Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-28741

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-14 Nov, 2023 | 19:06
Updated At-02 Aug, 2024 | 13:51
Rejected At-
Credits

Buffer overflow in some Intel(R) QAT drivers for Windows - HW Version 1.0 before version 1.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:14 Nov, 2023 | 19:06
Updated At:02 Aug, 2024 | 13:51
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in some Intel(R) QAT drivers for Windows - HW Version 1.0 before version 1.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Products
Vendor
n/a
Product
Intel(R) QAT drivers for Windows - HW Version 1.0
Default Status
unaffected
Versions
Affected
  • before version 1.10
Problem Types
TypeCWE IDDescription
N/AN/Aescalation of privilege
CWECWE-120Buffer overflow
Type: N/A
CWE ID: N/A
Description: escalation of privilege
Type: CWE
CWE ID: CWE-120
Description: Buffer overflow
Metrics
VersionBase scoreBase severityVector
3.17.9HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H
Version: 3.1
Base score: 7.9
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00861.html
N/A
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00861.html
Resource: N/A
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00861.html
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00861.html
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:14 Nov, 2023 | 19:15
Updated At:30 Nov, 2023 | 15:11

Buffer overflow in some Intel(R) QAT drivers for Windows - HW Version 1.0 before version 1.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.9HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.9
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H
CPE Matches
Microsoft Corporation
microsoft
>>windows>>-
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>quickassist_technology_library>>Versions before 22.07.1(exclusive)
cpe:2.3:a:intel:quickassist_technology_library:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>quickassist_technology_firmware>>-
cpe:2.3:o:intel:quickassist_technology_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>quickassist_technology>>Versions from 1.0(inclusive) to 1.10(exclusive)
cpe:2.3:h:intel:quickassist_technology:*:*:*:*:*:windows:*:*
Intel Corporation
intel
>>quickassist_technology_firmware>>-
cpe:2.3:o:intel:quickassist_technology_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>quickassist_technology>>Versions from 2.0(inclusive) to 2.04(exclusive)
cpe:2.3:h:intel:quickassist_technology:*:*:*:*:*:windows:*:*
Weaknesses
CWE IDTypeSource
CWE-120Primarynvd@nist.gov
CWE-120Secondarysecure@intel.com
CWE ID: CWE-120
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-120
Type: Secondary
Source: secure@intel.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00861.htmlsecure@intel.com
Vendor Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00861.html
Source: secure@intel.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

2641Records found
CVE-2019-0145
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.39%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:21
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncIntel Corporation
Product-ethernet_controller_x710-at2_firmwarelinux_kernelethernet_controller_x710-tm4_firmwareethernet_controller_x710-bm2_firmwareethernet_controller_710-bm1ethernet_controller_xxv710-am2ethernet_controller_xxv710-am1_firmwareethernet_controller_xxv710-am1ethernet_controller_x710-bm2ethernet_controller_xxv710-am2_firmwareethernet_700_series_softwareethernet_controller_x710-at2ethernet_controller_710-bm1_firmwareethernet_controller_x710-tm42019.2 IPU – Intel(R) Ethernet 700 Series Controllers
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2016-0099
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-91.17% / 99.63%
||
7 Day CHG~0.00%
Published-09 Mar, 2016 | 11:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain privileges via a crafted application, aka "Secondary Logon Elevation of Privilege Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_10_1507windows_7windows_server_2008windows_10_1511windows_vistawindows_server_2012windows_8.1n/aWindows
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-6334
Matching Score-10
Assigner-HYPR Corp
ShareView Details
Matching Score-10
Assigner-HYPR Corp
CVSS Score-5.3||MEDIUM
EPSS-0.05% / 16.28%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 19:41
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7.

Action-Not Available
Vendor-hyprHYPRMicrosoft Corporation
Product-windowsworkforce_accessWorkforce Access
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-8712
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.17% / 38.67%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:42
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in a verification process for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8729
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.85%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:56
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer copy without checking size of input for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-5025
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.31% / 53.31%
||
7 Day CHG~0.00%
Published-11 Mar, 2021 | 15:30
Updated-16 Sep, 2024 | 20:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 db2fm is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 193661.

Action-Not Available
Vendor-IBM CorporationNetApp, Inc.Linux Kernel Organization, IncMicrosoft Corporation
Product-windowsdb2linux_kerneloncommand_insightDB2 for Linux, UNIX and Windows
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-4363
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.07% / 21.99%
||
7 Day CHG~0.00%
Published-01 Jul, 2020 | 14:25
Updated-17 Sep, 2024 | 02:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 178960.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-windowsdb2linux_kernelDB2 for Linux- UNIX and Windows
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-22661
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.09% / 26.85%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_system_d50tnp1mhcpacserver_system_d50tnp2mhsvac_firmwareserver_system_m50cyp2ur312_firmwareserver_system_d50tnp2mhsvacserver_system_d50tnp1mhcrac_firmwareserver_system_d50tnp2mhstacserver_system_d50tnp2mfalacserver_system_m50cyp2ur208server_system_d50tnp1mhcrlc_firmwareserver_system_m50cyp1ur212_firmwareserver_system_m50cyp2ur208_firmwareserver_system_m50cyp2ur312server_system_m50cyp1ur204_firmwareserver_system_d50tnp1mhcracserver_system_d50tnp1mhcrlcserver_system_d50tnp2mhstac_firmwareserver_system_m50cyp1ur204server_system_d50tnp1mhcpac_firmwareserver_system_d50tnp2mfalac_firmwareserver_system_m50cyp1ur212Intel(R) Server Board BMC firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2004-0210
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-5.88% / 90.22%
||
7 Day CHG+0.59%
Published-14 Jul, 2004 | 04:00
Updated-30 Jul, 2025 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-interixwindows_ntwindows_2000n/aWindows
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-0504
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 23.10%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 17:42
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Intel(R) Graphics Drivers before versions 15.40.44.5107, 15.45.30.5103, and 26.20.100.7158 may allow an authenticated user to potentially enable escalation of privilege and denial of service via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel(R) Graphics Drivers
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-0530
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.81%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 20:55
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html

Action-Not Available
Vendor-Intel Corporation
Product-nuc_kit_nuc7i5bnknuc_board_d34010wybnuc_kit_nuc8i7beknuc_kit_nuc7i5dnhenuc_8_enthusiast_pc_nuc8i7bekqa_firmwarenuc_7_enthusiast_pc_nuc7i7bnhxgnuc_kit_nuc7i3bnhx1_firmwarenuc_7_home_a_mini_pc_nuc7i3bnhxfnuc_8_mainstream-g_kit_nuc8i7inh_firmwarenuc_kit_nuc6i5syk_firmwarenuc_kit_nuc5i5ryk_firmwarecompute_stick_stk1a32sc_firmwarenuc_kit_nuc6i3syh_firmwarenuc_kit_nuc5i5myhenuc_8_mainstream-g_kit_nuc8i5inhnuc_kit_nuc5i5ryknuc_kit_nuc7i5bnhnuc_kit_nuc5i3myhenuc_kit_nuc7i7dnkenuc_kit_nuc7i3bnknuc_board_nuc5i3mybe_firmwarenuc_kit_nuc7i5dnke_firmwarenuc_kit_nuc5i7ryh_firmwarenuc_kit_nuc7i7bnhnuc_kit_nuc7i3bnh_firmwarenuc_8_home_pc_nuc8i3cysmnuc_kit_nuc7i3bnhx1nuc_8_business_pc_nuc8i7hnkqcnuc_kit_nuc6i7kyk_firmwarenuc_kit_de3815tykhenuc_7_home_a_mini_pc_nuc7i5bnhxf_firmwarenuc_board_nuc7i7dnbenuc_kit_nuc7i5bnh_firmwarenuc_board_de3815tybe_firmwarenuc_board_d54250wyb_firmwarecompute_stick_stk2m3w64cc_firmwarenuc_kit_nuc5i3ryhsnuc_kit_d34010wyknuc_7_home_a_mini_pc_nuc7i3bnhxf_firmwarecompute_stick_stck1a8lfc_firmwarecompute_stick_stk1aw32sc_firmwarecompute_stick_stk1aw32scnuc_kit_nuc6cayh_firmwarenuc_kit_nuc7i5bnhx1_firmwarenuc_kit_nuc7i3bnk_firmwarenuc_kit_nuc5i5ryh_firmwarenuc_8_mainstream-g_kit_nuc8i5inh_firmwarenuc_kit_nuc7i7bnhx1nuc_kit_nuc5i5myhe_firmwarenuc_kit_nuc5i3ryh_firmwarenuc_8_rugged_kit_nuc8cchkr_firmwarecompute_stick_stk2m364ccnuc_kit_nuc6cays_firmwarecompute_stick_stk2m364cc_firmwarenuc_kit_nuc7i7dnke_firmwarenuc_kit_nuc6i3syhnuc_board_nuc7i3dnbe_firmwarenuc_kit_nuc7i7dnhenuc_kit_d54250wyknuc_kit_nuc7i3dnhe_firmwarenuc_kit_nuc5i3myhe_firmwarecompute_stick_stck1a32wfcnuc_kit_nuc7i5dnkenuc_7_home_a_mini_pc_nuc7i5bnkp_firmwarenuc_8_mainstream-g_mini_pc_nuc8i7inh_firmwarenuc_kit_d54250wyk_firmwarenuc_kit_nuc7pjyhnuc_kit_de3815tykhe_firmwarecompute_stick_stk1a32scnuc_kit_nuc5i3ryknuc_8_mainstream-g_mini_pc_nuc8i7inhnuc_kit_nuc5i3ryhs_firmwarenuc_board_nuc8cchbnuc_board_nuc5i5mybenuc_kit_nuc8i7hnknuc_7_essential_pc_nuc7cjysalnuc_board_d54250wybcompute_stick_stk2m3w64ccnuc_board_nuc5i3mybenuc_7_essential_pc_nuc7cjysal_firmwarenuc_kit_nuc7i5bnhx1nuc_kit_nuc6i3syk_firmwarenuc_kit_nuc7i3dnhenuc_kit_nuc5i3ryk_firmwarenuc_board_nuc8cchb_firmwarenuc_kit_nuc7i5dnhe_firmwarenuc_kit_nuc8i7hnk_firmwarecompute_stick_stck1a8lfcnuc_8_home_pc_nuc8i3cysm_firmwarenuc_kit_d34010wykhnuc_kit_nuc7cjyhnuc_board_nuc5i5mybe_firmwarenuc_kit_d54250wykh_firmwarenuc_board_nuc7i5dnbenuc_kit_nuc5cpyhnuc_kit_nuc6caysnuc_board_nuc7i7dnbe_firmwarenuc_kit_nuc7i7bnh_firmwarenuc_kit_nuc7i3dnke_firmwarenuc_8_business_pc_nuc8i7hnkqc_firmwarenuc_8_enthusiast_pc_nuc8i7bekqanuc_kit_nuc6i5syhnuc_board_nuc7i3dnbenuc_kit_nuc5i3ryhnuc_kit_nuc6cayhnuc_kit_nuc5ppyhnuc_kit_nuc8i7bek_firmwarenuc_8_mainstream-g_kit_nuc8i7inhnuc_board_nuc7i5dnbe_firmwarenuc_board_d34010wyb_firmwarenuc_kit_nuc5i3ryhsn_firmwarenuc_kit_nuc5i7ryhnuc_kit_nuc5pgyh_firmwarenuc_kit_nuc7i5bnk_firmwarenuc_kit_nuc5i5ryhsnuc_kit_nuc7i7bnhx1_firmwarenuc_kit_nuc5pgyhnuc_8_rugged_kit_nuc8cchkrnuc_kit_nuc6i5syknuc_kit_nuc5i5ryhs_firmwarenuc_kit_nuc7cjyh_firmwarenuc_kit_nuc7pjyh_firmwarenuc_7_enthusiast_pc_nuc7i7bnhxg_firmwarenuc_kit_nuc6i5syh_firmwarenuc_kit_nuc5cpyh_firmwarenuc_kit_nuc5ppyh_firmwarenuc_kit_d54250wykhcompute_stick_stck1a32wfc_firmwarenuc_kit_d34010wyk_firmwarenuc_kit_nuc6i7kyknuc_kit_nuc7i7dnhe_firmwarenuc_7_home_a_mini_pc_nuc7i5bnhxfnuc_kit_nuc5i5ryhnuc_kit_nuc6i3syknuc_board_de3815tybenuc_kit_d34010wykh_firmwarenuc_7_home_a_mini_pc_nuc7i5bnkpnuc_kit_nuc7i3dnkenuc_kit_nuc7i3bnhnuc_kit_nuc5i3ryhsnIntel(R) NUC Firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-4015
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.10% / 27.92%
||
7 Day CHG~0.00%
Published-11 Mar, 2019 | 22:00
Updated-16 Sep, 2024 | 22:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155893.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-windowsdb2linux_kernelDB2 for Linux, UNIX and Windows
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-4523
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.21% / 43.75%
||
7 Day CHG~0.00%
Published-22 Oct, 2019 | 14:27
Updated-16 Sep, 2024 | 22:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 165481.

Action-Not Available
Vendor-opengroupIBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-windowsunixdb2_high_performance_unload_loadlinux_kernelDb2 High Performance Unload load for LUWDB2 High Performance Unload load for LUW
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-4014
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.15% / 36.00%
||
7 Day CHG~0.00%
Published-03 Apr, 2019 | 13:50
Updated-16 Sep, 2024 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 155892.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-windowsdb2linux_kernelDB2Db2
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-4016
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.10% / 27.92%
||
7 Day CHG~0.00%
Published-11 Mar, 2019 | 22:00
Updated-17 Sep, 2024 | 01:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155894.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-windowsdb2linux_kernelDB2 for Linux, UNIX and Windows
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2002-0969
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.87%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.

Action-Not Available
Vendor-n/aOracle CorporationMicrosoft Corporation
Product-mysqlwindowsn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-4204
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.11% / 30.13%
||
7 Day CHG~0.00%
Published-19 Feb, 2020 | 15:15
Updated-16 Sep, 2024 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 174960.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-aixdb2windowslinux_kernelDB2 for Linux- UNIX and Windows
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-28963
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.04%
||
7 Day CHG~0.00%
Published-22 Oct, 2021 | 19:20
Updated-04 Aug, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Passcovery Co. Ltd ZIP Password Recovery v3.70.69.0 was discovered to contain a buffer overflow via the decompress function.

Action-Not Available
Vendor-krylackn/aMicrosoft Corporation
Product-windowszip_password_recoveryn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-4701
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.07% / 21.99%
||
7 Day CHG~0.00%
Published-19 Nov, 2020 | 15:15
Updated-16 Sep, 2024 | 22:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-windowsdb2linux_kernelDB2 for Linux, UNIX and Windows
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2002-0367
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.15% / 77.62%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-30 Jul, 2025 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_ntwindows_2000n/aWindows
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-0124
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.75%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 19:07
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting TXT, may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_e3-1230_v5core_i7-7700kcore_i7-8705gxeon_e-2276mcore_i7-8665uxeon_e3-1558l_v5core_i7-7660ucore_i7-6600ucore_i7-8706gxeon_e3-1565l_v5_firmwarexeon_e3-1565l_v5xeon_e3-1501l_v6_firmwarexeon_e-2236core_i9-9880h_firmwarecore_i7-8700t_firmwarexeon_e-2236_firmwarexeon_e-2124g_firmwarecore_i7-9700kfxeon_e-2126g_firmwarexeon_e3-1240_v6xeon_e-2254me_firmwarecore_i7-8700core_i7-8665ue_firmwarexeon_e-2276me_firmwarexeon_e3-1220_v5_firmwarecore_i7-8705g_firmwarecore_i7-7700tcore_i7-8086kcore_i7-6600u_firmwarecore_i7-9700core_i7-6770hqcore_i7-8700kcore_i7-6650u_firmwarexeon_e3-1280_v5core_i9-9900kfxeon_e-2226gxeon_e3-1270_v6_firmwarexeon_e3-1285_v6_firmwarecore_i7-10510u_firmwarecore_i7-6822eqxeon_e-2276m_firmwarexeon_e-2134core_i7-6700tecore_i7-6567u_firmwarecore_i7-9700texeon_e3-1501l_v6xeon_e-2226g_firmwarecore_i7-7600uxeon_e3-1285_v6xeon_e-2224xeon_e-2186m_firmwarecore_i7-9700f_firmwarexeon_e3-1225_v6core_i7-8569u_firmwarecore_i7\+8700_firmwarexeon_e-2144g_firmwarecore_i7-10510yxeon_e3-1240l_v5xeon_e3-1225_v5_firmwarexeon_e3-1505l_v6xeon_e-2278gexeon_e-2134_firmwarecore_i7-7600u_firmwarecore_i7-7700hqxeon_e3-1240_v5_firmwarecore_i7-10710u_firmwarecore_i7-7820hkxeon_e3-1245_v5core_i7-6870hqxeon_e3-1558l_v5_firmwarecore_i7-6970hqcore_i7-9700fxeon_e3-1505l_v6_firmwarexeon_e-2136xeon_e-2246gcore_i7-9700kcore_i7-10510ucore_i7-8500y_firmwarexeon_e3-1270_v5_firmwarecore_i7-8700b_firmwarexeon_e3-1275_v5_firmwarexeon_e3-1535m_v5core_i7-7700xeon_e3-1535m_v5_firmwarecore_i7-6820hq_firmwarecore_i7-7820hq_firmwarecore_i7-7920hqcore_i7-7920hq_firmwarexeon_e3-1575m_v5_firmwarexeon_e3-1268l_v5core_i9-9900ks_firmwarexeon_e-2254mlcore_i7-8700k_firmwarexeon_e3-1545m_v5xeon_e-2124_firmwarecore_i7-8700_firmwarexeon_e3-1260l_v5_firmwarexeon_e3-1501m_v6_firmwarexeon_e3-1240_v6_firmwarecore_i7-8750hxeon_e3-1501m_v6xeon_e3-1505m_v5_firmwarexeon_e-2226ge_firmwarexeon_e-2254ml_firmwarexeon_e3-1578l_v5core_i7-6660uxeon_e3-1270_v5xeon_e3-1260l_v5xeon_e3-1270_v6xeon_e-2286mcore_i7-9850he_firmwarecore_i7-8557u_firmwarexeon_e3-1505m_v5core_i7-7820eq_firmwarexeon_e-2276gxeon_e-2186gxeon_e-2276mlxeon_e-2244gxeon_e-2174gcore_i9-9900kxeon_e-2176gcore_i7-8809gcore_i7-8709gcore_i7-8700bxeon_e3-1230_v6_firmwarecore_i7-7y75_firmwarecore_i7-8550u_firmwarecore_i7-7500u_firmwarexeon_e3-1275_v6_firmwarexeon_e3-1585_v5xeon_e3-1225_v6_firmwarecore_i7-6700k_firmwarecore_i7-7820hk_firmwarecore_i7-8557ucore_i9-9900kf_firmwarecore_i7-6560uxeon_e-2278ge_firmwarecore_i7-6820hk_firmwarecore_i7-8700txeon_e3-1280_v5_firmwarecore_i7-6820hqxeon_e3-1220_v6_firmwarecore_i7-9850hecore_i7-8650uxeon_e3-1535m_v6_firmwarexeon_e-2286m_firmwarecore_i7-6700tcore_i7-6920hqcore_i9-9900kscore_i7-9750h_firmwarexeon_e3-1230_v6xeon_e3-1585l_v5_firmwarecore_i7-6700_firmwarexeon_e3-1240l_v5_firmwarexeon_e-2234_firmwarecore_i7-8565u_firmwarecore_i7-6822eq_firmwarexeon_e-2224_firmwarecore_i7-9750hfxeon_e-2186g_firmwarexeon_e-2274gxeon_e-2124gxeon_e-2278gelxeon_e3-1280_v6xeon_e-2288gcore_i7-6700t_firmwarexeon_e-2234xeon_e3-1245_v5_firmwarecore_i7-8709g_firmwarecore_i7-6500ucore_i7-6500u_firmwarecore_i7-9850hcore_i7-6700kcore_i7-9700t_firmwarexeon_e3-1280_v6_firmwarexeon_e-2124core_i9-9880hcore_i7-6820eq_firmwarecore_i7-10710uxeon_e-2136_firmwarexeon_e-2276g_firmwarexeon_e3-1235l_v5_firmwarexeon_e-2276mecore_i7-8565uxeon_e-2274g_firmwarexeon_e-2126gcore_i7-7560ucore_i7-8706g_firmwarecore_i7-6920hq_firmwarecore_i7-9700tcore_i7-7820eqxeon_e3-1535m_v6core_i7-9850hlcore_i9-9900core_i7-10510y_firmwarexeon_e3-1220_v5core_i7-9850hl_firmwarecore_i7-8650u_firmwarexeon_e-2146g_firmwarexeon_e3-1220_v6core_i7-6785r_firmwarecore_i7-8850h_firmwarecore_i9-9900k_firmwarecore_i7-6700hq_firmwarecore_i7-6700hqcore_i7-7700k_firmwarecore_i7-9700kf_firmwarecore_i7-9850h_firmwarexeon_e-2186mcore_i7-7567u_firmwarecore_i7-9700exeon_e-2176mcore_i7-6970hq_firmwarecore_i7-6785rcore_i7-7700hq_firmwarecore_i7-6820hkcore_i7-6660u_firmwarexeon_e3-1230_v5_firmwarecore_i7-9750hf_firmwarecore_i7-7500ucore_i7-8550uxeon_e-2278g_firmwarexeon_e-2276ml_firmwarexeon_e-2224gxeon_e-2286gxeon_e3-1268l_v5_firmwarecore_i7-6700te_firmwarexeon_e3-1275_v6xeon_e-2226gexeon_e-2244g_firmwarecore_i7-6650uxeon_e3-1575m_v5xeon_e-2278gxeon_e3-1505l_v5xeon_e3-1245_v6core_i7-8559u_firmwarecore_i7-8850hcore_i7-8086k_firmwarecore_i7-8665u_firmwarexeon_e-2176g_firmwarexeon_e3-1585_v5_firmwarecore_i7-6560u_firmwarecore_i7-6820eqcore_i7-8500ycore_i7-7567ucore_i9-9900tcore_i9-9900_firmwarexeon_e3-1505m_v6_firmwarexeon_e3-1545m_v5_firmwarecore_i7-9700e_firmwarexeon_e3-1235l_v5core_i7\+8700core_i7-7660u_firmwarecore_i7-7820hqxeon_e3-1585l_v5core_i7-8750h_firmwarexeon_e3-1275_v5core_i7-8665uecore_i7-9700k_firmwarecore_i7-8809g_firmwarexeon_e3-1240_v5xeon_e-2288g_firmwarecore_i7-7700t_firmwarecore_i9-9980hk_firmwarexeon_e-2246g_firmwarecore_i7-6567uxeon_e-2176m_firmwarexeon_e-2174g_firmwarexeon_e3-1515m_v5xeon_e3-1505l_v5_firmwarexeon_e3-1225_v5core_i7-6870hq_firmwarexeon_e-2278gel_firmwarexeon_e-2144gxeon_e3-1245_v6_firmwarexeon_e3-1515m_v5_firmwarecore_i7-8569ucore_i7-9700te_firmwarecore_i7-7700_firmwarecore_i7-6770hq_firmwarexeon_e-2254mecore_i7-9750hcore_i7-7y75core_i7-7560u_firmwarexeon_e-2286g_firmwarecore_i7-6700xeon_e3-1505m_v6core_i9-9980hkcore_i7-8559ucore_i9-9900t_firmwarecore_i7-9700_firmwarexeon_e-2146gxeon_e-2224g_firmwarexeon_e3-1578l_v5_firmware2019.2 IPU – Intel(R) SGX and TXT
CVE-2019-0808
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-52.29% / 97.83%
||
7 Day CHG~0.00%
Published-09 Apr, 2019 | 02:31
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_7windows_server_2008Windows ServerWindowsWin32k
CVE-2021-38630
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.24% / 47.47%
||
7 Day CHG~0.00%
Published-15 Sep, 2021 | 11:23
Updated-04 Aug, 2024 | 01:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Event Tracing Elevation of Privilege Vulnerability

Windows Event Tracing Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2022windows_server_2019windows_server_2008Windows Server 2022Windows 10 Version 1607Windows Server version 2004Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 8.1Windows 7Windows Server version 20H2Windows 10 Version 1909Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 2004Windows 10 Version 1507Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-269
Improper Privilege Management
CVE-2002-0051
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.24% / 78.38%
||
7 Day CHG~0.00%
Published-25 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Windows 2000 allows local users to prevent the application of new group policy settings by opening Group Policy files with exclusive-read access.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_2000n/a
CWE ID-CWE-667
Improper Locking
CVE-2019-0543
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-3.52% / 87.18%
||
7 Day CHG~0.00%
Published-08 Jan, 2019 | 21:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-05||Apply updates per vendor instructions.

An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka "Microsoft Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_8.1windows_server_2008windows_10_1703windows_10_1803windows_10_1507windows_rt_8.1windows_server_1709windows_10_1809windows_server_2012windows_server_1803windows_server_2019windows_10_1709windows_10_1607windows_7windows_server_2016n/aWindows
CWE ID-CWE-287
Improper Authentication
CVE-2019-0159
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.38% / 58.46%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:13
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient memory protection in the Linux Administrative Tools for Intel(R) Network Adapters before version 24.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-administrative_tools_for_intel_network_adaptersLinux Administrative Tools for Intel(R) Network Adapters
CVE-2019-0128
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.16%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for Intel(R) Chipset Device Software (INF Update Utility) before version 10.1.1.45 may allow an authenticated user to escalate privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-chipset_device_softwareIntel(R) Chipset Device Software (INF Update Utility) Advisory
CWE ID-CWE-264
Not Available
CVE-2019-0123
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.13%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 19:07
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting SGX, may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_e3-1230_v5core_i7-7700kcore_i7-8705gxeon_e-2276mcore_i7-8665uxeon_e3-1558l_v5core_i7-7660ucore_i7-6600ucore_i7-8706gxeon_e3-1565l_v5_firmwarexeon_e3-1565l_v5xeon_e3-1501l_v6_firmwarexeon_e-2236core_i9-9880h_firmwarecore_i7-8700t_firmwarexeon_e-2236_firmwarexeon_e-2124g_firmwarecore_i7-9700kfxeon_e-2126g_firmwarexeon_e3-1240_v6xeon_e-2254me_firmwarecore_i7-8700core_i7-8665ue_firmwarexeon_e-2276me_firmwarexeon_e3-1220_v5_firmwarecore_i7-8705g_firmwarecore_i7-7700tcore_i7-8086kcore_i7-6600u_firmwarecore_i7-9700core_i7-6770hqcore_i7-8700kcore_i7-6650u_firmwarexeon_e3-1280_v5core_i9-9900kfxeon_e-2226gxeon_e3-1270_v6_firmwarexeon_e3-1285_v6_firmwarecore_i7-10510u_firmwarecore_i7-6822eqxeon_e-2276m_firmwarexeon_e-2134core_i7-6700tecore_i7-6567u_firmwarecore_i7-9700texeon_e3-1501l_v6xeon_e-2226g_firmwarecore_i7-7600uxeon_e3-1285_v6xeon_e-2224xeon_e-2186m_firmwarecore_i7-9700f_firmwarexeon_e3-1225_v6core_i7-8569u_firmwarecore_i7\+8700_firmwarexeon_e-2144g_firmwarecore_i7-10510yxeon_e3-1240l_v5xeon_e3-1225_v5_firmwarexeon_e3-1505l_v6xeon_e-2278gexeon_e-2134_firmwarecore_i7-7600u_firmwarecore_i7-7700hqxeon_e3-1240_v5_firmwarecore_i7-10710u_firmwarecore_i7-7820hkxeon_e3-1245_v5core_i7-6870hqxeon_e3-1558l_v5_firmwarecore_i7-6970hqcore_i7-9700fxeon_e3-1505l_v6_firmwarexeon_e-2136xeon_e-2246gcore_i7-9700kcore_i7-10510ucore_i7-8500y_firmwarexeon_e3-1270_v5_firmwarecore_i7-8700b_firmwarexeon_e3-1275_v5_firmwarexeon_e3-1535m_v5core_i7-7700xeon_e3-1535m_v5_firmwarecore_i7-6820hq_firmwarecore_i7-7820hq_firmwarecore_i7-7920hqcore_i7-7920hq_firmwarexeon_e3-1575m_v5_firmwarexeon_e3-1268l_v5core_i9-9900ks_firmwarexeon_e-2254mlcore_i7-8700k_firmwarexeon_e3-1545m_v5xeon_e-2124_firmwarecore_i7-8700_firmwarexeon_e3-1260l_v5_firmwarexeon_e3-1501m_v6_firmwarexeon_e3-1240_v6_firmwarecore_i7-8750hxeon_e3-1501m_v6xeon_e3-1505m_v5_firmwarexeon_e-2226ge_firmwarexeon_e-2254ml_firmwarexeon_e3-1578l_v5core_i7-6660uxeon_e3-1270_v5xeon_e3-1260l_v5xeon_e3-1270_v6xeon_e-2286mcore_i7-9850he_firmwarecore_i7-8557u_firmwarexeon_e3-1505m_v5core_i7-7820eq_firmwarexeon_e-2276gxeon_e-2186gxeon_e-2276mlxeon_e-2244gxeon_e-2174gcore_i9-9900kxeon_e-2176gcore_i7-8809gcore_i7-8709gcore_i7-8700bxeon_e3-1230_v6_firmwarecore_i7-7y75_firmwarecore_i7-8550u_firmwarecore_i7-7500u_firmwarexeon_e3-1275_v6_firmwarexeon_e3-1585_v5xeon_e3-1225_v6_firmwarecore_i7-6700k_firmwarecore_i7-7820hk_firmwarecore_i7-8557ucore_i9-9900kf_firmwarecore_i7-6560uxeon_e-2278ge_firmwarecore_i7-6820hk_firmwarecore_i7-8700txeon_e3-1280_v5_firmwarecore_i7-6820hqxeon_e3-1220_v6_firmwarecore_i7-9850hecore_i7-8650uxeon_e3-1535m_v6_firmwarexeon_e-2286m_firmwarecore_i7-6700tcore_i7-6920hqcore_i9-9900kscore_i7-9750h_firmwarexeon_e3-1230_v6xeon_e3-1585l_v5_firmwarecore_i7-6700_firmwarexeon_e3-1240l_v5_firmwarexeon_e-2234_firmwarecore_i7-8565u_firmwarecore_i7-6822eq_firmwarexeon_e-2224_firmwarecore_i7-9750hfxeon_e-2186g_firmwarexeon_e-2274gxeon_e-2124gxeon_e-2278gelxeon_e3-1280_v6xeon_e-2288gcore_i7-6700t_firmwarexeon_e-2234xeon_e3-1245_v5_firmwarecore_i7-8709g_firmwarecore_i7-6500ucore_i7-6500u_firmwarecore_i7-9850hcore_i7-6700kcore_i7-9700t_firmwarexeon_e3-1280_v6_firmwarexeon_e-2124core_i9-9880hcore_i7-6820eq_firmwarecore_i7-10710uxeon_e-2136_firmwarexeon_e-2276g_firmwarexeon_e3-1235l_v5_firmwarexeon_e-2276mecore_i7-8565uxeon_e-2274g_firmwarexeon_e-2126gcore_i7-7560ucore_i7-8706g_firmwarecore_i7-6920hq_firmwarecore_i7-9700tcore_i7-7820eqxeon_e3-1535m_v6core_i7-9850hlcore_i9-9900core_i7-10510y_firmwarexeon_e3-1220_v5core_i7-9850hl_firmwarecore_i7-8650u_firmwarexeon_e-2146g_firmwarexeon_e3-1220_v6core_i7-6785r_firmwarecore_i7-8850h_firmwarecore_i9-9900k_firmwarecore_i7-6700hq_firmwarecore_i7-6700hqcore_i7-7700k_firmwarecore_i7-9700kf_firmwarecore_i7-9850h_firmwarexeon_e-2186mcore_i7-7567u_firmwarecore_i7-9700exeon_e-2176mcore_i7-6970hq_firmwarecore_i7-6785rcore_i7-7700hq_firmwarecore_i7-6820hkcore_i7-6660u_firmwarexeon_e3-1230_v5_firmwarecore_i7-9750hf_firmwarecore_i7-7500ucore_i7-8550uxeon_e-2278g_firmwarexeon_e-2276ml_firmwarexeon_e-2224gxeon_e-2286gxeon_e3-1268l_v5_firmwarecore_i7-6700te_firmwarexeon_e3-1275_v6xeon_e-2226gexeon_e-2244g_firmwarecore_i7-6650uxeon_e3-1575m_v5xeon_e-2278gxeon_e3-1505l_v5xeon_e3-1245_v6core_i7-8559u_firmwarecore_i7-8850hcore_i7-8086k_firmwarecore_i7-8665u_firmwarexeon_e-2176g_firmwarexeon_e3-1585_v5_firmwarecore_i7-6560u_firmwarecore_i7-6820eqcore_i7-8500ycore_i7-7567ucore_i9-9900tcore_i9-9900_firmwarexeon_e3-1505m_v6_firmwarexeon_e3-1545m_v5_firmwarecore_i7-9700e_firmwarexeon_e3-1235l_v5core_i7\+8700core_i7-7660u_firmwarecore_i7-7820hqxeon_e3-1585l_v5core_i7-8750h_firmwarexeon_e3-1275_v5core_i7-8665uecore_i7-9700k_firmwarecore_i7-8809g_firmwarexeon_e3-1240_v5xeon_e-2288g_firmwarecore_i7-7700t_firmwarecore_i9-9980hk_firmwarexeon_e-2246g_firmwarecore_i7-6567uxeon_e-2176m_firmwarexeon_e-2174g_firmwarexeon_e3-1515m_v5xeon_e3-1505l_v5_firmwarexeon_e3-1225_v5core_i7-6870hq_firmwarexeon_e-2278gel_firmwarexeon_e-2144gxeon_e3-1245_v6_firmwarexeon_e3-1515m_v5_firmwarecore_i7-8569ucore_i7-9700te_firmwarecore_i7-7700_firmwarecore_i7-6770hq_firmwarexeon_e-2254mecore_i7-9750hcore_i7-7y75core_i7-7560u_firmwarexeon_e-2286g_firmwarecore_i7-6700xeon_e3-1505m_v6core_i9-9980hkcore_i7-8559ucore_i9-9900t_firmwarecore_i7-9700_firmwarexeon_e-2146gxeon_e-2224g_firmwarexeon_e3-1578l_v5_firmware2019.2 IPU – Intel(R) SGX and TXT
CVE-2001-1238
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.80% / 73.06%
||
7 Day CHG~0.00%
Published-03 May, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the Task Manager.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_2000n/a
CWE ID-CWE-178
Improper Handling of Case Sensitivity
CVE-2010-2554
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-3.44% / 87.02%
||
7 Day CHG~0.00%
Published-11 Aug, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 has incorrect ACLs on its registry keys, which allows local users to gain privileges via vectors involving a named pipe and impersonation, aka "Tracing Registry Key ACL Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_7windows_server_2008windows_vistan/a
CVE-2023-20562
Matching Score-8
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-8
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.8||HIGH
EPSS-8.43% / 91.96%
||
7 Day CHG+2.17%
Published-08 Aug, 2023 | 17:13
Updated-10 Oct, 2024 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.Linux Kernel Organization, IncMicrosoft Corporation
Product-windowsamd_uproflinux_kernelμProfuprof_tool
CVE-2019-0134
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.77%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:13
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the Intel(R) Dynamic Platform and Thermal Framework v8.3.10208.5643 and before may allow an authenticated user to potentially execute code at an elevated level of privilege.

Action-Not Available
Vendor-n/aIntel Corporation
Product-dynamic_platform_and_thermal_frameworkIntel(R) Dynamic Platform and Thermal Framework
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-38648
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-25.85% / 96.05%
||
7 Day CHG~0.00%
Published-15 Sep, 2021 | 11:24
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.
Open Management Infrastructure Elevation of Privilege Vulnerability

Open Management Infrastructure Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_security_centercontainer_monitoring_solutionlog_analytics_agentazure_stack_hubazure_sentinelazure_automation_state_configurationazure_automation_update_managementazure_open_management_infrastructuresystem_center_operations_managerazure_diagnostics_\(lad\)Log Analytics AgentAzure Diagnostics (LAD)Azure Automation State Configuration, DSC ExtensionAzure Security CenterAzure SentinelAzure Stack HubAzure Automation Update ManagementSystem Center Operations Manager (SCOM)Open Management InfrastructureContainer Monitoring SolutionOpen Management Infrastructure (OMI)
CVE-2018-8589
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-4.18% / 88.24%
||
7 Day CHG-0.74%
Published-14 Nov, 2018 | 01:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-13||Apply updates per vendor instructions.

An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys, aka "Windows Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_7windows_server_2008Windows 7Windows Server 2008Windows Server 2008 R2Win32k
CVE-2018-8611
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-6.41% / 90.64%
||
7 Day CHG~0.00%
Published-12 Dec, 2018 | 00:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-14||Apply updates per vendor instructions.

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2008windows_7windows_8.1windows_rt_8.1windows_10windows_server_2012windows_server_2019Windows Server 2016Windows Server 2008 R2Windows 7Windows RT 8.1Windows 8.1Windows Server 2012Windows 10Windows Server 2019Windows 10 ServersWindows Server 2012 R2Windows Server 2008Windows
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2010-1889
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.94% / 75.33%
||
7 Day CHG~0.00%
Published-11 Aug, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability in the kernel in Microsoft Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2, allows local users to gain privileges via a crafted application, related to object initialization during error handling, aka "Windows Kernel Double Free Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_server_2008windows_vistan/a
CVE-2019-0135
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.99%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an authenticated user to potentially enable escalation of privilege via local access. L-SA-00206

Action-Not Available
Vendor-n/aLenovo Group LimitedIntel Corporation
Product-thinkstation_p520_firmwarethinkstation_p520thinkstation_p720_firmwarethinkstation_p720thinkstation_p520c_firmwarerapid_storage_technology_enterprisethinkstation_p520cthinkstation_p920thinkstation_p920_firmwareIntel(R) Accelerated Storage Manager in RSTe Advisory
CWE ID-CWE-264
Not Available
CVE-2020-16890
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.74% / 72.05%
||
7 Day CHG~0.00%
Published-16 Oct, 2020 | 22:17
Updated-04 Aug, 2024 | 13:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

<p>An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system.</p> <p>The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.</p>

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2019windows_10Windows 10 Version 2004Windows Server version 2004Windows 10 Version 1803Windows Server 2019 (Server Core installation)Windows 10 Version 1903 for x64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1809Windows Server, version 1909 (Server Core installation)Windows 10 Version 1903 for 32-bit SystemsWindows Server 2019Windows 10 Version 1709Windows 10 Version 1909Windows Server, version 1903 (Server Core installation)Windows 10 Version 1709 for 32-bit Systems
CVE-2011-0676
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.92% / 75.01%
||
7 Day CHG~0.00%
Published-13 Apr, 2011 | 20:07
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_7windows_xpwindows_server_2008windows_server_2003windows_2003_serverwindows_vistan/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-38645
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-24.64% / 95.92%
||
7 Day CHG~0.00%
Published-15 Sep, 2021 | 11:24
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.
Open Management Infrastructure Elevation of Privilege Vulnerability

Open Management Infrastructure Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_automation_state_configurationazure_diagnostics_\(lad\)system_center_operations_managerazure_stack_hubcontainer_monitoring_solutionazure_automation_update_managementazure_open_management_infrastructureazure_sentinelazure_security_centerlog_analytics_agentLog Analytics AgentAzure Diagnostics (LAD)Azure Automation State Configuration, DSC ExtensionAzure Security CenterAzure SentinelAzure Stack HubAzure Automation Update ManagementSystem Center Operations Manager (SCOM)Open Management InfrastructureContainer Monitoring SolutionOpen Management Infrastructure (OMI)
CVE-2019-0797
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-3.03% / 86.09%
||
7 Day CHG-0.08%
Published-09 Apr, 2019 | 02:34
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_8.1windows_rt_8.1windows_10windows_server_2012windows_server_2019Windows ServerWindowsWin32k
CVE-2019-0803
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-85.07% / 99.30%
||
7 Day CHG~0.00%
Published-09 Apr, 2019 | 20:15
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_8.1windows_server_2008windows_rt_8.1windows_10windows_server_2012windows_server_2019windows_7windows_server_2016Windows ServerWindowsWin32k
CVE-2010-0485
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.97% / 75.62%
||
7 Day CHG~0.00%
Published-08 Jun, 2010 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows local users to execute arbitrary code, aka "Win32k Window Creation Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_7windows_xpwindows_server_2008windows_2000windows_2003_serverwindows_vistan/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-1484
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.40% / 59.81%
||
7 Day CHG~0.00%
Published-17 Aug, 2020 | 19:13
Updated-04 Aug, 2024 | 06:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Work Folders Service Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulnerability by correcting how the Windows Work Folders Service handles memory.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008Windows 10 Version 1607Windows Server version 2004Windows Server 2019 (Server Core installation)Windows 10 Version 1903 for x64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 10 Version 1903 for 32-bit SystemsWindows 8.1Windows 7Windows 10 Version 1709Windows 10 Version 1909Windows 7 Service Pack 1Windows Server 2016Windows 10 Version 2004Windows 10 Version 1507Windows Server 2008 R2 Service Pack 1Windows 10 Version 1803Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server, version 1909 (Server Core installation)Windows Server 2019Windows Server 2012 R2 (Server Core installation)Windows Server, version 1903 (Server Core installation)Windows 10 Version 1709 for 32-bit Systems
CVE-2019-0155
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.03%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:42
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aCanonical Ltd.Red Hat, Inc.Intel Corporation
Product-enterprise_linux_server_euspentium_gold_g4600pentium_silver_n5000_firmwareenterprise_linux_server_auscore_i3-9100_firmwarexeon_e3-1558l_v5celeron_j1900_firmwarecore_i5-1035g7xeon_e3-1501l_v6_firmwarecore_i3-8350k_firmwarecore_i3-9350k_firmwarepentium_gold_g5420xeon_e-2124g_firmwarecore_i5-8305g_firmwarecore_i5-7500_firmwarepentium_gold_g5420t_firmwarexeon_e-2254me_firmwarecore_i5-8400hceleron_j1850core_m-5y71_firmwarexeon_e-2276me_firmwarepentium_gold_g5420_firmwarecore_i5-7y54pentium_d1509_firmwareceleron_n2815core_i7-9700core_i7-6650u_firmwarexeon_e-2226gpentium_gold_g5400tpentium_gold_g4560_firmwarecore_i7-5500u_firmwarecore_i5-1035g4core_i3-8145uceleron_n3000_firmwarexeon_e-2276m_firmwarecore_i5-9600_firmwarecore_i5-9600t_firmwarecore_i9-9940x_firmwarecore_i7-6700tecore_i7-6567u_firmwarexeon_e3-1501l_v6core_i3-8109ucore_i9-7920xcore_i7-7600uxeon_e-2224xeon_e-2186m_firmwarecore_i5-7y57_firmwarecore_i3-7300core_i9-7940x_firmwarecore_i5-8269u_firmwarexeon_e3-1505l_v6xeon_e-2278gegraphics_drivercore_i5-6287u_firmwarexeon_e-2134_firmwarecore_i5-5350h_firmwarepentium_g4560tcore_m5-6y54celeron_n3150celeron_n4100celeron_n3060core_i7-7600u_firmwarecore_i5-8400bcore_i3-9300t_firmwarecore_i5-5250ucore_i7-10710u_firmwarecore_i7-7820hkpentium_d1517core_i5-9500_firmwarecore_i7-5850hqcore_m-5y10ccore_i9-9940xpentium_gold_g5620xeon_e3-1558l_v5_firmwarecore_i5-8400h_firmwareceleron_n4120core_i7-6970hqcore_i5-8600celeron_g3930texeon_e-2136core_i7-10510ucore_i7-9700kcore_i5-9400_firmwareceleron_n2840pentium_g4600t_firmwarecore_i7-8500y_firmwareceleron_g4930e_firmwarecore_i3-8100celeron_n2930celeron_n2840_firmwarecore_m7-6y75pentium_n3540_firmwareceleron_g4900tcore_i3-7300_firmwarecore_m3-6y30core_m-5y31_firmwarexeon_e3-1535m_v5core_i5-7287u_firmwarecore_i7-7700core_m-5y10celeron_g3900te_firmwarecore_i7-7820hq_firmwarecore_i7-5950hq_firmwarecore_i7-7920hq_firmwareceleron_g4932epentium_d1517_firmwarecore_i5-8600kxeon_e3-1575m_v5_firmwarecore_i7-8700k_firmwarecore_i7-5750hq_firmwarexeon_e-2124_firmwarecore_i7-8700_firmwarecore_i7-8750hcore_i7-5700hq_firmwareceleron_g3900_firmwarecore_i5-8365uxeon_e3-1501m_v6celeron_j3060core_i9-9960x_firmwarexeon_e3-1505m_v5_firmwarexeon_e-2226ge_firmwarecore_i5-8500b_firmwareceleron_n3160core_i3-7100u_firmwareceleron_g4930core_i5-7600core_i3-6100h_firmwarecore_i9-7940xcore_i9-9960xxeon_e-2286mxeon_e3-1505m_v5pentium_gold_g4600_firmwarepentium_n3540pentium_3560mcore_i7-5650uxeon_e-2276gcore_i3-8300xeon_e-2186gcore_i5-7400tcore_i7-5557u_firmwarecore_i5-7267u_firmwarecore_i3-5005ucore_i3-5020uxeon_e-2174gcore_i3-7100core_i7-8809gceleron_j4105celeron_g4932e_firmwarecore_i5-7260ucore_i7-8700bcore_i5-5257ucore_m-5y70core_i7-7500u_firmwareceleron_j1800core_i3-9130u_firmwarecore_i5-7267ucore_i7-7800xcore_i5\+8500core_i5-5300ucore_m-5y10a_firmwarexeon_e3-1585_v5core_i5-10210ycore_i7-7820hk_firmwarecore_i7-6560ucore_i5-9400tceleron_j3355core_i5-10210u_firmwarecore_i7-5550u_firmwarecore_i5-8300hcore_i5-8600t_firmwareatom_x7-e3950core_i3-10110ycore_i3-7300t_firmwarexeon_e3-1535m_v6_firmwareceleron_j3355ecore_i7-5600uceleron_g4930epentium_gold_4410ycore_i9-9900kscore_i5-9600celeron_j4125_firmwarepentium_gold_g5500tpentium_g4400_firmwarexeon_e3-1585l_v5_firmwarepentium_3805u_firmwarepentium_3805ucore_i5-7300u_firmwarecore_i5-8600_firmwarexeon_e-2224_firmwareceleron_n3350core_i5-9300h_firmwarecore_i3-6167uceleron_g4920xeon_e-2274gcore_i5-9500core_i3-9320_firmwarepentium_silver_j5005xeon_e-2278gelcore_i5-8400b_firmwarecore_i5-5200ucore_i7-6700t_firmwarecore_i3-8100_firmwareceleron_n2807core_i7-6500upentium_j3710core_i7-6500u_firmwareceleron_g3902exeon_e-2124core_i9-9880hcore_i7-10710ucore_i5-7287ucore_i5-8500t_firmwarecore_i3-7100h_firmwareatom_x5-e3930_firmwarecore_i5-8300h_firmwarexeon_e-2136_firmwarepentium_n3530xeon_e-2276g_firmwarecore_i5-6300upentium_gold_g4560xeon_e-2276mecore_i7-8565uceleron_n3350_firmwarecore_i9-9980xe_firmwarecore_i5-7300hq_firmwarecore_i3-5015u_firmwarexeon_e-2274g_firmwareceleron_n2820core_i5-7300hqcore_i7-8706g_firmwarecore_i7-7560upentium_gold_g5420tcore_i3-6100hcore_i5-7400t_firmwarecore_i5-6200u_firmwarecore_i3-8100t_firmwarecore_i5-8259upentium_gold_4415y_firmwarexeon_e3-1535m_v6core_i9-9900celeron_j3355e_firmwarecore_i7-10510y_firmwarecore_i5-5257u_firmwareceleron_n2806pentium_gold_g5500atom_x5-e3940xeon_e-2146g_firmwarecore_i7-5850hq_firmwarecore_i7-8850h_firmwarecore_m7-6y75_firmwarecore_i7-6700hqcore_i3-9130ucore_i9-7900x_firmwarecore_i7-7800x_firmwarecore_i7-9850h_firmwarecore_i5-6350hqpentium_d1519core_i3-7100_firmwarecore_i5-7600tcore_i7-6660u_firmwareenterprise_linux_server_tuscore_i5-6350hq_firmwarexeon_e-2278g_firmwarecore_i7-7500ucore_i7-8550uxeon_e-2276ml_firmwareubuntu_linuxceleron_n3010xeon_e-2224gcore_i3-9100tceleron_j4025pentium_j4205xeon_e-2226gecore_i7-6650ucore_i9-9900x_firmwarecore_m-5y71core_i5-9300hcore_i3-7167u_firmwarecore_i7-8559u_firmwarecore_i9-10920x_firmwarecore_i7-8086k_firmwarecore_i5-1035g1_firmwarecore_i7-8665u_firmwarecore_i3-7167uxeon_e3-1585_v5_firmwarexeon_e-2176g_firmwarecore_i7-8500ycore_i5-9400hcore_i7-7567ucore_i9-9900tcore_i7-5557uceleron_g3900e_firmwarecore_i3-8145u_firmwarepentium_4405u_firmwareceleron_n3160_firmwarecore_i7-7660u_firmwarecore_i7-7820hqceleron_n2820_firmwarecore_i5-6260u_firmwarexeon_e3-1585l_v5core_i7-8750h_firmwarecore_i3-5010u_firmwarecore_i3-7300tatom_x7-e3950_firmwarecore_i5-7400_firmwarecore_i3-8300t_firmwarecore_i3-8109u_firmwareceleron_n3060_firmwareceleron_n3010_firmwarecore_i7-9700k_firmwarecore_i9-10980xe_firmwarepentium_a1020xeon_e-2288g_firmwareceleron_n4000celeron_n2830core_i5-7y54_firmwarexeon_e-2246g_firmwarepentium_4405y_firmwarecore_i7-6567uxeon_e-2176m_firmwarecore_i7-5775cxeon_e-2174g_firmwareceleron_n3450xeon_e3-1515m_v5core_i9-7900xceleron_n2805_firmwarecore_i9-8950hk_firmwarecore_i5-8500celeron_g3930_firmwarecore_i7-6870hq_firmwarecore_i5-7600_firmwarexeon_e3-1515m_v5_firmwareceleron_n2810core_i5-6267u_firmwarepentium_d1519_firmwareceleron_n2808_firmwarecore_i5-8265ucore_i5-6300hqxeon_e-2254mecore_i7-9750hcore_i5-6440hqcore_i7-7y75core_i3-5157u_firmwarepentium_gold_g5400t_firmwarepentium_gold_4410y_firmwarecore_i7-7560u_firmwarexeon_e-2286g_firmwarecore_i7-6700core_i3-5005u_firmwarecore_i5-7y57celeron_g3920_firmwarecore_i3-8350kcore_i5-7500tpentium_silver_j5040xeon_e3-1505m_v6core_i5-9600k_firmwarecore_i9-9900t_firmwarecore_i3-9100pentium_gold_g5500_firmwarexeon_e-2224g_firmwarepentium_gold_g5600xeon_e3-1578l_v5_firmwareceleron_j4125celeron_g4950_firmwarecore_i9-7920x_firmwarecore_i7-7700kcore_i7-8705gxeon_e-2276mcore_i7-8665uceleron_j1750celeron_n2940_firmwarecore_i3-8300tcore_i7-7660ucore_i7-6600ucore_i3-6100u_firmwarecore_i7-8706gpentium_g4600txeon_e3-1565l_v5_firmwarepentium_gold_g5620_firmwarepentium_d1508_firmwarexeon_e3-1565l_v5xeon_e-2236core_i9-9880h_firmwarecore_i7-8700t_firmwarexeon_e-2236_firmwarepentium_gold_4415u_firmwarexeon_e-2126g_firmwarecore_i9-7960x_firmwarecore_i7-8700core_i5-8259u_firmwarepentium_j3710_firmwareceleron_g3950core_i5-8400core_i7-8705g_firmwarepentium_3825u_firmwarecore_i3-7100tcore_i7-7700tceleron_n2930_firmwarecore_i7-8086kcore_i5-10210ucore_i5-7260u_firmwarepentium_gold_g5500t_firmwarecore_i7-6600u_firmwarecore_i5-7600k_firmwarecore_i7-6770hqcore_i7-8700kcore_m-5y10aceleron_n2940celeron_n2830_firmwarecore_i5-7200u_firmwarecore_i5-8600k_firmwarecore_i7-10510u_firmwarexeon_e-2134celeron_j3455core_i5-5350hxeon_e-2226g_firmwareceleron_n2807_firmwarepentium_d1509core_i5-10310y_firmwarecore_i7\+8700_firmwarexeon_e-2144g_firmwarecore_i7-10510ypentium_g4560t_firmwareceleron_j3160core_i5-7360u_firmwarecore_i3-10110uceleron_n3150_firmwarecore_i9-7960xcore_i5-9600kcore_i7-7820xceleron_g3900core_i5-5287u_firmwarecore_i7-7700hqcore_i9-7980xeceleron_g4900t_firmwarecore_i3-9100t_firmwarecore_i7-6870hqpentium_gold_4415ycore_i5-8350uceleron_n3050_firmwarecore_i3-1005g1_firmwareceleron_n4000_firmwarecore_i5-7300ucore_i5-6440hq_firmwarecore_m3-6y30_firmwarexeon_e3-1505l_v6_firmwareceleron_j3455_firmwareceleron_g3930core_i7-5600u_firmwarecore_i5-8500tceleron_g3930t_firmwarexeon_e-2246gcore_i5-7500celeron_n2806_firmwareceleron_n2910pentium_3825uceleron_j1800_firmwarecore_i5\+8400_firmwarecore_i5-5200u_firmwarecore_i5-7200ucore_i5-8350u_firmwarecore_i7-8700b_firmwareceleron_g3930ecore_i9-8950hkxeon_e3-1535m_v5_firmwarepentium_4405ucore_i7-6820hq_firmwarecore_i7-7920hqpentium_gold_g5600_firmwarecore_i9-9900ks_firmwarexeon_e-2254mlxeon_e3-1545m_v5core_i5-8400tcore_i3-9300_firmwarecore_i3-5015uceleron_g3930tpentium_d1508pentium_d1507_firmwarexeon_e3-1501m_v6_firmwarecore_i3-6100_firmwarecore_i9-10920xcore_m-5y51xeon_e-2254ml_firmwareceleron_j4105_firmwarexeon_e3-1578l_v5core_i7-6660ucore_i3-7350k_firmwarecore_i7-5775c_firmwarecore_i7-5500uceleron_g4920_firmwarepentium_3560m_firmwarepentium_silver_n5000core_i5-6500_firmwarecore_i3-7100hcore_i3-9300xeon_e-2276mlceleron_n3350e_firmwarexeon_e-2244gcore_i5\+8400core_i9-9900kxeon_e-2176gpentium_gold_g5400_firmwarecore_i7-8709gcore_i3-5020u_firmwarecore_i7-7y75_firmwarecore_i5-8200y_firmwarecore_i7-8550u_firmwarecore_i5-6287ucore_i5-1035g7_firmwarepentium_silver_j5040_firmwareceleron_j4025_firmwareceleron_j1900core_i5-9400core_i9-9920xcore_i3-8100tcore_m3-8100y_firmwarecore_i7-5950hqcore_i5-6260ucore_i7-5650u_firmwarecore_i7-5550uatom_x5-e3930celeron_g4930_firmwarecore_i5-9500txeon_e-2278ge_firmwarecore_i5-7500t_firmwarecore_i7-6820hk_firmwarecore_i7-8700tcore_i7-6820hqceleron_g4930t_firmwarecore_i5-7400core_i7-8650uceleron_n2810_firmwarecore_m3-7y30_firmwarecore_i3-7320xeon_e-2286m_firmwarecore_i7-6700tcore_i7-6920hqcore_i7-9750h_firmwarecore_i3-6167u_firmwarepentium_gold_g4620_firmwarecore_i3-6100uceleron_j1850_firmwarepentium_gold_4415ucore_i7-6700_firmwarexeon_e-2234_firmwarecore_i5-1035g1pentium_silver_n5030core_i5-5250u_firmwarecore_i7-8565u_firmwarexeon_e-2186g_firmwareceleron_n2920_firmwarecore_i5-1035g4_firmwarecore_i3-10110y_firmwarecore_i5-8500bcore_i5-7600t_firmwarexeon_e-2124gceleron_n3050core_i5-8269ucore_i9-7980xe_firmwarecore_i5-7440hq_firmwarecore_i5-6300hq_firmwarexeon_e-2288gceleron_n3000core_m-5y10_firmwarexeon_e-2234core_i7-8709g_firmwareceleron_g3930e_firmwarepentium_a1020_firmwarecore_i7-9850hcore_i7-9700t_firmwareatom_x5-e3940_firmwareceleron_n4100_firmwarepentium_silver_j5005_firmwarecore_i7-7820x_firmwareceleron_g3900tpentium_d1507celeron_g3920core_i3-7100ucore_i5-10210y_firmwarecore_i5-5287ucore_i3-7350kcore_m-5y51_firmwarecore_i5-7600kcore_m5-6y57core_i5-8250uxeon_e-2126gcore_i7-6920hq_firmwarecore_i7-9700tcore_i3-7100t_firmwarecore_i5-7360uceleron_n3450_firmwarecore_i5-6500celeron_n2805core_i7-8650u_firmwareceleron_j1750_firmwarecore_i3-5157upentium_n3530_firmwarecore_i5-6200ucore_i9-9900k_firmwarecore_i7-7700k_firmwarecore_i7-6700hq_firmwarecore_m-5y70_firmwarecore_m3-8100ycore_i5-8250u_firmwarexeon_e-2186mcore_i7-7567u_firmwarecore_m-5y10c_firmwarecore_i3-7320_firmwarecore_i5-8400_firmwarepentium_gold_g4620celeron_n4120_firmwareceleron_g3902e_firmwarexeon_e-2176mcore_i7-6970hq_firmwarecore_i7-7700hq_firmwareceleron_n3350ecore_i7-6820hkpentium_g4400core_i9-9900xcore_i5-10310ycore_i5-8400t_firmwarexeon_e-2286gcore_i5-8365u_firmwareceleron_n2808core_i7-6700te_firmwarecore_i3-9300txeon_e-2244g_firmwarexeon_e3-1575m_v5core_i5-6360u_firmwarepentium_silver_n5030_firmwarexeon_e-2278gxeon_e3-1505l_v5core_i9-9980xeceleron_j3160_firmwarecore_i7-8850hceleron_j4005_firmwarecore_i5-8265u_firmwareceleron_j3060_firmwarecore_i5-5350ucore_i9-10900x_firmwarecore_i7-6560u_firmwarecore_i3-8300_firmwareceleron_g4930tceleron_n2920core_i9-9900_firmwarecore_i7-1065g7_firmwarexeon_e3-1505m_v6_firmwarecore_i9-10900xceleron_g3930te_firmwarexeon_e3-1545m_v5_firmwareceleron_n2815_firmwarecore_i5\+8500_firmwarecore_i7\+8700core_i9-10980xecore_i7-5700hqpentium_j4205_firmwarecore_m3-7y30core_i3-9350kcore_i5-8500_firmwareceleron_n4020_firmwarecore_i5-5300u_firmwarecore_i5-6300u_firmwarecore_i7-8809g_firmwareceleron_g4950core_i7-7700t_firmwarecore_i9-9980hk_firmwarepentium_4405ycore_i5-9400h_firmwareceleron_g4900core_i3-5010ucore_i5-8200ypentium_gold_g5400celeron_g3900t_firmwarecore_i3-6100xeon_e3-1505l_v5_firmwarecore_i3-10110u_firmwareceleron_n4020celeron_g4900_firmwarecore_i5-7440hqcore_i5-5350u_firmwarecore_i5-6360ucore_m5-6y54_firmwarexeon_e-2278gel_firmwarexeon_e-2144gcore_i5-9500t_firmwarecore_m5-6y57_firmwareceleron_g3900ecore_i7-7700_firmwarecore_i7-6770hq_firmwareceleron_g3950_firmwarecore_i7-5750hqcore_i5-6267uceleron_g3900teceleron_j3355_firmwarecore_i3-1005g1celeron_j4005core_i5-9600tcore_m-5y31core_i3-9320core_i9-9920x_firmwarecore_i5-8600tcore_i7-1065g7core_i5-9400t_firmwarecore_i9-9980hkcore_i5-8305gcore_i7-8559uceleron_n2910_firmwarecore_i7-9700_firmwarexeon_e-2146g2019.2 IPU – Intel(R) Graphics Driver for Windows* and Linux
CVE-2010-0232
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-73.26% / 98.74%
||
7 Day CHG~0.00%
Published-21 Jan, 2010 | 19:00
Updated-30 Jul, 2025 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka "Windows Kernel Exception Handler Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_7windows_xpwindows_2000n/aWindows
CVE-2016-15003
Matching Score-8
Assigner-VulDB
ShareView Details
Matching Score-8
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.65% / 69.94%
||
7 Day CHG~0.00%
Published-18 Jul, 2022 | 08:35
Updated-15 Apr, 2025 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FileZilla Client Installer uninstall.exe unquoted search path

A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-filezilla-projectFileZillaMicrosoft Corporation
Product-filezilla_clientwindowsClient
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2024-29052
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.74% / 71.90%
||
7 Day CHG~0.00%
Published-09 Apr, 2024 | 17:01
Updated-27 Aug, 2025 | 15:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Storage Elevation of Privilege Vulnerability

Windows Storage Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_server_2022_23h2windows_11_22h2windows_11_21h2windows_10_22h2windows_server_2022windows_11_23h2Windows 11 Version 23H2Windows 11 version 21H2Windows 10 Version 22H2Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2022Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3
CWE ID-CWE-269
Improper Privilege Management
CVE-2025-49761
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.69%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 17:09
Updated-27 Aug, 2025 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1607windows_11_23h2windows_10_22h2windows_server_2008windows_server_2019windows_10_1507windows_server_2022windows_server_2022_23h2windows_10_1809windows_10_21h2windows_server_2016windows_server_2025windows_11_24h2windows_11_22h2windows_server_2012Windows 11 Version 23H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012Windows Server 2016 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2025Windows 10 Version 1809Windows Server 2019 (Server Core installation)Windows 11 Version 24H2Windows 10 Version 1507Windows 10 Version 22H2Windows Server 2016Windows Server 2019Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2008 R2 Service Pack 1Windows Server 2022Windows Server 2025 (Server Core installation)Windows 11 version 22H3Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2012 R2Windows 10 Version 1607
CWE ID-CWE-416
Use After Free
CVE-2020-12962
Matching Score-8
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-8
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.81%
||
7 Day CHG~0.00%
Published-15 Nov, 2021 | 19:42
Updated-16 Sep, 2024 | 22:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Escape call interface in the AMD Graphics Driver for Windows may cause privilege escalation.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.Microsoft Corporation
Product-windowsradeon_softwareAMD Radeon Software
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 52
  • 53
  • Next
Details not found