Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-25952

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-14 Nov, 2023 | 19:04
Updated At-02 Aug, 2024 | 11:39
Rejected At-
Credits

Out-of-bounds write in some Intel(R) Arc(TM) Control software before version 1.73.5335.2 may allow an authenticated user to potentially enable denial of service via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:14 Nov, 2023 | 19:04
Updated At:02 Aug, 2024 | 11:39
Rejected At:
▼CVE Numbering Authority (CNA)

Out-of-bounds write in some Intel(R) Arc(TM) Control software before version 1.73.5335.2 may allow an authenticated user to potentially enable denial of service via local access.

Affected Products
Vendor
n/a
Product
Intel(R) Arc(TM) Control software
Default Status
unaffected
Versions
Affected
  • before version 1.73.5335.2
Problem Types
TypeCWE IDDescription
N/AN/Adenial of service
CWECWE-787Out-of-bounds write
Type: N/A
CWE ID: N/A
Description: denial of service
Type: CWE
CWE ID: CWE-787
Description: Out-of-bounds write
Metrics
VersionBase scoreBase severityVector
3.16.1MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Version: 3.1
Base score: 6.1
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01020.html
N/A
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01020.html
Resource: N/A
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01020.html
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01020.html
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:14 Nov, 2023 | 19:15
Updated At:16 May, 2024 | 21:15

Out-of-bounds write in some Intel(R) Arc(TM) Control software before version 1.73.5335.2 may allow an authenticated user to potentially enable denial of service via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Secondary3.16.1MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Type: Primary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 6.1
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
CPE Matches
Microsoft Corporation
microsoft
>>windows>>-
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>iris_xe_graphics>>Versions before 31.0.101.4255(exclusive)
cpe:2.3:a:intel:iris_xe_graphics:*:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows>>-
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>arc_a_graphics>>Versions before 31.0.101.4255(exclusive)
cpe:2.3:a:intel:arc_a_graphics:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE-787Secondarysecure@intel.com
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-787
Type: Secondary
Source: secure@intel.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01020.htmlsecure@intel.com
N/A
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01020.html
Source: secure@intel.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

2196Records found
CVE-2021-38959
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.04% / 11.24%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 14:00
Updated-17 Sep, 2024 | 02:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM SPSS Statistics for Windows 24.0, 25.0, 26.0, 27.0, 27.0.1, and 28.0 could allow a local user to cause a denial of service by writing arbitrary files to admin protected directories on the system. IBM X-Force ID: 212046.

Action-Not Available
Vendor-Microsoft CorporationIBM Corporation
Product-windowsspss_statisticsSPSS Statistics
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-35219
Matching Score-10
Assigner-TWCERT/CC
ShareView Details
Matching Score-10
Assigner-TWCERT/CC
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.54%
||
7 Day CHG~0.00%
Published-02 Aug, 2022 | 15:20
Updated-16 Sep, 2024 | 23:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NHI card’s web service component - Stack-based Buffer Overflow-2

The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet key parameter. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service.

Action-Not Available
Vendor-nhiNHIMicrosoft Corporation
Product-windowshealth_insurance_web_service_componentcard’s web service component
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2020-12386
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.57%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:52
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in some Intel(R) Graphics Drivers before version 15.36.39.5143 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) Graphics Drivers
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-35218
Matching Score-10
Assigner-TWCERT/CC
ShareView Details
Matching Score-10
Assigner-TWCERT/CC
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.54%
||
7 Day CHG~0.00%
Published-02 Aug, 2022 | 15:20
Updated-16 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NHI card’s web service component - Heap-based Buffer Overflow

The NHI card’s web service component has a heap-based buffer overflow vulnerability due to insufficient validation for packet origin parameter length. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service.

Action-Not Available
Vendor-nhiNHIMicrosoft Corporation
Product-windowshealth_insurance_web_service_componentcard’s web service component
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2021-33086
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.78%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 18:59
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc8i5behnuc_kit_nuc8i7beknuc_10_performance_kit_nuc10i3fnhja_firmwarenuc_8_enthusiast_nuc8i7bekqa_firmwarenuc_8_compute_element_cm8pcbnuc_10_performance_kit_nuc10i5fnhf_firmwarenuc_8_home_nuc8i5bekpa_firmwarenuc_11_pro_kit_nuc11tnhi5_firmwarenuc_10_performance_kit_nuc10i7fnhjanuc_8_home_nuc8i3cysn_firmwarenuc_8_mainstream-g_kit_nuc8i7inh_firmwarenuc_8_pro_board_nuc8i3pnb_firmwarenuc_11_performance_kit_nuc11pahi3nuc_kit_nuc8i3behnuc_m15_laptop_kit_lapbc710_firmwarenuc_8_mainstream-g_kit_nuc8i5inhnuc_11_pro_kit_nuc11tnhi30lnuc_11_pro_kit_nuc11tnhi70qnuc_10_performance_kit_nuc10i5fnh_firmwarenuc_11_pro_kit_nuc11tnhi50l_firmwarenuc_11_pro_kit_nuc11tnki5_firmwarenuc_8_home_nuc8i3behfa_firmwarenuc_9_pro_compute_element_nuc9v7qnbnuc_10_performance_kit_nuc10i5fnhca_firmwarenuc_kit_nuc8i3beh_firmwarenuc_8_home_nuc8i3cysnnuc_8_home_nuc8i5behfanuc_11_pro_kit_nuc11tnhi70q_firmwarenuc_kit_nuc8i3behsnuc_8_mainstream-g_mini_pc_nuc8i5inh_firmwarenuc_11_pro_board_nuc11tnbi5_firmwarenuc_11_pro_kit_nuc11tnhi7nuc_11_pro_kit_nuc11tnhi50lnuc_11_pro_board_nuc11tnbi7nuc_10_performance_kit_nuc10i7fnhcnuc_8_business_nuc8i7hnkqcnuc_11_compute_element_cm11ebc4w_firmwarenuc_10_performance_kit_nuc10i7fnknuc_kit_nuc8i7hvk_firmwarenuc_10_performance_kit_nuc10i7fnhja_firmwarenuc_9_pro_kit_nuc9v7qnx_firmwarenuc_m15_laptop_kit_lapbc710nuc_11_performance_kit_nuc11paki5_firmwarenuc_8_business_nuc8i7hnkqc_firmwarenuc_11_pro_board_nuc11tnbi3_firmwarenuc_10_performance_kit_nuc10i3fnhfnuc_10_performance_kit_nuc10i3fnk_firmwarenuc_10_performance_kit_nuc10i5fnhj_firmwarenuc_11_pro_kit_nuc11tnhi3_firmwarenuc_7_business_nuc7i3dnktcnuc_10_performance_kit_nuc10i7fnh_firmwarenuc_8_enthusiast_nuc8i7hvkvanuc_8_pro_kit_nuc8i3pnknuc_8_pro_board_nuc8i3pnbnuc_11_pro_board_nuc11tnbi5nuc_7_business_nuc7i5dnhenuc_11_enthusiast_mini_pc_nuc11phki7caanuc_7_business_nuc7i5dnkenuc_10_performance_kit_nuc10i5fnhnuc_7_business_nuc7i5dnbe_firmwarenuc_8_compute_element_cm8pcb_firmwarenuc_9_pro_compute_element_nuc9vxqnbnuc_10_performance_kit_nuc10i7fnk_firmwarenuc_8_mainstream-g_mini_pc_nuc8i5inhnuc_11_performance_kit_nuc11pahi5_firmwarenuc_8_enthusiast_nuc8i7behganuc_8_compute_element_cm8i5cb_firmwarenuc_7_business_nuc7i3dnhncnuc_kit_nuc6cayh_firmwarenuc_7_business_nuc7i5dnbenuc_11_pro_kit_nuc11tnhi30p_firmwarenuc_8_compute_element_cm8ccbnuc_8_mainstream-g_kit_nuc8i5inh_firmwarenuc_11_performance_kit_nuc11paki3nuc_11_pro_kit_nuc11tnhi30pnuc_11_enthusiast_mini_pc_nuc11phki7caa_firmwarenuc_11_pro_kit_nuc11tnhi7_firmwarenuc_8_rugged_kit_nuc8cchkr_firmwarenuc_10_performance_kit_nuc10i5fnkp_firmwarenuc_10_performance_kit_nuc10i5fnkpnuc_kit_nuc6cays_firmwarenuc_11_performance_mini_pc_nuc11paqi70qanuc_kit_nuc8i7behnuc_m15_laptop_kit_lapbc510nuc_7_business_nuc7i3dnktc_firmwarenuc_board_nuc7i3dnbe_firmwarenuc_10_performance_kit_nuc10i5fnknuc_10_performance_kit_nuc10i7fnkpnuc_kit_nuc7i3dnhe_firmwarenuc_7_essential_nuc7cjysal_firmwarenuc_11_pro_kit_nuc11tnki7_firmwarenuc_kit_nuc8i3beknuc_11_enthusiast_kit_nuc11phki7c_firmwarenuc_10_performance_kit_nuc10i5fnkpanuc_10_performance_kit_nuc10i3fnhf_firmwarenuc_8_compute_element_cm8ccb_firmwarenuc_8_home_nuc8i3cysmnuc_kit_nuc8i5bek_firmwarenuc_8_home_nuc8i3cysm_firmwarenuc_11_pro_kit_nuc11tnhi70lnuc_8_mainstream-g_mini_pc_nuc8i7inh_firmwarenuc_8_compute_element_cm8i5cbnuc_kit_nuc7pjyhnuc_10_performance_kit_nuc10i7fnhaanuc_11_enthusiast_kit_nuc11phki7cnuc_11_pro_kit_nuc11tnki3_firmwarenuc_11_pro_board_nuc11tnbi7_firmwarenuc_11_pro_kit_nuc11tnhi3nuc_10_performance_kit_nuc10i7fnhaa_firmwarenuc_8_enthusiast_nuc8i7hvkvaw_firmwarenuc_kit_nuc8i5behs_firmwarenuc_11_performance_kit_nuc11pahi3_firmwarenuc_10_performance_kit_nuc10i5fnhja_firmwarenuc_8_pro_kit_nuc8i3pnhnuc_10_performance_kit_nuc10i7fnhnuc_8_compute_element_cm8i3cb_firmwarenuc_8_enthusiast_nuc8i7hvkvawnuc_11_pro_kit_nuc11tnhi70l_firmwarenuc_board_nuc8cchbnuc_8_mainstream-g_mini_pc_nuc8i7inhnuc_kit_nuc8i7hnknuc_7_essential_nuc7cjysalnuc_11_pro_board_nuc11tnbi3nuc_kit_nuc8i5beh_firmwarenuc_kit_nuc8i5beknuc_7_business_nuc7i5dnhe_firmwarenuc_11_compute_element_cm11ebi58wnuc_11_performance_mini_pc_nuc11paqi50wanuc_10_performance_kit_nuc10i3fnknuc_kit_nuc8i7hvknuc_kit_nuc7i3dnhenuc_11_performance_kit_nuc11paki7_firmwarenuc_11_performance_mini_pc_nuc11paqi50wa_firmwarenuc_board_nuc8cchb_firmwarenuc_11_performance_kit_nuc11pahi7nuc_10_performance_kit_nuc10i5fnhjnuc_kit_nuc8i7hnk_firmwarenuc_11_performance_mini_pc_nuc11paqi70qa_firmwarenuc_10_performance_kit_nuc10i5fnhcanuc_7_business_nuc7i3dnhnc_firmwarenuc_8_compute_element_cm8i3cbnuc_10_performance_kit_nuc10i5fnhfnuc_11_pro_kit_nuc11tnhi5nuc_10_performance_kit_nuc10i3fnhnuc_kit_nuc7cjyhnuc_11_compute_element_cm11ebc4wnuc_10_performance_kit_nuc10i7fnkp_firmwarenuc_8_pro_kit_nuc8i3pnh_firmwarenuc_11_pro_kit_nuc11tnki7nuc_kit_nuc6caysnuc_kit_nuc8i5behsnuc_9_pro_kit_nuc9vxqnxnuc_10_performance_kit_nuc10i3fnh_firmwarenuc_11_performance_kit_nuc11paki5nuc_kit_nuc8i3bek_firmwarenuc_kit_nuc7i3dnke_firmwarenuc_7_business_nuc7i5dnkpc_firmwarenuc_11_compute_element_cm11ebi38w_firmwarenuc_11_performance_kit_nuc11paki3_firmwarenuc_board_nuc7i3dnbenuc_11_compute_element_cm11ebi716w_firmwarenuc_10_performance_kit_nuc10i5fnhjanuc_10_performance_kit_nuc10i7fnkpa_firmwarenuc_8_home_nuc8i5behfa_firmwarenuc_8_pro_kit_nuc8i3pnk_firmwarenuc_7_business_nuc7i5dnkpcnuc_kit_nuc6cayhnuc_kit_nuc8i3behs_firmwarenuc_7_business_nuc7i5dnke_firmwarenuc_kit_nuc8i7bek_firmwarenuc_8_mainstream-g_kit_nuc8i7inhnuc_9_pro_compute_element_nuc9vxqnb_firmwarenuc_10_performance_kit_nuc10i7fnhc_firmwarenuc_11_compute_element_cm11ebi38wnuc_9_pro_compute_element_nuc9v7qnb_firmwarenuc_10_performance_kit_nuc10i3fnhfanuc_kit_nuc8i7beh_firmwarenuc_10_performance_kit_nuc10i5fnk_firmwarenuc_10_performance_kit_nuc10i3fnhfa_firmwarenuc_11_compute_element_cm11ebi58w_firmwarenuc_11_performance_kit_nuc11paki7nuc_8_rugged_kit_nuc8cchkrnuc_kit_nuc7cjyh_firmwarenuc_kit_nuc7pjyh_firmwarenuc_11_performance_kit_nuc11pahi5nuc_11_performance_kit_nuc11pahi7_firmwarenuc_10_performance_kit_nuc10i7fnkpanuc_8_compute_element_cm8i7cb_firmwarenuc_8_enthusiast_nuc8i7bekqanuc_11_compute_element_cm11ebi716wnuc_10_performance_kit_nuc10i3fnhjanuc_11_pro_kit_nuc11tnki5nuc_9_pro_kit_nuc9v7qnxnuc_9_pro_kit_nuc9vxqnx_firmwarenuc_11_pro_kit_nuc11tnhi30l_firmwarenuc_11_pro_kit_nuc11tnhi50w_firmwarenuc_11_pro_kit_nuc11tnki3nuc_10_performance_kit_nuc10i5fnkpa_firmwarenuc_8_home_nuc8i5bekpanuc_8_enthusiast_nuc8i7behga_firmwarenuc_8_home_nuc8i3behfanuc_8_enthusiast_nuc8i7hvkva_firmwarenuc_8_compute_element_cm8i7cbnuc_kit_nuc7i3dnkenuc_11_pro_kit_nuc11tnhi50wnuc_m15_laptop_kit_lapbc510_firmwareIntel(R) NUCs
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0075
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.57%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:38
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in firmware for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and some Killer(TM) WiFi in Windows 10 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ax1650ax1675_firmwareac_9462ac_8265ac_3165_firmwareac_9560_firmwareac_8265_firmwareax1675ax200ac_3165ac_9461ac_8260ac_9260ax1650_firmwareac_9461_firmware9260_firmwareac_3168ac_9462_firmwareac_9560ax200_firmware7265_firmwareac1550_firmwareac_3168_firmwareax201ax210_firmwareax201_firmwareac_9260_firmwareac1550ac_8260_firmwareax2107265Intel(R) PROSet/Wireless WiFi in multiple operating systems and some Killer(TM) WiFi in Windows 10
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-8679
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.57%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 03:21
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in Kernel Mode Driver for some Intel(R) Graphics Drivers before version 26.20.100.7755 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) Graphics Drivers Advisory
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-12289
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.57%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 18:42
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-jhl7440_thunderbolt_3_firmwarejhl6240_thunderbolt_3_firmwarejhl7540_thunderbolt_3jhl8010r_usb_retimer_firmwarejhl6340_thunderbolt_3jhl7340_thunderbolt_3_firmwarejhl7040_thunderbolt_3_retimerdsl6540_thunderbolt_3dsl6340_thunderbolt_3_firmwarejhl6540_thunderbolt_3_firmwaredsl5320_thunderbolt_2_firmwaredsl6540_thunderbolt_3_firmwarejhl8010r_usb_retimerjhl7040_thunderbolt_3_retimer_firmwaredsl5520_thunderbolt_2jhl7540_thunderbolt_3_firmwarejhl6540_thunderbolt_3jhl8040r_thunderbolt_4_retimerjhl7340_thunderbolt_3dsl5320_thunderbolt_2jhl6240_thunderbolt_3jhl8040r_thunderbolt_4_retimer_firmwarejhl6340_thunderbolt_3_firmwaredsl6340_thunderbolt_3jhl7440_thunderbolt_3dsl5520_thunderbolt_2_firmwareIntel(R) Thunderbolt(TM) controllers
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-0186
Matching Score-10
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-10
Assigner-NVIDIA Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.05% / 15.99%
||
7 Day CHG~0.00%
Published-01 Apr, 2023 | 04:41
Updated-11 Feb, 2025 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an out-of-bounds write can lead to denial of service and data tampering.

Action-Not Available
Vendor-Microsoft CorporationNVIDIA Corporation
Product-windowsvirtual_gpuvGPU software (guest driver - Windows), NVIDIA Cloud Gaming (guest driver - Windows)
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-46748
Matching Score-8
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-8
Assigner-Advanced Micro Devices Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 23.27%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 18:50
Updated-13 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of service.

Action-Not Available
Vendor-Intel CorporationAdvanced Micro Devices, Inc.
Product-radeon_rx_7700sryzen_5_pro_3200geradeon_pro_w6900xryzen_3_5300uradeon_rx_5700mradeon_rx_vega_m_firmwareradeon_pro_w6500mradeon_rx_7900_greradeon_rx_vega_56core_i5-8305gradeon_pro_vega_56_firmwareryzen_5_4600hsradeon_rx_5600ryzen_7_4980uradeon_rx_5300mradeon_rx_7900mryzen_3_3015ceradeon_rx_7900_xtradeon_rx_5500_xtradeon_rx_6600sradeon_rx_6650mnuc_8_enthusiast_nuc8i7hvkvawradeon_rx_6650_xtradeon_pro_w6800xradeon_rx_6700_xtryzen_5_pro_3400gradeon_rx_7600m_xtryzen_5_pro_3350geryzen_5_5600gryzen_5_pro_3400geradeon_pro_w6600radeon_pro_vega_64radeon_rx_6700mryzen_5_4680uryzen_5_5500unuc_8_enthusiast_nuc8i7hvkvaradeon_pro_w7600radeon_rx_6650m_xtradeon_rx_6700radeon_rx_7700_xtradeon_rx_7600sradeon_rx_6550mradeon_rx_5600_xtradeon_rx_6850m_xtradeon_rx_6550sradeon_pro_w5700radeon_rx_6800ryzen_7_4800hryzen_3_3015eradeon_softwareradeon_rx_6600mradeon_rx_5500mradeon_rx_7900_xtxryzen_7_5700gnuc_8_enthusiast_nuc8i7hnkqcradeon_rx_6900_xtradeon_rx_5600mradeon_rx_6950_xtryzen_3_4300geryzen_5_pro_3200gradeon_rx_vega_64_firmwareryzen_7_4700gryzen_3_4300gryzen_9_4900hsradeon_rx_5700_xtradeon_rx_6500mcore_i7-8706gradeon_rx_6800_xtradeon_pro_w6400radeon_rx_6500_xtradeon_rx_5700radeon_rx_6450mradeon_rx_7800_xtryzen_5_4500uradeon_rx_5300radeon_pro_w5500xradeon_pro_w6300mryzen_5_4600uradeon_pro_w6800x_duoradeon_pro_vega_64_firmwareradeon_rx_5500ryzen_7_4700geryzen_9_4900hradeon_rx_6400radeon_rx_6600_xtradeon_pro_vega_56ryzen_7_5700uradeon_rx_6800mradeon_rx_6300mryzen_5_4600geradeon_rx_7600radeon_pro_w6300radeon_pro_w6600xryzen_5_5500hradeon_pro_w7500radeon_rx_vega_56_firmwareradeon_rx_7600mcore_i7-8709gryzen_7_4700uradeon_pro_w6600mryzen_5_5600gecore_i7-8705gryzen_3_4300uradeon_pro_w5500ryzen_3_5300geryzen_5_4500ryzen_3_4100ryzen_7_4800hsradeon_pro_w5700xradeon_pro_w6800ryzen_7_5700geradeon_rx_6600radeon_rx_vega_64ryzen_3_5300gryzen_5_4600gnuc_kit_nuc8i7hnknuc_kit_nuc8i7hvkryzen_5_pro_3350gryzen_5_4600hradeon_pro_w7800radeon_rx_6700sradeon_rx_5300_xtradeon_rx_6800sRadeon™ RX Vega Series Graphics CardsRadeon™ PRO WX Vega Series Graphics CardsRadeon™ RX 5000/6000/7000 Series Graphics CardsRadeon™ PRO W5000/W6000/W7000 Series Graphics Cards
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-44022
Matching Score-8
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-8
Assigner-Trend Micro, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 22.66%
||
7 Day CHG~0.00%
Published-03 Dec, 2021 | 10:50
Updated-04 Aug, 2024 | 04:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A reachable assertion vulnerability in Trend Micro Apex One could allow an attacker to crash the program on affected installations, leading to a denial-of-service (DoS). Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-apex_onewindowsTrend Micro Apex One
CWE ID-CWE-617
Reachable Assertion
CVE-2024-47535
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.20% / 41.79%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 15:50
Updated-05 Sep, 2025 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of Service attack on windows app using Netty

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.

Action-Not Available
Vendor-The Netty ProjectMicrosoft Corporation
Product-nettywindowsnettynetty
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-42280
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.16% / 36.54%
||
7 Day CHG~0.00%
Published-10 Nov, 2021 | 00:47
Updated-04 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Feedback Hub Elevation of Privilege Vulnerability

Windows Feedback Hub Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_11windows_10windows_server_2022windows_server_2019Windows Server 2022Windows 10 Version 2004Windows 10 Version 1607Windows Server version 2004Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows Server 2016Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2019Windows Server version 20H2Windows 10 Version 1909Windows 10 Version 20H2
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-41379
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-1.13% / 77.97%
||
7 Day CHG~0.00%
Published-10 Nov, 2021 | 00:46
Updated-30 Oct, 2025 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-17||Apply updates per vendor instructions.
Windows Installer Elevation of Privilege Vulnerability

Windows Installer Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_7windows_server_2012windows_10_1809windows_server_2022windows_rt_8.1windows_10_2004windows_8.1windows_10_1507windows_10_1909windows_server_2008windows_10_21h1windows_server_2004windows_10_20h2windows_10_1607windows_server_20h2windows_server_2019windows_11_21h2windows_server_2016Windows 11 version 21H2Windows 10 Version 2004Windows Server 2016 (Server Core installation)Windows Server 2012Windows 8.1Windows Server 2008 Service Pack 2Windows Server 2019 (Server Core installation)Windows 7Windows 10 Version 21H1Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 1909Windows Server 2012 (Server Core installation)Windows Server 2022Windows Server 2019Windows 10 Version 1507Windows 10 Version 1607Windows Server 2008 Service Pack 2Windows 7 Service Pack 1Windows Server 2012 R2Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 10 Version 20H2Windows Server 2008 R2 Service Pack 1Windows Server 2016Windows Server version 20H2Windows Server version 2004Windows
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-42277
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.26% / 49.41%
||
7 Day CHG~0.00%
Published-10 Nov, 2021 | 00:47
Updated-04 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016visual_studiovisual_studio_2019windows_11windows_10windows_server_2022visual_studio_2017windows_server_2019Windows Server 2022Windows 10 Version 1607Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)Windows Server version 2004Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server version 20H2Windows 10 Version 1909Microsoft Visual Studio 2015 Update 3Windows 10 Version 20H2Windows Server 2016Windows 10 Version 2004Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)Windows 10 Version 1507Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)Windows Server 2019
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-42319
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.22% / 44.82%
||
7 Day CHG~0.00%
Published-10 Nov, 2021 | 00:47
Updated-04 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Visual Studio Elevation of Privilege Vulnerability

Visual Studio Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-visual_studio_2019visual_studio_2017Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-0512
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.57%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 03:22
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncaught exception in the system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) Graphics Drivers Advisory
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2020-0524
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 9.11%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:58
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper default permissions in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_i210-atethernet_controller_i210-csethernet_controller_i210-clethernet_controller_i210-isethernet_controller_i210-itethernet_controller_i210_firmwareIntel(R) Ethernet I210 Controller series of network adapters
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-0616
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.70% / 71.47%
||
7 Day CHG~0.00%
Published-14 Jan, 2020 | 23:11
Updated-04 Aug, 2024 | 06:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists when Windows improperly handles hard links, aka 'Microsoft Windows Denial of Service Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2019windows_10WindowsWindows 10 Version 1909 for x64-based SystemsWindows 10 Version 1903 for x64-based SystemsWindows ServerWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows Server, version 1909 (Server Core installation)Windows 10 Version 1903 for 32-bit SystemsWindows Server, version 1903 (Server Core installation)Windows 10 Version 1909 for 32-bit Systems
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2020-0518
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.57%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:49
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel(R) HD Graphics Control Panel before version 15.40.46.5144 and 15.36.39.5143 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) HD Graphics Control Panel
CVE-2020-0567
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.57%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 20:51
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in Intel(R) Graphics Drivers before version 26.20.100.7212 may allow an authenticated user to enable denial of service via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel(R) Graphics Drivers
CWE ID-CWE-20
Improper Input Validation
CVE-2020-0539
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 16.57%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 14:01
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) AMT and Intel(R) CSME
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2020-0794
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.23% / 45.70%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 15:12
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2019windows_10WindowsWindows 10 Version 1909 for x64-based SystemsWindows 10 Version 1903 for x64-based SystemsWindows ServerWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows Server, version 1909 (Server Core installation)Windows 10 Version 1903 for 32-bit SystemsWindows Server, version 1903 (Server Core installation)Windows 10 Version 1909 for 32-bit Systems
CVE-2020-0501
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 18.28%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 17:42
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Intel(R) Graphics Drivers before version 26.20.100.6912 may allow an authenticated user to potentially enable a denial of service via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel(R) Graphics Drivers
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-0511
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.57%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 19:58
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncaught exception in system driver for Intel(R) Graphics Drivers before version 15.40.44.5107 may allow an authenticated user to potentially enable a denial of service via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel(R) Graphics Drivers
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2019-5693
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.78%
||
7 Day CHG~0.00%
Published-09 Nov, 2019 | 01:41
Updated-04 Aug, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) in which the program accesses or uses a pointer that has not been initialized, which may lead to denial of service.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-windowsgpu_driverNVIDIA GPU Display Driver
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2022-31476
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 24.08%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_usage_reportIntel(R) SUR software
CVE-2022-30691
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.05% / 16.71%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled resource consumption in the Intel(R) Support Android application before version 22.02.28 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-supportIntel(R) Support Android application
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-36490
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5||MEDIUM
EPSS-0.03% / 8.90%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-25 Oct, 2024 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper initialization in some Intel(R) MAS software before version 2.3 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-memory_and_storage_toolIntel(R) MAS software
CWE ID-CWE-665
Improper Initialization
CVE-2023-36728
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 23.71%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 17:07
Updated-14 Apr, 2025 | 22:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft SQL Server Denial of Service Vulnerability

Microsoft SQL Server Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-ole_db_driver_for_sql_serverodbc_driver_for_sql_serversql_serverMicrosoft SQL Server 2016 Service Pack 3 (GDR)Microsoft OLE DB Driver 19 for SQL ServerMicrosoft SQL Server 2014 Service Pack 3 (CU 4)Microsoft ODBC Driver 18 for SQL Server on MacOSMicrosoft SQL Server 2022 (CU 8)Microsoft SQL Server 2019 (CU 22)Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2017 (GDR)Microsoft ODBC Driver 17 for SQL Server on WindowsMicrosoft OLE DB Driver 18 for SQL ServerMicrosoft ODBC Driver 17 for SQL Server on MacOSMicrosoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (GDR)Microsoft ODBC Driver 18 for SQL Server on LinuxMicrosoft ODBC Driver 17 for SQL Server on LinuxMicrosoft SQL Server 2014 Service Pack 3 (GDR)Microsoft ODBC Driver 18 for SQL Server on WindowsMicrosoft SQL Server 2022 (GDR)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-36042
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.10% / 28.63%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 17:57
Updated-08 Oct, 2025 | 23:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Visual Studio Denial of Service Vulnerability

Visual Studio Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-visual_studio_2019visual_studio_2022Microsoft Visual Studio 2022 version 17.6Microsoft Visual Studio 2022 version 17.7Microsoft .NET Framework 3.5 AND 4.8.1
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-14596
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.57%
||
7 Day CHG~0.00%
Published-17 Jan, 2020 | 17:34
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the installer for Intel(R) Chipset Device Software INF Utility before version 10.1.18 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-Intel Corporation
Product-chipset_inf_utilityIntel(R) Chipset Device Software INF Utility
CVE-2019-14604
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.17% / 37.76%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference in the FPGA kernel driver for Intel(R) Quartus(R) Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel® Quartus® Prime Pro Edition
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-14591
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.16% / 36.67%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 19:05
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-graphics_drivercloud_backupsteelstore_cloud_integrated_storagesolidfire_baseboard_management_controller_firmwaresolidfire_baseboard_management_controllerdata_availability_services2019.2 IPU – Intel(R) Graphics Driver for Windows* and Linux
CWE ID-CWE-20
Improper Input Validation
CVE-2023-33875
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.1||HIGH
EPSS-0.07% / 22.17%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:37
Updated-29 Oct, 2024 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via local access..

Action-Not Available
Vendor-n/aIntel Corporation
Product-killer_wi-fi_6e_ax1690proset\/wirelesskillerwi-fi_6_ax201wi-fi_6e_ax211killer_wi-fi_6e_ax1675wi-fi_6e_ax210wi-fi_6_ax200wi-fi_6e_ax411killer_wi-fi_6_ax1650Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software
CWE ID-CWE-284
Improper Access Control
CVE-2019-14574
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.15% / 35.20%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 19:04
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-graphics_drivercloud_backupsteelstore_cloud_integrated_storagesolidfire_baseboard_management_controller_firmwaresolidfire_baseboard_management_controllerdata_availability_services2019.2 IPU – Intel(R) Graphics Driver for Windows* and Linux
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-4631
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.03% / 6.80%
||
7 Day CHG~0.00%
Published-04 Aug, 2020 | 16:00
Updated-17 Sep, 2024 | 00:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Spectrum Protect Plus 10.1.0 through 10.1.6 agent files, in non-default configurations, on Windows are assigned access to everyone with full control permissions, which could allow a local user to cause interruption of the service operations. IBM X-Force ID: 185372.

Action-Not Available
Vendor-Microsoft CorporationIBM Corporation
Product-windowsspectrum_protect_plusSpectrum Protect Plus
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-1325
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.32% / 54.36%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 13:28
Updated-04 Aug, 2024 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists in the Windows redirected drive buffering system (rdbss.sys) when the operating system improperly handles specific local calls within Windows 7 for 32-bit systems, aka 'Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008WindowsWindows ServerWindows 10 Version 1903 for x64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows Server, version 1903 (Server Core installation)
CVE-2019-1391
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.47% / 64.07%
||
7 Day CHG~0.00%
Published-12 Nov, 2019 | 18:52
Updated-04 Aug, 2024 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2018-12207.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008WindowsWindows ServerWindows 10 Version 1903 for x64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows Server, version 1903 (Server Core installation)
CVE-2023-3280
Matching Score-8
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-8
Assigner-Palo Alto Networks, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-13 Sep, 2023 | 16:13
Updated-25 Sep, 2024 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cortex XDR Agent: Local Windows User Can Disable the Agent

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent.

Action-Not Available
Vendor-Palo Alto Networks, Inc.Microsoft Corporation
Product-cortex_xdr_agentwindowsCortex XDR Agent
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2023-32544
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.05% / 14.15%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel HotKey Services for Windows 10 for Intel NUC P14E Laptop Element software installers before version 1.1.45 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_p14e_laptop_elementIntel HotKey Services for Windows 10 for Intel NUC P14E Laptop Element software installers
CWE ID-CWE-284
Improper Access Control
CVE-2020-35609
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.17% / 37.70%
||
7 Day CHG~0.00%
Published-22 Dec, 2020 | 19:24
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write shellcode to trigger this vulnerability.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-azure_spheren/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2023-32272
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.9||HIGH
EPSS-0.08% / 23.45%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel NUC Pro Software Suite Configuration Tool software installers before version 3.0.0.6 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_pro_software_suiteIntel NUC Pro Software Suite Configuration Tool software installers
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-31022
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 22.50%
||
7 Day CHG~0.00%
Published-02 Nov, 2023 | 18:56
Updated-27 Feb, 2025 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service.

Action-Not Available
Vendor-linux-kvmCitrix (Cloud Software Group, Inc.)NVIDIA CorporationCanonical Ltd.Red Hat, Inc.VMware (Broadcom Inc.)Microsoft CorporationLinux Kernel Organization, Inc
Product-ubuntu_linuxkernel_virtual_machineazure_stack_hcilinux_kernelvirtual_gpuenterprise_linuxhypervisorwindowsvsphereNVIDIA GPU Display driver, vGPU driver, and Cloud gaming driver
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-31020
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.02% / 5.23%
||
7 Day CHG~0.00%
Published-02 Nov, 2023 | 18:56
Updated-05 Sep, 2024 | 14:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause improper access control, which may lead to denial of service or data tampering.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-windowsvirtual_gpuNVIDIA GPU Display driver, vGPU driver, and Cloud gaming driver
CWE ID-CWE-284
Improper Access Control
CVE-2023-31023
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.19%
||
7 Day CHG~0.00%
Published-02 Nov, 2023 | 18:56
Updated-05 Sep, 2024 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE

NVIDIA Display Driver for Windows contains a vulnerability where an attacker may cause a pointer dereference of an untrusted value, which may lead to denial of service.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-windowsvirtual_gpuNVIDIA GPU Display driver, vGPU driver, and Cloud gaming driver
CWE ID-CWE-822
Untrusted Pointer Dereference
CVE-2021-1054
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.04%
||
7 Day CHG~0.00%
Published-08 Jan, 2021 | 00:50
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action, which may lead to denial of service.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-windowsgpu_driverNVIDIA GPU Display Driver
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-31018
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.04% / 13.41%
||
7 Day CHG~0.00%
Published-02 Nov, 2023 | 18:56
Updated-27 Feb, 2025 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE

NVIDIA GPU Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a NULL-pointer dereference, which may lead to denial of service.

Action-Not Available
Vendor-linux-kvmCitrix (Cloud Software Group, Inc.)NVIDIA CorporationCanonical Ltd.Red Hat, Inc.VMware (Broadcom Inc.)Microsoft CorporationLinux Kernel Organization, Inc
Product-ubuntu_linuxkernel_virtual_machineazure_stack_hcilinux_kernelvirtual_gpuenterprise_linuxhypervisorwindowsvspherevGPU driver and Cloud gaming driver
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-23403
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.13% / 32.73%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:55
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managerIntel(R) Data Center Manager software
CWE ID-CWE-20
Improper Input Validation
CVE-2023-31021
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.49%
||
7 Day CHG~0.00%
Published-02 Nov, 2023 | 18:56
Updated-05 Sep, 2024 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE

NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may lead to denial of service.

Action-Not Available
Vendor-linux-kvmVMware (Broadcom Inc.)NVIDIA CorporationRed Hat, Inc.Citrix (Cloud Software Group, Inc.)Canonical Ltd.Microsoft Corporation
Product-ubuntu_linuxkernel_virtual_machineazure_stack_hcivirtual_gpuenterprise_linuxhypervisorvspherevGPU driver and Cloud gaming driver
CWE ID-CWE-476
NULL Pointer Dereference
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 43
  • 44
  • Next
Details not found