Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-39411

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-14 Nov, 2023 | 19:04
Updated At-30 Aug, 2024 | 16:08
Rejected At-
Credits

Improper input validationation for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:14 Nov, 2023 | 19:04
Updated At:30 Aug, 2024 | 16:08
Rejected At:
▼CVE Numbering Authority (CNA)

Improper input validationation for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.

Affected Products
Vendor
n/a
Product
Intel Unison software
Default Status
unaffected
Versions
Affected
  • See references
Problem Types
TypeCWE IDDescription
N/AN/Adenial of service
CWECWE-20Improper input validationation
Type: N/A
CWE ID: N/A
Description: denial of service
Type: CWE
CWE ID: CWE-20
Description: Improper input validationation
Metrics
VersionBase scoreBase severityVector
3.15.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 5.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html
N/A
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:14 Nov, 2023 | 19:15
Updated At:17 Nov, 2023 | 04:12

Improper input validationation for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.14.4MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Secondary3.15.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Type: Primary
Version: 3.1
Base score: 4.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 5.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
CPE Matches
Intel Corporation
intel
>>unison_software>>Versions before 20.14.5683.0(exclusive)
cpe:2.3:a:intel:unison_software:*:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows>>-
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>unison_software>>Versions before 20.14.4244(exclusive)
cpe:2.3:a:intel:unison_software:*:*:*:*:*:*:*:*
Google LLC
google
>>android>>-
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>unison_software>>Versions before 20.14.2.3053(exclusive)
cpe:2.3:a:intel:unison_software:*:*:*:*:*:*:*:*
Apple Inc.
apple
>>iphone_os>>-
cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE-20Secondarysecure@intel.com
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-20
Type: Secondary
Source: secure@intel.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.htmlsecure@intel.com
Vendor Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html
Source: secure@intel.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

3035Records found
CVE-2023-25772
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-5||MEDIUM
EPSS-0.05% / 17.09%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:40
Updated-24 Jan, 2025 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) Retail Edge Mobile Android application before version 3.0.301126-RELEASE may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-retail_edge_programIntel(R) Retail Edge Mobile Android application
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0165
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.13% / 32.58%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwareIntel(R) CSME
CWE ID-CWE-20
Improper Input Validation
CVE-2023-20560
Matching Score-10
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-10
Assigner-Advanced Micro Devices Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 7.81%
||
7 Day CHG~0.00%
Published-15 Aug, 2023 | 21:08
Updated-08 Oct, 2024 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.Microsoft Corporation
Product-ryzen_master_monitoring_sdkwindows_11ryzen_masterwindows_10Ryzen™ Master
CWE ID-CWE-20
Improper Input Validation
CVE-2022-47353
Matching Score-10
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-10
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.35%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 01:16
Updated-27 Oct, 2024 | 22:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vdsp device, there is a possible system crash due to improper input validation.This could lead to local denial of service with System execution privileges needed

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t820t770t610androids8000t760t618T610/T618/T760/T770/T820/S8000
CWE ID-CWE-20
Improper Input Validation
CVE-2022-38102
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.2||HIGH
EPSS-0.02% / 4.85%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:36
Updated-13 Feb, 2025 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-celeron_n3010atom_x6212receleron_j1750atom_x6211eceleron_n2840atom_x6214repentium_j6426celeron_n2808pentium_j2850celeron_j4025celeron_n2910pentium_j4205celeron_n2930h570pentium_n3510celeron_j6413c256celeron_n3350hm570celeron_n3050celeron_j1850celeron_n6210pentium_n3700w680celeron_n2920atom_x6413eceleron_n3000celeron_n2807pentium_n3520atom_x6425eceleron_n2815pentium_j3710pentium_j2900q570qm580celeron_j3060h510c252q670eceleron_n3160celeron_n6211converged_security_management_engine_firmwareceleron_n2940h670rm590eceleron_n5105pentium_n3530celeron_j3455pentium_n3540z690celeron_n4000celeron_j3455eceleron_n2830pentium_n4200eceleron_n4500atom_x6425receleron_n2820wm690pentium_n6415atom_x6427feceleron_n3450qm580eceleron_n5100h610celeron_n4020celeron_j4105pentium_n3710celeron_j3160celeron_j6412celeron_n3150b560celeron_n2810celeron_n4100celeron_j1800atom_x6200feceleron_n2805atom_x6416receleron_n2806celeron_j1900celeron_n3060z590r680eq670celeron_n4505h610ewm590celeron_j4005b660hm670celeron_j3355pentium_n4200celeron_n4120celeron_n3350ew580celeron_j3355eatom_x6414receleron_j4125hm570eIntel(R) Converged Security and Management Engine
CWE ID-CWE-20
Improper Input Validation
CVE-2020-24505
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.06% / 17.50%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:42
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the firmware for the Intel(R) 700-series of Ethernet Controllers before version 7.3 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_adapter_x710-da2_for_ocp_3.0ethernet_network_adapter_x710-t4ethernet_network_adapter_xl710-qda1ethernet_network_adapter_xxv710-da2tethernet_network_adapter_xl710-qda2_for_open_compute_projectethernet_network_adapter_xl710-bm1ethernet_network_adapter_x710-am2ethernet_network_adapter_x710-t2lethernet_network_adapter_xxv710-da1_for_ocpethernet_network_adapter_x722-da2ethernet_network_adapter_xxv710-am2ethernet_network_adapter_v710-at2ethernet_network_adapter_x710-tm4ethernet_network_adapter_xxv710-dax_for_ocpethernet_network_adapter_x722-da4ethernet_network_adapter_x710-da4_for_ocp_3.0ethernet_network_adapter_x710-da2ethernet_network_adapter_x710-da2_for_ocpethernet_network_adapter_x710-da4ethernet_network_adapter_x710-bm2ethernet_network_adapter_xl710-am1ethernet_network_adapter_xxv710-da1ethernet_network_adapter_x710-t2l_for_ocp_3.0ethernet_network_adapter_xl710-am2ethernet_network_adapter_xl710-qda1_for_open_compute_projectethernet_network_adapter_xxv710-da2ethernet_network_adapter_x710-t4lethernet_network_adapter_700_firmwareethernet_network_adapter_x710-at2ethernet_network_adapter_xlk710-qda2ethernet_network_adapter_xxv710-am1ethernet_network_adapter_xl710-bm2ethernet_network_adapter_x710-t4l_for_ocp_3.0Intel(R) 700-series of Ethernet Controllers
CWE ID-CWE-20
Improper Input Validation
CVE-2024-31153
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.08% / 23.35%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 21:18
Updated-03 Dec, 2025 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QuickAssist Technology software
CWE ID-CWE-20
Improper Input Validation
CVE-2022-24925
Matching Score-10
Assigner-Samsung Mobile
ShareView Details
Matching Score-10
Assigner-Samsung Mobile
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 15.44%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 17:40
Updated-03 Aug, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation vulnerability in SettingsProvider prior to Android S(12) allows privileged attackers to trigger a permanent denial of service attack on a victim's devices.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0199
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 15.47%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:17
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the firmware for the Intel(R) Ethernet Network Controller E810 before version 1.6.0.6 may allow a privileged user to potentially enable a denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_controller_e810-cam1_firmwareethernet_network_controller_e810-cam1ethernet_network_controller_e810-cam2_firmwareethernet_network_controller_e810-xxvam2ethernet_network_controller_e810-cam2ethernet_network_controller_e810-xxvam2_firmwareIntel(R) Ethernet Network Controller E810
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0176
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.06% / 17.50%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset_ac_3165amt_wi-fi_6_ax201proset_ac_9462amt_ac_9560_firmwareproset_ac_8265killer_wi-fi_6_ax1650amt_wi-fi_6_ax201_firmwareproset_ac_3165_firmwareamt_ac_8265_firmwareproset_ac_8260proset_ac_9461_firmwareproset_wi-fi_6_ax201_firmwareproset_wi-fi_6e_ax210proset_wireless_7265_\(rev_d\)_firmwareamt_wi-fi_6_ax210_firmwareproset_wi-fi_6_ax200_firmwarekiller_wi-fi_6_ax1650_firmwareproset_wi-fi_6_ax200proset_ac_9461proset_ac_8260_firmwareamt_wi-fi_6_ax200amt_wi-fi_6_ax210amt_ac_8260_firmwareamt_ac_8260killer_ac_1550_firmwareamt_ac_9260_firmwareproset_ac_8265_firmwareproset_wireless_7265_\(rev_d\)proset_ac_9462_firmwareproset_wi-fi_6_ax201killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwareproset_ac_9260killer_wi-fi_6e_ax1675proset_ac_9560amt_wi-fi_6_ax200_firmwareamt_ac_9260proset_ac_9260_firmwareamt_ac_8265amt_ac_9560proset_ac_9560_firmwarekiller_ac_1550proset_ac_3168proset_ac_3168_firmwareIntel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0350
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-10
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 4.43%
||
7 Day CHG~0.00%
Published-04 Feb, 2021 | 17:10
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ged, there is a possible system crash due to an improper input validation. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID: ALPS05342338.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0083
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 15.47%
||
7 Day CHG~0.00%
Published-11 Aug, 2021 | 12:47
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) Optane(TM) PMem versions before versions 1.2.0.5446 or 2.2.0.1547 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_gold_6246rxeon_platinum_8276lxeon_platinum_8358xeon_w-2223xeon_platinum_9222xeon_gold_5315yxeon_w-11865mrexeon_w-3245mxeon_gold_5217xeon_gold_6230txeon_platinum_8362xeon_gold_6230nxeon_w-3225xeon_platinum_8354hxeon_w-3265xeon_gold_5218nxeon_w-3245xeon_gold_6338xeon_w-1370xeon_w-2125xeon_silver_4309yxeon_platinum_8352yxeon_platinum_8368xeon_gold_5220xeon_gold_6246xeon_w-2295xeon_silver_4214rxeon_gold_6326xeon_gold_6254xeon_silver_4310txeon_gold_6240yxeon_gold_6234optane_persistent_memory_firmwarexeon_platinum_8380xeon_gold_6238rxeon_silver_4316xeon_platinum_8351nxeon_w-1250xeon_w-1250texeon_w-2255xeon_gold_6208uxeon_w-11555mlexeon_platinum_8268xeon_gold_5215xeon_platinum_8352vxeon_gold_6336yxeon_w-1290exeon_gold_6262vxeon_gold_5222xeon_w-3275xeon_w-1390txeon_gold_5218xeon_w-1270xeon_silver_4209txeon_w-1270exeon_platinum_8380hxeon_gold_5215lxeon_platinum_8360hlxeon_silver_4215rxeon_gold_6252nxeon_platinum_9221xeon_w-2245xeon_platinum_8376hxeon_gold_6244xeon_gold_6330xeon_silver_4210txeon_gold_6248xeon_gold_6212uxeon_w-1270texeon_w-1370pxeon_gold_6314uxeon_platinum_8280xeon_gold_6248rxeon_w-11155mrexeon_w-3335xeon_gold_6354xeon_gold_6258rxeon_w-1290txeon_gold_6240xeon_gold_6238lxeon_platinum_8352mxeon_gold_6240lxeon_gold_6250xeon_platinum_8353hxeon_w-11865mlexeon_platinum_8256xeon_gold_6348hxeon_w-2155xeon_w-11855mxeon_gold_6330hxeon_w-1290pxeon_w-3265mxeon_w-2135xeon_gold_6222vxeon_gold_5318hxeon_w-11155mlexeon_platinum_8376hlxeon_gold_6242xeon_w-2265xeon_gold_5320hxeon_w-2145xeon_gold_5320xeon_platinum_8360yxeon_platinum_8274xeon_w-10855mxeon_platinum_8260yxeon_platinum_8270xeon_gold_6242rxeon_gold_6338txeon_gold_6346xeon_gold_5218txeon_silver_4215xeon_w-2235xeon_w-11555mrexeon_gold_5220rxeon_w-11955mxeon_gold_5318sxeon_gold_6338nxeon_silver_4214xeon_platinum_8276xeon_platinum_8360hxeon_w-1390pxeon_gold_6238txeon_w-1270pxeon_silver_4210rxeon_gold_6250lxeon_silver_4214yxeon_gold_6210uxeon_gold_6348xeon_gold_6330nxeon_gold_5218bxeon_w-1350xeon_platinum_8380hlxeon_gold_5318nxeon_platinum_8358pxeon_w-1250exeon_w-1290xeon_w-3345xeon_w-3375xeon_platinum_8368qxeon_silver_4216xeon_gold_6230xeon_platinum_8253xeon_gold_6240rxeon_w-10885mxeon_w-2195xeon_silver_4310xeon_w-1390xeon_w-3365xeon_gold_5317xeon_gold_6334xeon_w-2275xeon_w-1290texeon_platinum_8356hxeon_gold_6209uxeon_w-3223xeon_gold_6226xeon_gold_6256xeon_w-1350pxeon_gold_6342xeon_w-3323xeon_gold_6230rxeon_w-3175xxeon_gold_6238xeon_gold_6252xeon_w-1250pxeon_w-3235xeon_gold_5320txeon_silver_4208xeon_platinum_8260xeon_platinum_8352sxeon_gold_5318yxeon_gold_5218rxeon_bronze_3206rxeon_gold_6226rxeon_w-2225xeon_gold_6312uxeon_gold_6328hxeon_w-2123xeon_gold_5220sxeon_w-2133xeon_w-3275mxeon_platinum_9242xeon_platinum_9282xeon_platinum_8260lxeon_platinum_8280lxeon_bronze_3204xeon_gold_6328hlxeon_silver_4314xeon_w-2175xeon_gold_5220txeon_silver_4210Intel(R) Optane(TM) PMem versions
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0051
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 15.47%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:02
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) SPS versions before SPS_E5_04.04.04.023.0, SPS_E5_04.04.03.228.0 or SPS_SoC-A_05.00.03.098.0 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-c629c624ac621c627atom_p5931bserver_platform_servicesatom_p5962bc626c624atom_p5942bc627ac629ac622c625atom_p5921bc628Intel(R) SPS versions
CWE ID-CWE-20
Improper Input Validation
CVE-2020-24496
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.06% / 17.50%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:42
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the firmware for Intel(R) 722 Ethernet Controllers before version 1.4.3 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_adapter_x722-da2_firmwareethernet_network_adapter_x722-da4_firmwareethernet_network_adapter_x722-da2ethernet_network_adapter_x722-da4Intel(R) 722 Ethernet Controllers
CWE ID-CWE-20
Improper Input Validation
CVE-2024-22390
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.07% / 20.71%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) FPGA products before version 2.9.1 may allow denial of service.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) FPGA productsagilex_7_fpga_f-series_023_firmwareagilex_7_fpga_f-series_006_firmwareagilex_7_fpga_f-series_008_firmwareagilex_7_fpga_f-series_019_firmwareagilex_7_fpga_i-series_023_firmwareagilex_7_fpga_i-series_022_firmwareagilex_7_fpga_i-series_019_firmwareagilex_7_fpga_i-series_035_firmwareagilex_7_fpga_i-series_040_firmwareagilex_7_fpga_f-series_022_firmwareagilex_7_fpga_i-series_041_firmwareagilex_7_fpga_f-series_012_firmwareagilex_7_fpga_f-series_027_firmwareagilex_7_fpga_i-series_027_firmwareagilex_7_fpga_f-series_014_firmwareagilex_7_fpga_m-series_039_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2025-59198
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-5||MEDIUM
EPSS-0.07% / 22.54%
||
7 Day CHG+0.01%
Published-14 Oct, 2025 | 17:01
Updated-22 Feb, 2026 | 17:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Search Service Denial of Service Vulnerability

Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_10_21h2windows_11_24h2windows_server_2022windows_server_2022_23h2windows_server_2025windows_10_1507windows_11_22h2windows_server_2008windows_11_23h2windows_10_1607windows_10_22h2windows_10_1809windows_server_2019windows_11_25h2windows_server_2016Windows Server 2025Windows Server 2008 R2 Service Pack 1Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 Service Pack 2Windows 11 Version 25H2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-20
Improper Input Validation
CVE-2023-38719
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.02% / 3.68%
||
7 Day CHG~0.00%
Published-16 Oct, 2023 | 23:05
Updated-13 Feb, 2025 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Db2 denial of service

IBM Db2 11.5 could allow a local user with special privileges to cause a denial of service during database deactivation on DPF. IBM X-Force ID: 261607.

Action-Not Available
Vendor-opengroupLinux Kernel Organization, IncMicrosoft CorporationIBM Corporation
Product-windowsunixdb2linux_kernelDb2 for Linux, UNIX and Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2023-38468
Matching Score-8
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-8
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.98%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 01:16
Updated-30 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t310t820t616androidt610t770t612t606s8000sc9832et760sc7731esc9863at618SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-38467
Matching Score-8
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-8
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.78%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 01:16
Updated-01 Oct, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t310t820t616androidt610t770t612t606s8000sc9832et760sc7731esc9863at618SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-36490
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5||MEDIUM
EPSS-0.03% / 9.81%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-25 Oct, 2024 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper initialization in some Intel(R) MAS software before version 2.3 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-memory_and_storage_toolIntel(R) MAS software
CWE ID-CWE-665
Improper Initialization
CVE-2023-33903
Matching Score-8
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-8
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 7.46%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 08:32
Updated-04 Dec, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In FM service, there is a possible missing params check. This could lead to local denial of service with System execution privileges needed.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t310t820t616androidt610t770t612t606s8001sc9832et760sc7731esc9863at618SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8001
CVE-2023-33897
Matching Score-8
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-8
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.93%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 08:32
Updated-06 Jan, 2025 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In libimpl-ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t310t820t616androidt610t770t612t606s8006sc9832et760sc7731esc9863at618SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8006
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33896
Matching Score-8
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-8
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 2.50%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 08:32
Updated-08 Nov, 2024 | 16:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In libimpl-ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t310t820t616androids8005t610t612t606t770sc9832et760sc7731esc9863at618SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8005
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33905
Matching Score-8
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-8
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 2.50%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 08:32
Updated-27 Nov, 2024 | 15:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In iwnpi server, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t310t820t616androidt610t770t612t606s8000sc9832et760sc7731esc9863at618SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-33128
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.14% / 33.88%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:35
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the firmware for some Intel(R) E810 Ethernet Controllers before version 1.6.0.6 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_e810ethernet_controller_e810_firmwareIntel(R) E810 Ethernet Controllers
CVE-2023-26585
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5||MEDIUM
EPSS-0.06% / 18.62%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:37
Updated-10 Oct, 2024 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-thunderbolt_dch_driverIntel(R) Thunderbolt(TM) DCH drivers for Windows
CWE ID-CWE-284
Improper Access Control
CVE-2019-14556
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 15.47%
||
7 Day CHG~0.00%
Published-05 Oct, 2020 | 13:49
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper initialization in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-core_i7_9700kfcore_i7_9700core_i5_9600celeron_5205ucore_i5_9400tcore_i5_9400fcore_i3_8350kcore_i5_8400tcore_i3_9100fcore_i3_8300core_i3_9300tcore_i5_9600tcore_i9_9900kcore_i3_9100tcore_i7_9700fceleron_5305ucore_i3_9300core_i5_8600tcore_i5_9600kcore_i7_8086kcore_i5_8500core_i7_1060g7core_i7_8700kcore_i5_8500tcore_i9_9900kfcore_i9_9900tcore_i5_8600core_i5_9500fcore_i3_9320core_i7_8700tcore_i5_8400core_i5_9400celeron_4305uecore_i3_8100tcore_i7_1068ng7core_i9_9900celeron_4305ucore_i7_1060ng7core_i3_8300tcore_i9_9900kscore_i7_9700kcore_i3_9350kfcore_i5_9500celeron_4205ucore_i5_8600kcore_i5_9500tcore_i5_9600kfcore_i7_8700core_i3_9100core_i7_9700tcore_i3_8100core_i7_1065g7bioscore_i3_9350kcore_i3_8100fIntel BIOS
CWE ID-CWE-665
Improper Initialization
CVE-2023-25179
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5||MEDIUM
EPSS-0.05% / 17.09%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled resource consumption in the Intel(R) Unite(R) android application before Release 17 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-uniteIntel(R) Unite(R) android application
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-24587
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.04% / 12.85%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-11 Oct, 2024 | 18:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient control flow management in firmware for some Intel(R) Optane(TM) SSD products may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-optane_memory_h20_with_solid_state_storageoptane_ssd_dc_p4800x_firmwareoptane_ssd_dc_p4801x_firmwareoptane_ssd_905poptane_ssd_900poptane_ssd_dc_p4801xoptane_memory_h20_with_solid_state_storage_firmwareoptane_ssd_dc_p4800xoptane_ssd_905p_firmwareoptane_ssd_900p_firmwareIntel(R) Optane(TM) SSD products
CWE ID-CWE-691
Insufficient Control Flow Management
CVE-2019-11109
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.10% / 27.13%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:09
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aF5, Inc.Intel Corporation
Product-big-ip_i7800big-ip_10250vbig-ip_i7600big-ip_i10600_firmwarebig-ip_i15800_firmwarebig-ip_i7800_firmwarebig-ip_b4340n_firmwarebig-ip_12250vbig-ip_10150v-n_firmwarebig-ip_application_acceleration_managerbig-ip_fraud_protection_servicebig-ip_10350v-n_firmwarebig-ip_policy_enforcement_managerserver_platform_services_firmwarebig-ip_local_traffic_managerbig-ip_i5800big-ip_application_security_managerbig-ip_i11800big-ip_b4300viprion_2200_firmwarebig-ip_b2250_firmwarebig-ip_i5600_firmwarebig-ip_b4300_firmwarebig-ip_10050s_firmwarebig-ip_access_policy_managerbig-ip_i11600big-ip_i15800big-ip_10350v-nbig-ip_i5800_firmwarebig-ip_10000s_firmwarebig-ip_i5600big-ip_b4340nbig-ip_i15600_firmwarebig-ip_global_traffic_managerbig-ip_b4450nbig-ip_12250v_firmwarebig-ip_analyticsbig-ip_10250v_firmwarebig-ip_10050sbig-ip_i10800big-ip_domain_name_systembig-ip_b4450n_firmwarebig-ip_i10800_firmwarebig-ip_10200v-s_firmwareviprion_2200big-ip_i15600big-ip_link_controllerbig-ip_i10600big-ip_b2250big-ip_i11800_firmwarebig-ip_i7600_firmwarebig-ip_10150v-nbig-ip_10000sbig-ip_i11600_firmwarebig-ip_10200v-sbig-ip_advanced_firewall_managerIntel(R) SPS
CVE-2023-21722
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5||MEDIUM
EPSS-0.54% / 67.90%
||
7 Day CHG~0.00%
Published-14 Feb, 2023 | 19:33
Updated-01 Jan, 2025 | 00:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
.NET Framework Denial of Service Vulnerability

.NET Framework Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_10_1803windows_server_2012windows_server_2008windows_11_22h2windows_10_1507windows_11_21h2.net_frameworkwindows_10_21h1windows_10_21h2windows_10_1511windows_10_1809windows_10_1709windows_10_2004windows_10_1903windows_10_1909windows_10_22h2windows_10_20h2windows_server_2022windows_10_1703windows_server_2019windows_10_1607Microsoft .NET Framework 3.5 AND 4.8Microsoft .NET Framework 4.8Microsoft .NET Framework 3.5 AND 4.8.1Microsoft .NET Framework 3.5Microsoft .NET Framework 3.5.1Microsoft .NET Framework 4.6.2Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 and 4.6.2Microsoft .NET Framework 3.5 AND 4.7.2
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-21176
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 11.12%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-05 Dec, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In list_key_entries of utils.rs, there is a possible way to disable user credentials due to resource exhaustion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222287335

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-1985
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 14.70%
||
7 Day CHG~0.00%
Published-24 Aug, 2020 | 15:30
Updated-16 Sep, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Trusteer Rapport/Apex 3.6.1908.22 contains an unused legacy driver which could allow a user with administrator privileges to cause a buffer overflow that would result in a kernel panic. IBM X-Force ID: 154207.

Action-Not Available
Vendor-IBM CorporationApple Inc.
Product-macossecurity_rapportSecurity Trusteer RapportSecurity Rapport for MacOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-20759
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 2.57%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 21:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cmdq, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07636133; Issue ID: ALPS07634601.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt6771mt6833mt6885mt6877mt6781mt6853mt6883mt6853tandroidmt6739mt8789mt8797mt6889mt6768mt6785mt8786MT6739, MT6768, MT6771, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8786, MT8789, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21090
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5||MEDIUM
EPSS-0.01% / 3.31%
||
7 Day CHG-0.03%
Published-19 Apr, 2023 | 00:00
Updated-05 Feb, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In parseUsesPermission of ParsingPackageUtils.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-259942609

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-20793
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.93%
||
7 Day CHG~0.00%
Published-07 Aug, 2023 | 03:21
Updated-17 Oct, 2024 | 14:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apu, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767818; Issue ID: ALPS07767818.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6853tmt6893mt6891mt8188androidmt6885mt6875mt6889mt6877mt8183mt8195mt6853mt6883MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8183, MT8188, MT8195
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20823
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 3.88%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 02:27
Updated-10 Oct, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cmdq, there is a possible out of bounds read due to an incorrect status check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08021592; Issue ID: ALPS08021592.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt8765mt6833mt6885mt8788mt6877mt6781mt6853mt6883mt6853tmt8768mt8789mt8781androidmt8797mt6889mt6768mt6785mt8786mt8766MT6768, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20747
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 2.75%
||
7 Day CHG-0.01%
Published-06 Jun, 2023 | 12:11
Updated-07 Jan, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vcu, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519121.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt6855mt6873mt6893mt5838mt5696mt5836mt9649mt6891mt6883mt9000mt9653mt9015mt9618mt6853tmt9023mt6835mt8789mt6769mt6875mt8797mt6889mt9687mt6768mt9952mt8781mt8786mt6833mt6885yoctomt9902mt6877mt6781mt8365mt8195mt6853mt9932iot-yoctomt6789androidmt9972mt9679mt9689mt8185mt8791mt6779mt6785mt9982mt9025MT5696, MT5836, MT5838, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8185, MT8195, MT8365, MT8781, MT8786, MT8789, MT8791, MT8797, MT9000, MT9015, MT9023, MT9025, MT9618, MT9649, MT9653, MT9679, MT9687, MT9689, MT9902, MT9932, MT9952, MT9972, MT9982
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2023-20758
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 2.57%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 21:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cmdq, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07636133; Issue ID: ALPS07636130.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt6771mt6833mt6885mt6877mt6781mt6853mt6883mt6853tandroidmt6739mt8789mt8797mt6889mt6768mt6785mt8786MT6739, MT6768, MT6771, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8786, MT8789, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20781
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.93%
||
7 Day CHG~0.00%
Published-07 Aug, 2023 | 03:21
Updated-17 Oct, 2024 | 14:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In keyinstall, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS07905323.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6757cdmt6879mt6873mt6893mt8675mt8765mt6580mt6886mt8788mt8791tmt6983mt8666mt6765mt6757cmt6891mt6737mt6883mt6853tmt6835mt6739mt6757mt8768mt8789mt6769mt6761mt6875mt6889mt8797mt8321mt6768mt8781mt8766mt8786mt6985mt6771mt8385mt6833mt6885mt8673mt6735mt6753mt6762mt6877mt6781mt6853mt6895mt6789androidmt6757chmt8185mt8791mt6779mt6785mt6731mt6763MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20796
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.93%
||
7 Day CHG~0.00%
Published-07 Aug, 2023 | 03:21
Updated-17 Oct, 2024 | 14:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929790; Issue ID: ALPS07929790.

Action-Not Available
Vendor-rdkcentralMediaTek Inc.Google LLCOpenWrtThe Linux Foundation
Product-mt6855mt6990mt6985mt6873mt6893mt8786mt2735mt6890mt6879mt6833mt6886mt6983yoctomt6877mt6853mt6980mt6895mt8168mt6789openwrtmt6835mt6880mt8768androidmt8321mt2737mt8781rdk-bMT2735, MT2737, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6880, MT6886, MT6890, MT6893, MT6895, MT6980, MT6983, MT6985, MT6990, MT8168, MT8321, MT8768, MT8781, MT8786
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-9843
Matching Score-8
Assigner-Ivanti
ShareView Details
Matching Score-8
Assigner-Ivanti
CVSS Score-5||MEDIUM
EPSS-0.15% / 35.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 16:13
Updated-17 Jan, 2025 | 20:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service.

Action-Not Available
Vendor-Ivanti SoftwareApple Inc.
Product-macossecure_access_clientSecure Access Clientsecure_access_client
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-8690
Matching Score-8
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-8
Assigner-Palo Alto Networks, Inc.
CVSS Score-5.6||MEDIUM
EPSS-0.07% / 21.55%
||
7 Day CHG~0.00%
Published-11 Sep, 2024 | 16:42
Updated-15 Oct, 2024 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cortex XDR Agent: Local Windows Administrator Can Disable the Agent

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity.

Action-Not Available
Vendor-Palo Alto Networks, Inc.Microsoft Corporation
Product-cortex_xdr_agentwindowsCortex XDR Agent
CWE ID-CWE-440
Expected Behavior Violation
CVE-2021-26430
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6||MEDIUM
EPSS-0.18% / 39.78%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 18:11
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Sphere Denial of Service Vulnerability

Azure Sphere Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_sphereAzure Sphere
CVE-2020-24494
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.06% / 17.50%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:41
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient access control in the firmware for the Intel(R) 722 Ethernet Controllers before version 1.4.3 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_adapter_x722-da2_firmwareethernet_network_adapter_x722-da4_firmwareethernet_network_adapter_x722-da2ethernet_network_adapter_x722-da4Intel(R) 722 Ethernet Controllers
CVE-2020-24497
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.06% / 17.50%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:42
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient Access Control in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_adapter_e810-cqda1_for_ocp_3.0ethernet_network_adapter_e810-cqda1_for_ocpethernet_network_adapter_e810-cqda2ethernet_network_adapter_e810-xxvda2ethernet_network_adapter_e810-xxvda2_for_ocpethernet_network_adapter_e810-xxvda4ethernet_network_adapter_e810-cqda1ethernet_network_adapter_e810-xxvda2_for_ocp_3.0ethernet_network_adapter_e810_firmwareethernet_network_adapter_e810-cqda2_for_ocp_3.0Intel(R) E810 Ethernet Controllers
CVE-2021-25474
Matching Score-8
Assigner-Samsung Mobile
ShareView Details
Matching Score-8
Assigner-Samsung Mobile
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 15.57%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:08
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_show_on_qspanel value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2021-25473
Matching Score-8
Assigner-Samsung Mobile
ShareView Details
Matching Score-8
Assigner-Samsung Mobile
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 15.57%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:08
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_hide_by_meadia_full value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2021-25491
Matching Score-8
Assigner-Samsung Mobile
ShareView Details
Matching Score-8
Assigner-Samsung Mobile
CVSS Score-2.3||LOW
EPSS-0.02% / 4.36%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:10
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference.

Action-Not Available
Vendor-Google LLCSamsungSamsung Electronics
Product-androidexynosSamsung Mobile Devices
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-20449
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 3.41%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of system files due to a path traversal error. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239701237

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 60
  • 61
  • Next
Details not found