution vulnerability in the iManager

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution using custom file upload task.

Action-Not Available
Vendor-Micro Focus International LimitedOpen Text Corporation
Product-imanageriManagerimanager
CWE ID-CWE-20
Improper Input Validation
CVE-2022-24086
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-90.15% / 99.57%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 16:38
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-01||Apply updates per vendor instructions.
Adobe Commerce checkout improper input validation leads to remote code execution

Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.

Action-Not Available
Vendor-magentoAdobe Inc.
Product-magentocommerceMagento CommerceCommerce and Magento Open Source
CWE ID-CWE-20
Improper Input Validation
CVE-2011-0657
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.8||CRITICAL
EPSS-49.70% / 97.73%
||
7 Day CHG~0.00%
Published-13 Apr, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process DNS queries, which allows remote attackers to execute arbitrary code via (1) a crafted LLMNR broadcast query or (2) a crafted application, aka "DNS Query Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_7windows_xpwindows_server_2008windows_server_2003windows_2003_serverwindows_vistan/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-23820
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.37%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 18:52
Updated-03 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-ryzen_9_5900xryzen_5_6600h_firmwareryzen_5_3580uathlon_3015ceryzen_7_4800u_firmwareryzen_5_5500x_firmwareryzen_5_pro_5645ryzen_3_3100_firmwareryzen_threadripper_2950x_firmwareryzen_7_7735hs_firmwareryzen_9_3900xryzen_5_pro_3350ge_firmwareryzen_9_5900x_firmwareryzen_9_6900hx_firmwareryzen_9_5980hxathlon_3015eryzen_7_5800hsryzen_5_5500hryzen_5_5600xryzen_9_5900_firmwareryzen_5_5600hsryzen_5_3600xt_firmwareryzen_7_5825uryzen_7_5825u_firmwareryzen_5_3600x_firmwareryzen_7_3750h_firmwareryzen_threadripper_3960x_firmwareryzen_5_6600hryzen_threadripper_3960xryzen_threadripper_2950xryzen_5_4500u_firmwareryzen_9_6980hxryzen_threadripper_pro_3975wxryzen_5_5560uryzen_3_3100ryzen_7_3750hryzen_5_6600hsryzen_7_3780uryzen_7_pro_5845athlon_3015e_firmwareryzen_9_5900hsryzen_9_4900hsryzen_7_4980u_firmwareryzen_threadripper_2920xryzen_9_5980hsryzen_7_3700cryzen_5_pro_3350g_firmwareryzen_7_3800xt_firmwareryzen_3_5125c_firmwareryzen_5_55003xd_firmwareryzen_9_6900hxryzen_7_5800h_firmwareryzen_9_6900hsryzen_3_3300xryzen_7_3700xryzen_5_3500uryzen_5_5500ryzen_3_5400uryzen_9_4900hs_firmwareryzen_9_4900h_firmwareryzen_5_5600_firmwareryzen_7_5800xryzen_5_3550hryzen_5_4500uryzen_9_pro_5945ryzen_threadripper_3990x_firmwareryzen_7_3780u_firmwareryzen_9_3900ryzen_3_4300uryzen_7_4800h_firmwareryzen_3_4300u_firmwareryzen_5_5600x_firmwareryzen_9_3900_firmwareryzen_7_3700x_firmwareryzen_5_pro_3350gryzen_7_4980uryzen_9_5900ryzen_9_5980hs_firmwareryzen_7_6800h_firmwareryzen_7_6800u_firmwareryzen_7_7735uryzen_threadripper_3990xryzen_5_3500c_firmwareryzen_5_5600hs_firmwareryzen_5_56003xdryzen_3_3350u_firmwareryzen_5_5600h_firmwareryzen_7_5700ryzen_5_4680uryzen_3_5400u_firmwareryzen_9_6900hs_firmwareryzen_3_3300u_firmwareryzen_7_5800ryzen_7_4700uryzen_7_6800hs_firmwareryzen_7_3800xryzen_5_7535uryzen_5_4600uryzen_9_5950xryzen_5_3600_firmwareryzen_5_5500_firmwareryzen_5_3580u_firmwareryzen_threadripper_2990wx_firmwareryzen_5_3500cryzen_5_4600hryzen_5_4600u_firmwareryzen_5_56003xd_firmwareryzen_3_3300x_firmwareryzen_5_5600hryzen_7_6800hsryzen_5_pro_3400g_firmwareryzen_9_3900xt_firmwareryzen_5_7535u_firmwareryzen_7_6800uryzen_3_3300uryzen_7_7736uryzen_5_3600xtryzen_3_5425u_firmwareryzen_7_7735hsryzen_5_3500x_firmwareryzen_9_3900xtryzen_5_3550h_firmwareryzen_7_4800hryzen_5_5600uryzen_9_4900hryzen_9_5900hx_firmwareryzen_5_3500xryzen_9_5950x_firmwareathlon_3015ce_firmwareryzen_threadripper_2970wxryzen_7_4800hsryzen_7_3700u_firmwareryzen_7_5800x_firmwareryzen_5_5625uryzen_5_6600uryzen_5_pro_3400gryzen_threadripper_2920x_firmwareryzen_7_4800hs_firmwareryzen_9_6980hs_firmwareryzen_5_3450uryzen_3_5125cryzen_7_3800x_firmwareryzen_5_pro_3350geryzen_9_6980hx_firmwareryzen_7_7735u_firmwareryzen_7_pro_5845_firmwareryzen_threadripper_pro_3945wx_firmwareryzen_9_5900hs_firmwareryzen_5_5600u_firmwareryzen_5_3600xryzen_5_6600u_firmwareryzen_3_7335uryzen_7_3800xtryzen_threadripper_2970wx_firmwareryzen_7_5700_firmwareryzen_5_7535hs_firmwareryzen_9_3950x_firmwareryzen_9_pro_5945_firmwareryzen_threadripper_pro_3995wxryzen_5_4600h_firmwareryzen_5_7535hsryzen_7_3700c_firmwareryzen_7_5700x_firmwareryzen_threadripper_pro_3955wxryzen_5_4600hsryzen_7_5800u_firmwareryzen_7_7736u_firmwareryzen_9_3900x_firmwareryzen_7_4700u_firmwareryzen_7_3700uryzen_5_6600hs_firmwareryzen_5_pro_5645_firmwareryzen_3_3350uryzen_5_3500_firmwareryzen_3_5425uryzen_threadripper_pro_3955wx_firmwareryzen_7_5800_firmwareryzen_9_5980hx_firmwareryzen_3_5100_firmwareryzen_5_5560u_firmwareryzen_threadripper_pro_3995wx_firmwareryzen_7_5800uryzen_9_5900hxryzen_5_4680u_firmwareryzen_5_4600hs_firmwareryzen_5_pro_3400geryzen_5_5500h_firmwareryzen_9_3950xryzen_threadripper_2990wxryzen_5_5600ryzen_threadripper_3970xryzen_3_5100ryzen_5_3500ryzen_7_5800hryzen_5_3450u_firmwareryzen_threadripper_pro_3945wxryzen_5_3600ryzen_5_pro_3400ge_firmwareryzen_threadripper_3970x_firmwareryzen_5_3500u_firmwareryzen_threadripper_pro_3975wx_firmwareryzen_7_5800hs_firmwareryzen_7_4800uryzen_5_5625u_firmwareryzen_3_7335u_firmwareryzen_7_5700xryzen_9_6980hsryzen_7_6800hAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics “Picasso” FP5AMD Ryzen™ Threadripper™ 3000 Series Processors “Castle Peak” HEDTAMD Ryzen™ 5000 Series Desktop Processors “Vermeer”AMD EPYC™ Embedded 7003AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics “Picasso” AM43rd Gen AMD EPYC™ ProcessorsAMD Ryzen™ Threadripper™ PRO 3000WX Series Processors “Chagall” WSAMD Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS SP3AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R”AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics "Rembrandt"AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics “Renoir” FP6AMD Ryzen™ Threadripper™ 2000 Series Processors “Colfax”AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics “Barcelo-R”AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics “Barcelo”Ryzen™ 3000 series Desktop Processors “Matisse"AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics “Cezanne”
CWE ID-CWE-20
Improper Input Validation
CVE-2024-39780
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-7.8||HIGH
EPSS-0.32% / 54.29%
||
7 Day CHG+0.04%
Published-02 Apr, 2025 | 07:31
Updated-26 Aug, 2025 | 16:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of unsafe yaml load in dynparam

A YAML deserialization vulnerability was found in the Robot Operating System (ROS) 'dynparam', a command-line tool for getting, setting, and deleting parameters of a dynamically configurable node, affecting ROS distributions Noetic and earlier. The issue is caused by the use of the yaml.load() function in the 'set' and 'get' verbs, and allows for the creation of arbitrary Python objects. Through this flaw, a local or remote user can craft and execute arbitrary Python code.

Action-Not Available
Vendor-openroboticsOpen Source Robotics Foundation
Product-robot_operating_systemRobot Operating System (ROS)
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-23770
Matching Score-4
Assigner-KrCERT/CC
ShareView Details
Matching Score-4
Assigner-KrCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.47% / 63.56%
||
7 Day CHG~0.00%
Published-17 Oct, 2022 | 00:00
Updated-13 May, 2025 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WISA Smart Wing CMS Remote Command Execution Vulnerability

This vulnerability could allow a remote attacker to execute remote commands with improper validation of parameters of certain API constructors. Remote attackers could use this vulnerability to execute malicious commands such as directory traversal.

Action-Not Available
Vendor-wisaWISA corp.Linux Kernel Organization, Inc
Product-smart_wing_cmslinux_kernelSmart Wing CMS
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2011-0703
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 61.80%
||
7 Day CHG~0.00%
Published-15 Nov, 2019 | 16:09
Updated-06 Aug, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may allow an attacker to overtake an administrator X11 session.

Action-Not Available
Vendor-gksu-polkit_projectgksu-polkitDebian GNU/Linux
Product-debian_linuxgksu-polkitgksu-polkit
CWE ID-CWE-20
Improper Input Validation
CVE-2024-38879
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.20% / 42.69%
||
7 Day CHG~0.00%
Published-02 Aug, 2024 | 10:36
Updated-20 Sep, 2024 | 23:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). The affected system exposes the port of an internal application on the public network interface allowing an attacker to circumvent authentication and directly access the exposed application.

Action-Not Available
Vendor-Siemens AG
Product-omnivise_t3000_application_serverOmnivise T3000 Application Server R9.2Omnivise T3000 R8.2 SP3Omnivise T3000 R8.2 SP4omnivise_t3000_application_serveromnivise_t3000
CWE ID-CWE-20
Improper Input Validation
CVE-2024-42458
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 63.67%
||
7 Day CHG~0.00%
Published-02 Aug, 2024 | 00:00
Updated-05 Sep, 2024 | 15:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

server.c in Neat VNC (aka neatvnc) before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369.

Action-Not Available
Vendor-any1n/aany1
Product-neatvncn/aneatvnc
CWE ID-CWE-20
Improper Input Validation
CVE-2023-2917
Matching Score-4
Assigner-Rockwell Automation
ShareView Details
Matching Score-4
Assigner-Rockwell Automation
CVSS Score-9.8||CRITICAL
EPSS-35.10% / 96.90%
||
7 Day CHG~0.00%
Published-17 Aug, 2023 | 15:10
Updated-08 Oct, 2024 | 16:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability

The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability.  Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed.  A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-thinmanager_thinserverThinManager ThinServerthinmanager_thinserver
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-29332
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-12.80% / 93.76%
||
7 Day CHG~0.00%
Published-12 Sep, 2023 | 16:58
Updated-27 Feb, 2025 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability

Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_kubernetes_serviceAzure Kubernetes Service
CWE ID-CWE-330
Use of Insufficiently Random Values
CWE ID-CWE-20
Improper Input Validation
CVE-2020-24647
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-0.80% / 73.13%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 17:34
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote accessmgrservlet classname input validation code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (iMC)
CWE ID-CWE-20
Improper Input Validation
CVE-2022-24439
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-8.1||HIGH
EPSS-69.55% / 98.59%
||
7 Day CHG~0.00%
Published-12 Dec, 2022 | 01:49
Updated-16 Sep, 2024 | 23:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Code Execution (RCE)

All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments.

Action-Not Available
Vendor-gitpython_projectn/aDebian GNU/LinuxFedora Project
Product-gitpythondebian_linuxfedoraGitPython
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • ...
  • 15
  • 16
  • Next
Details not found