Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-51384

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-18 Dec, 2023 | 00:00
Updated At-28 May, 2026 | 18:51
Rejected At-
Credits

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
ā–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:18 Dec, 2023 | 00:00
Updated At:28 May, 2026 | 18:51
Rejected At:
ā–¼CVE Numbering Authority (CNA)

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.openssh.com/txt/release-9.6
N/A
https://www.openwall.com/lists/oss-security/2023/12/18/2
N/A
https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b
N/A
https://www.debian.org/security/2023/dsa-5586
vendor-advisory
https://security.netapp.com/advisory/ntap-20240105-0005/
N/A
https://support.apple.com/kb/HT214084
N/A
http://seclists.org/fulldisclosure/2024/Mar/21
mailing-list
Hyperlink: https://www.openssh.com/txt/release-9.6
Resource: N/A
Hyperlink: https://www.openwall.com/lists/oss-security/2023/12/18/2
Resource: N/A
Hyperlink: https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b
Resource: N/A
Hyperlink: https://www.debian.org/security/2023/dsa-5586
Resource:
vendor-advisory
Hyperlink: https://security.netapp.com/advisory/ntap-20240105-0005/
Resource: N/A
Hyperlink: https://support.apple.com/kb/HT214084
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2024/Mar/21
Resource:
mailing-list
ā–¼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.openssh.com/txt/release-9.6
x_transferred
https://www.openwall.com/lists/oss-security/2023/12/18/2
x_transferred
https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b
x_transferred
https://www.debian.org/security/2023/dsa-5586
vendor-advisory
x_transferred
https://security.netapp.com/advisory/ntap-20240105-0005/
x_transferred
https://support.apple.com/kb/HT214084
x_transferred
http://seclists.org/fulldisclosure/2024/Mar/21
mailing-list
x_transferred
Hyperlink: https://www.openssh.com/txt/release-9.6
Resource:
x_transferred
Hyperlink: https://www.openwall.com/lists/oss-security/2023/12/18/2
Resource:
x_transferred
Hyperlink: https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b
Resource:
x_transferred
Hyperlink: https://www.debian.org/security/2023/dsa-5586
Resource:
vendor-advisory
x_transferred
Hyperlink: https://security.netapp.com/advisory/ntap-20240105-0005/
Resource:
x_transferred
Hyperlink: https://support.apple.com/kb/HT214084
Resource:
x_transferred
Hyperlink: http://seclists.org/fulldisclosure/2024/Mar/21
Resource:
mailing-list
x_transferred
2.
Affected Products
Vendor
Siemens AGSiemens
Product
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP
Default Status
unknown
Versions
Affected
  • From V3.1.5 before * (custom)
Vendor
Siemens AGSiemens
Product
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP
Default Status
unknown
Versions
Affected
  • From V3.1.5 before * (custom)
Vendor
Siemens AGSiemens
Product
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP
Default Status
unknown
Versions
Affected
  • From V3.1.5 before * (custom)
Vendor
Siemens AGSiemens
Product
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP
Default Status
unknown
Versions
Affected
  • From V3.1.5 before * (custom)
Vendor
Siemens AGSiemens
Product
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP
Default Status
unknown
Versions
Affected
  • From V3.1.5 before * (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://cert-portal.siemens.com/productcert/html/ssa-794697.html
N/A
https://cert-portal.siemens.com/productcert/html/ssa-769027.html
N/A
https://cert-portal.siemens.com/productcert/html/ssa-082556.html
N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-794697.html
Resource: N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-769027.html
Resource: N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-082556.html
Resource: N/A
3. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-284CWE-284 Improper Access Control
Type: CWE
CWE ID: CWE-284
Description: CWE-284 Improper Access Control
Metrics
VersionBase scoreBase severityVector
3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
ā–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:18 Dec, 2023 | 19:15
Updated At:28 May, 2026 | 20:16

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Secondary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Primary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CPE Matches

OpenBSD
openbsd
>>openssh>>Versions from 8.9(inclusive) to 9.6(exclusive)
cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>11.0
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>12.0
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE-284Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-284
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://seclists.org/fulldisclosure/2024/Mar/21cve@mitre.org
Mailing List
Third Party Advisory
https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754bcve@mitre.org
Patch
Third Party Advisory
https://security.netapp.com/advisory/ntap-20240105-0005/cve@mitre.org
Third Party Advisory
https://support.apple.com/kb/HT214084cve@mitre.org
Third Party Advisory
https://www.debian.org/security/2023/dsa-5586cve@mitre.org
Third Party Advisory
https://www.openssh.com/txt/release-9.6cve@mitre.org
Release Notes
https://www.openwall.com/lists/oss-security/2023/12/18/2cve@mitre.org
Mailing List
Release Notes
http://seclists.org/fulldisclosure/2024/Mar/21af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754baf854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
https://security.netapp.com/advisory/ntap-20240105-0005/af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://support.apple.com/kb/HT214084af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.debian.org/security/2023/dsa-5586af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.openssh.com/txt/release-9.6af854a3a-2127-422b-91ae-364da2661108
Release Notes
https://www.openwall.com/lists/oss-security/2023/12/18/2af854a3a-2127-422b-91ae-364da2661108
Mailing List
Release Notes
https://cert-portal.siemens.com/productcert/html/ssa-082556.html0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
N/A
https://cert-portal.siemens.com/productcert/html/ssa-769027.html0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
N/A
https://cert-portal.siemens.com/productcert/html/ssa-794697.html0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
N/A
Hyperlink: http://seclists.org/fulldisclosure/2024/Mar/21
Source: cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
Hyperlink: https://security.netapp.com/advisory/ntap-20240105-0005/
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://support.apple.com/kb/HT214084
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://www.debian.org/security/2023/dsa-5586
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://www.openssh.com/txt/release-9.6
Source: cve@mitre.org
Resource:
Release Notes
Hyperlink: https://www.openwall.com/lists/oss-security/2023/12/18/2
Source: cve@mitre.org
Resource:
Mailing List
Release Notes
Hyperlink: http://seclists.org/fulldisclosure/2024/Mar/21
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
Hyperlink: https://security.netapp.com/advisory/ntap-20240105-0005/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://support.apple.com/kb/HT214084
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://www.debian.org/security/2023/dsa-5586
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://www.openssh.com/txt/release-9.6
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Release Notes
Hyperlink: https://www.openwall.com/lists/oss-security/2023/12/18/2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Release Notes
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-082556.html
Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
Resource: N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-769027.html
Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
Resource: N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-794697.html
Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

266Records found

CVE-2025-25267
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.15% / 4.67%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 09:48
Updated-23 Sep, 2025 | 15:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected application does not properly restrict the scope of files accessible to the simulation model. This could allow an unauthorized attacker to compromise the confidentiality of the system.

Action-Not Available
Vendor-Siemens AG
Product-tecnomatix_plant_simulationTecnomatix Plant Simulation V2404Tecnomatix Plant Simulation V2302
CWE ID-CWE-552
Files or Directories Accessible to External Parties
CVE-2014-0083
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.27% / 19.33%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 13:57
Updated-06 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords.

Action-Not Available
Vendor-net-ldap_projectruby-net-ldapDebian GNU/Linux
Product-net-ldapdebian_linuxruby-net-ldap
CWE ID-CWE-916
Use of Password Hash With Insufficient Computational Effort
CVE-2022-40768
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.28% / 19.82%
||
7 Day CHG+0.01%
Published-18 Sep, 2022 | 00:00
Updated-03 Aug, 2024 | 12:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncFedora ProjectDebian GNU/Linux
Product-debian_linuxlinux_kernelfedoran/a
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2012-5644
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.41% / 32.66%
||
7 Day CHG~0.00%
Published-25 Nov, 2019 | 14:28
Updated-23 Jan, 2026 | 22:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libuser has information disclosure when moving user's home directory

Action-Not Available
Vendor-libuser_projectlibuserFedora ProjectRed Hat, Inc.Debian GNU/Linux
Product-libuserenterprise_linuxdebian_linuxfedoralibuser
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2012-5474
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.34% / 25.71%
||
7 Day CHG~0.00%
Published-30 Dec, 2019 | 19:36
Updated-06 Aug, 2024 | 21:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value.

Action-Not Available
Vendor-python-django-horizonDebian GNU/LinuxOpenStackFedora ProjectRed Hat, Inc.
Product-horizondebian_linuxopenstackfedorapython-django-horizon
CWE ID-CWE-311
Missing Encryption of Sensitive Data
CVE-2020-11740
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.43% / 34.86%
||
7 Day CHG~0.00%
Published-14 Apr, 2020 | 12:18
Updated-04 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. These buffers were not scrubbed.

Action-Not Available
Vendor-n/aFedora ProjectDebian GNU/LinuxopenSUSEXen Project
Product-xendebian_linuxfedoraleapn/a
CWE ID-CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
CVE-2012-1105
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.46% / 36.93%
||
7 Day CHG~0.00%
Published-05 Dec, 2019 | 18:26
Updated-06 Aug, 2024 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner.

Action-Not Available
Vendor-apereoJasig ProjectDebian GNU/LinuxFedora Project
Product-phpcasdebian_linuxfedoraphp-pear-CAS
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2012-1096
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.71% / 49.03%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 16:36
Updated-06 Aug, 2024 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection.

Action-Not Available
Vendor-The GNOME ProjectDebian GNU/Linux
Product-networkmanagerdebian_linuxNetworkManager
CWE ID-CWE-295
Improper Certificate Validation
CVE-2012-0844
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.42% / 34.00%
||
7 Day CHG~0.00%
Published-21 Feb, 2020 | 17:42
Updated-06 Aug, 2024 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar.

Action-Not Available
Vendor-netsurf-browsernetsurfDebian GNU/Linux
Product-netsurfdebian_linuxnetsurf
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2020-10048
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.34% / 25.55%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 15:38
Updated-04 Aug, 2024 | 10:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions < V7.5 SP2). Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing authentication.

Action-Not Available
Vendor-Siemens AG
Product-simatic_winccsimatic_pcs_7SIMATIC PCS 7SIMATIC WinCC
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE ID-CWE-287
Improper Authentication
CVE-2012-0843
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.43% / 34.47%
||
7 Day CHG~0.00%
Published-19 Nov, 2019 | 15:56
Updated-06 Aug, 2024 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

uzbl: Information disclosure via world-readable cookies storage file

Action-Not Available
Vendor-uzbluzblDebian GNU/Linux
Product-uzbldebian_linuxuzbl
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2011-4327
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.42% / 33.45%
||
7 Day CHG~0.00%
Published-03 Feb, 2014 | 02:00
Updated-29 May, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

Action-Not Available
Vendor-n/aOpenBSD
Product-opensshn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2022-2905
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.34% / 25.75%
||
7 Day CHG~0.00%
Published-09 Sep, 2022 | 00:00
Updated-03 Aug, 2024 | 00:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxRed Hat, Inc.
Product-debian_linuxlinux_kernelenterprise_linuxkernel
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-26373
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.35% / 26.98%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 00:00
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel CorporationDebian GNU/Linux
Product-core_i3-10100xeon_gold_6300_firmwarecore_i9-7900xxeon_d-1548xeon_d-2733nt_firmwarecore_i7-10510yceleron_g5900t_firmwarecore_i7-7820x_firmwarexeon_platinum_8260yxeon_d-1633ncore_i9-9800x_firmwarexeon_d-1653nxeon_d-2173it_firmwarexeon_d-2145nt_firmwarexeon_w-1270p_firmwarecore_i7-10710u_firmwarecore_i9-11900_firmwarecore_i9-10900_firmwarexeon_gold_5300core_i9-9960xcore_i5-1155g7_firmwarexeon_gold_5218txeon_e-2374gxeon_platinum_8353hxeon_d-1749nt_firmwarecore_i5-1235ucore_i7-9700k_firmwarecore_i5-11260hxeon_d-1557_firmwarexeon_platinum_8280_firmwarexeon_e-2374g_firmwarexeon_gold_5218nxeon_d-2163it_firmwarexeon_silver_4209t_firmwarepentium_gold_g6405u_firmwarexeon_w-2295_firmwarexeon_d-1531core_i7-10875h_firmwarepentium_gold_g6605xeon_silver_4214cxeon_d-1533n_firmwarecore_i9-9900kf_firmwarexeon_silver_4214yxeon_e-2278gexeon_w-10855mxeon_d-2177ntpentium_gold_g6505celeron_g5925xeon_w-3275_firmwarecore_i9-11900kfxeon_d-2786nte_firmwarexeon_platinum_8270_firmwarexeon_gold_6230tcore_i5-10600t_firmwarexeon_silver_4210rxeon_w-1270core_i3-l13g4pentium_gold_g6400core_i5-10300h_firmwarexeon_d-2775te_firmwarexeon_w-3235xeon_d-1573n_firmwarexeon_d-1571_firmwarecore_i9-10900tcore_i7-11700k_firmwarecore_i5-8200ycore_i5-10500t_firmwarecore_i9-10900kcore_i5-10600_firmwarexeon_gold_5220rcore_i7-10700tecore_i7-12700kfxeon_gold_6226r_firmwarexeon_w-11955mcore_i9-12900_firmwarecore_i5-12600h_firmwarecore_i5-10400txeon_w-1290ecore_i5-11400fdebian_linuxceleron_g5925_firmwarecore_i7-1185g7core_i7-9700kfxeon_d-2796texeon_d-1541_firmwareceleron_6600hecore_i9-10900xxeon_d-2798nxxeon_gold_6328hl_firmwarexeon_gold_6256_firmwarexeon_platinum_9221core_i5-12400fcore_i7-1260uxeon_w-1290te_firmwarexeon_d-2142itcore_i9-11980hk_firmwarexeon_platinum_9222_firmwarecore_i5-10110y_firmwarecore_i9-10900te_firmwareceleron_7305_firmwarecore_i9-11900kcore_i9-12900hkcore_i5-12450hcore_i5-10600kfxeon_d-1726xeon_w-10855_firmwareceleron_g6900pentium_gold_g6600_firmwarecore_i7-10700_firmwarexeon_d-1735tr_firmwarecore_i5-1035g1_firmwarecore_i3-1005g1xeon_d-2777nxpentium_gold_8500_firmwarexeon_d-2752nte_firmwarecore_i7-1185gre_firmwarexeon_d-2796nt_firmwarecore_i9-10850hxeon_d-1637core_i5-8210y_firmwarecore_i5-9400fcore_i5-11320h_firmwarecore_i7-10700kf_firmwarexeon_d-1539_firmwarecore_i9-12900core_i7-12650h_firmwarexeon_gold_6238core_i7-1270p_firmwarecore_i5-12500core_i5-11600kfxeon_d-1602core_i5-8365uceleron_g5900_firmwarexeon_platinum_8376hxeon_w-2245xeon_d-2799core_i7-12700xeon_d-1563n_firmwarexeon_d-2145ntxeon_platinum_8256xeon_w-2275_firmwarecore_i5-9600kfcore_i7-12700t_firmwarexeon_e-2288g_firmwarexeon_d-2163itcore_i3-11100he_firmwarepentium_gold_g7400xeon_gold_6254_firmwarecore_i3-1120g4xeon_gold_5220_firmwarecore_i5-12500h_firmwarecore_i5-11400hcore_i9-11900hxeon_w-2235_firmwarexeon_gold_6328hlxeon_d-1623ncore_i7-1185g7exeon_gold_6230n_firmwarecore_i3-12100tcore_i7-10810ucore_i3-10300txeon_silver_4208_firmwarexeon_d-1521core_i5-1130g7xeon_d-1713nt_firmwarexeon_e-2378g_firmwarecore_i9-11900core_i5-9600kcore_i5-8265ucore_i9-9900kfxeon_gold_5218r_firmwarecore_i7-12700kf_firmwarecore_i7-10700txeon_silver_4300core_i3-12100f_firmwarecore_i5-1240p_firmwarecore_i7-9700kf_firmwarecore_i5-1145g7core_i5-9300hxeon_silver_4214y_firmwarecore_i7-10750hcore_i9-10850kpentium_gold_g6405xeon_d-2143itxeon_silver_4209tcore_i7-7640xxeon_d-2753ntpentium_gold_8505_firmwarecore_i7-1160g7_firmwarexeon_w-1390_firmwarexeon_gold_6212uxeon_d-1632_firmwarepentium_gold_g6400tcore_i7-11850h_firmwarexeon_gold_5300_firmwarecore_i9-11900fxeon_d-1612_firmwarexeon_gold_6238m_firmwarexeon_silver_4215xeon_d-2177nt_firmwarexeon_gold_6230ncore_i5-8365u_firmwarecore_i9-10920xcore_i9-11950hxeon_d-1563nxeon_platinum_8280l_firmwarexeon_d-1712tr_firmwarecore_i7-1195g7core_i9-10885hxeon_d-1739_firmwarexeon_e-2386gcore_i7-1165g7core_i5-11400_firmwarexeon_gold_6242_firmwareceleron_6305core_i7-11850hecore_i7-1260p_firmwarecore_i3-1215u_firmwarepentium_gold_g6605_firmwarexeon_d-1733nt_firmwarecore_i7-10750h_firmwarecore_i5-11400xeon_w-1290tecore_i9-9820x_firmwarecore_i5-1145g7ecore_i3-1115gre_firmwarexeon_w-3265_firmwarexeon_d-2142it_firmwarexeon_d-2779_firmwarecore_i5-1030g7xeon_d-1602_firmwarecore_i5-1230u_firmwarexeon_platinum_8376hl_firmwarexeon_platinum_8360hxeon_d-2733ntcore_i9-10980hkxeon_gold_6230t_firmwarecore_i3-1000g1_firmwarexeon_gold_5218_firmwarexeon_d-1559_firmwarecore_i9-10900t_firmwarecore_i7-10700k_firmwarexeon_silver_4210txeon_w-3275m_firmwarepentium_gold_g6505_firmwarecore_i5-11400f_firmwarecore_i3-10305_firmwarexeon_d-2777nx_firmwarecore_i3-10325_firmwarecore_i7-10510y_firmwareceleron_g5905t_firmwarecore_i9-11900k_firmwarecore_i7-1185g7_firmwarecore_i7-11800h_firmwarexeon_d-2795ntcore_i7-1180g7_firmwareceleron_6600he_firmwarecore_i7-1060g7_firmwarecore_i7-1280pcore_i7-8500yxeon_d-2779xeon_w-3245m_firmwarexeon_platinum_8276_firmwarexeon_gold_6330h_firmwarecore_i9-11900t_firmwarecore_i9-7960xxeon_silver_4214c_firmwarecore_i3-1110g4_firmwarexeon_w-1370xeon_d-1715terxeon_d-1559xeon_platinum_9242_firmwarecore_i5-12600txeon_gold_6258r_firmwarepentium_gold_g6405t_firmwarexeon_platinum_8280m_firmwarexeon_d-1537core_i3-10320_firmwarecore_i7-1260u_firmwarexeon_gold_6230_firmwarexeon_gold_5218bxeon_platinum_8360hl_firmwarexeon_gold_6328hxeon_d-1734nt_firmwarecore_i7-1180g7core_i5-12400xeon_e-2288gxeon_w-1370pxeon_gold_6254xeon_gold_5218rcore_i3-10320xeon_d-2752ntecore_i3-12300t_firmwarecore_i7-1255u_firmwarecore_i3-10105fxeon_w-1390t_firmwarexeon_gold_5215m_firmwarexeon_w-2235xeon_platinum_8260mxeon_gold_5320h_firmwarexeon_d-1649ncore_i7-10875hxeon_w-3225core_i7-1195g7_firmwarexeon_d-1540xeon_d-1736nt_firmwarecore_i3-11100hecore_i5-10400hpentium_gold_7505xeon_d-2712t_firmwarecore_i7-12700kcore_i5-9600kf_firmwarexeon_d-1513nxeon_w-10885mcore_i5-10505_firmwarexeon_gold_6234_firmwarexeon_d-1527core_i5-12600_firmwarecore_i9-9940xpentium_gold_g6500_firmwarecore_i9-9900xxeon_d-2745nxcore_i9-7940xxeon_gold_5220r_firmwarecore_i5-10110ycore_i7-1255uxeon_platinum_8380hlxeon_platinum_9220_firmwarecore_i5-12600hxeon_platinum_8260l_firmwarecore_i7-8500y_firmwarecore_i9-11900kf_firmwarexeon_d-1748te_firmwarexeon_silver_4214core_i7-12700hxeon_w-3235_firmwarexeon_platinum_9222core_i3-10105tcore_i9-9900k_firmwarecore_i5-11300hcore_i7-10510u_firmwareceleron_g5905_firmwarexeon_gold_5220sxeon_platinum_8260core_i7-7800x_firmwarecore_i3-1000g4core_i3-10105t_firmwarecore_i5-10400h_firmwarecore_i9-12900kf_firmwarecore_i9-10900kfcore_i7-11390h_firmwarexeon_d-2146ntxeon_d-1713ntcore_i9-9980hk_firmwarecore_i3-10100tpentium_gold_g6600xeon_d-2752tercore_i9-9980hkcore_i5-12500hxeon_w-1390txeon_silver_4216core_i5-1035g4_firmwarecore_i5-1140g7xeon_d-2757nx_firmwarecore_i7-10610ucore_i7-12700k_firmwarecore_i3-1220p_firmwarecore_i7-9850h_firmwarexeon_platinum_8276lcore_i7-11700kfcore_i7-11700_firmwarecore_i7-7740xxeon_d-2795nt_firmwarexeon_d-1713nte_firmwarecore_i7-11375hcore_i9-10850h_firmwarepentium_gold_g7400_firmwarecore_i5-11500txeon_platinum_9221_firmwarecore_i9-9920x_firmwarecore_i9-12900h_firmwarecore_i5-11400h_firmwarecore_i5-9400xeon_d-1521_firmwarecore_i7-1185grexeon_w-1290t_firmwareceleron_g6900_firmwarexeon_gold_6209u_firmwarecore_i9-7920x_firmwarexeon_platinum_8356h_firmwarecore_i3-10325xeon_e-2356gxeon_d-1557xeon_platinum_8276l_firmwarecore_i5-1145gre_firmwarexeon_platinum_8380hcore_i3-10105f_firmwarexeon_gold_6262v_firmwarecore_i3-1210uxeon_w-3245mcore_i5-12600xeon_d-2752ter_firmwarexeon_d-1637_firmwarexeon_e-2334core_i7-9850hcore_i5-12600k_firmwarexeon_w-1350core_i3-10110u_firmwarecore_i5-1035g1xeon_platinum_8276m_firmwarecore_i7-11850hxeon_w-1290core_i9-11900f_firmwarexeon_gold_6226_firmwarexeon_silver_4210core_i3-10110ucore_i7-8665u_firmwarecore_i5-8310y_firmwarecore_i7-1250ucore_i9-10885h_firmwarexeon_e-2314_firmwarexeon_gold_6250l_firmwarexeon_w-2223_firmwarexeon_gold_6234xeon_d-1718t_firmwarecore_i5-11500_firmwarexeon_gold_6252n_firmwarexeon_gold_6240y_firmwarexeon_w-1350pxeon_d-2143it_firmwarexeon_w-1250core_i9-10900core_i7-1065g7_firmwarecore_i9-12900hcore_i5-1145g7_firmwarexeon_w-3245_firmwarecore_i7-11800hcore_i7-11370h_firmwarecore_i7-11375h_firmwarecore_i3-10300xeon_w-1290p_firmwarexeon_w-1250p_firmwarexeon_bronze_3204_firmwarecore_i9-9960x_firmwarexeon_d-1736ntceleron_g5920core_i7-8565ucore_i9-10940x_firmwarexeon_d-1747ntexeon_bronze_3206r_firmwarecore_i5-11500h_firmwarecore_i5-1240pxeon_silver_4215r_firmwarecore_i7-10870hcore_i7-10510ucore_i3-10100fxeon_w-1290pceleron_5305u_firmwareceleron_6305_firmwarecore_i5-8310ycore_i9-12900txeon_d-1523n_firmwarecore_i5-12500txeon_gold_5217xeon_d-2183it_firmwarecore_i3-10300_firmwarecore_i7-9750hf_firmwarexeon_w-3245core_i5-12600t_firmwarexeon_e-2324gcore_i5-12400_firmwarexeon_gold_6210upentium_gold_8500core_i5-1250pxeon_d-1548_firmwarecore_i5-8265u_firmwarexeon_platinum_8380h_firmwarecore_i5-10210uxeon_d-1528xeon_w-2295core_i5-11300h_firmwarecore_i5-10500core_i7-7740x_firmwarecore_i9-9800xpentium_gold_g6405tceleron_g5900tcore_i7-12800h_firmwarexeon_gold_5215core_i5-11600_firmwarecore_i5-10400t_firmwarecore_i7-12650hxeon_d-1622_firmwarexeon_d-1527_firmwarexeon_d-1531_firmwarecore_i9-7920xxeon_d-1633n_firmwarecore_i3-10100_firmwarecore_i9-7960x_firmwarexeon_d-1513n_firmwarexeon_platinum_8260y_firmwarexeon_d-2798nx_firmwarecore_i5-1030g4_firmwarecore_i9-10900tecore_i5-11600kxeon_e-2378core_i7-7820xcore_i3-1115g4ecore_i5-10600tcore_i5-10600kf_firmwarexeon_d-1747nte_firmwarexeon_platinum_8260m_firmwarexeon_w-3275mcore_i7-7800xxeon_d-1726_firmwarexeon_w-1290_firmwarexeon_e-2386g_firmwarexeon_gold_6250lxeon_gold_6209ucore_i5-9400hcore_i9-10900e_firmwarexeon_d-2191_firmwarexeon_e-2278g_firmwarecore_i9-9920xceleron_g5205u_firmwarexeon_platinum_8253xeon_d-2146nt_firmwarexeon_gold_6252npentium_gold_g6505txeon_e-2278gel_firmwarexeon_d-1518_firmwarexeon_platinum_8376h_firmwarecore_i9-12900k_firmwarexeon_gold_6240mcore_i3-1120g4_firmwarexeon_d-1715ter_firmwarexeon_platinum_8280pentium_gold_g6500txeon_gold_6238l_firmwarexeon_d-2745nx_firmwarecore_i5-1230ucore_i3-10100t_firmwarecore_i7-10700f_firmwarexeon_w-2255_firmwarexeon_gold_5220t_firmwarexeon_gold_6252core_i3-10105core_i5-1140g7_firmwarecore_i3-12300_firmwarecore_i3-1215ucore_i5-11400tcore_i7-11700kxeon_gold_6246core_i9-10900kf_firmwarecore_i7-10810u_firmwarexeon_silver_4214rxeon_w-1350_firmwarecore_i9-10920x_firmwarecore_i9-10940xxeon_platinum_8300_firmwarecore_i9-9880h_firmwarexeon_silver_4210r_firmwarexeon_w-3265m_firmwarexeon_d-1577_firmwarepentium_gold_g6400t_firmwarexeon_e-2334_firmwarexeon_gold_6230rxeon_platinum_8360hlcore_i7-10700kfxeon_d-1748tecore_i9-12900t_firmwarexeon_platinum_8280mcore_i3-l13g4_firmwarecore_i5-12400t_firmwarexeon_d-2187ntxeon_d-2775teceleron_g5905xeon_d-1518core_i7-1065g7core_i5-11600kf_firmwarexeon_w-1370p_firmwarexeon_silver_4208xeon_gold_5318hxeon_gold_6210u_firmwarexeon_w-1270_firmwarepentium_gold_g7400tcore_i3-1000g1core_i5-1130g7_firmwarexeon_w-2225xeon_silver_4210t_firmwarepentium_gold_7505_firmwarexeon_gold_5218t_firmwarecore_i9-11900h_firmwarecore_i5-9400f_firmwarexeon_e-2356g_firmwarecore_i3-10305t_firmwarexeon_gold_5215lcore_i3-1220pcore_i5-12400txeon_w-10855m_firmwarecore_i7-12700tcore_i9-10850k_firmwarexeon_gold_5217_firmwarexeon_platinum_8253_firmwarexeon_d-1718tcore_i7-10700core_i5-1135g7_firmwarecore_i9-11950h_firmwarexeon_d-2753nt_firmwarecore_i7-1265u_firmwareceleron_7300xeon_w-1350p_firmwarecore_i7-10610u_firmwarecore_i3-1115g4_firmwarexeon_d-1533ncore_i5-1145grexeon_w-3265mxeon_gold_6240lxeon_d-1529_firmwarexeon_gold_6248core_i5-1135g7core_i5-11600k_firmwarecore_i9-9940x_firmwarexeon_gold_6258rxeon_d-1712trcore_i3-1115g4xeon_w-1270pxeon_e-2378_firmwarexeon_gold_6240l_firmwarexeon_d-1736_firmwarexeon_platinum_9282core_i5-10400xeon_d-2173itxeon_d-2161ixeon_d-2766ntxeon_w-1250pxeon_silver_4215_firmwarecore_i7-10870h_firmwarecore_i5-1155g7pentium_gold_8505xeon_d-2123itcore_i7-9700kcore_i5-1245u_firmwarecore_i7-11700kf_firmwarepentium_gold_g6405_firmwarecore_i9-12900hk_firmwarexeon_gold_6252_firmwarecore_i7-7640x_firmwarecore_i7-12700fcore_i3-1110g4core_i3-12100fcore_i7-1250u_firmwarexeon_bronze_3206rxeon_d-1722necore_i5-1235u_firmwarexeon_d-2776ntxeon_w-3275xeon_gold_6240xeon_d-2161i_firmwarecore_i5-8200y_firmwarecore_i7-10700te_firmwarecore_i7-10700exeon_gold_5220xeon_platinum_8256_firmwarecore_i7-1260pceleron_g5305uxeon_platinum_9220core_i3-10100texeon_gold_6348h_firmwareceleron_g5205uxeon_e-2388gcore_i5-10210u_firmwarecore_i7-11390hxeon_platinum_8268xeon_d-2786ntexeon_d-1537_firmwarexeon_d-2796te_firmwareceleron_g5905txeon_d-2191xeon_gold_6240rcore_i3-10100te_firmwarexeon_gold_6238_firmwarexeon_gold_6240m_firmwarexeon_gold_6330hxeon_d-1612xeon_silver_4215rcore_i9-12900fxeon_d-1540_firmwarexeon_e-2278gcore_i5-10600k_firmwarecore_i9-10900eceleron_g6900tcore_i9-11980hkxeon_d-1553n_firmwarecore_i5-l16g7_firmwarexeon_w-3265core_m3-8100y_firmwarecore_i5-10500tecore_i7-12700f_firmwarecore_i7-12700_firmwarecore_i5-10210y_firmwarecore_i5-11500core_i7-11700xeon_d-2798ntcore_i5-10500tcore_i5-10600xeon_w-2245_firmwarecore_i5-10500_firmwarecore_i7-1265ucore_i5-10310yxeon_gold_6208uxeon_d-1736xeon_d-2738core_i5-10310y_firmwarexeon_d-1567_firmwarecore_i3-12300pentium_gold_g6500t_firmwarecore_i5-11500t_firmwarexeon_e-2388g_firmwarexeon_gold_6230r_firmwarexeon_d-1749ntxeon_gold_6242pentium_gold_g6405ucore_i7-10700kcore_i3-12300txeon_e-2336xeon_d-1627xeon_gold_6246_firmwarexeon_platinum_8260_firmwarecore_i5-12450h_firmwarexeon_e-2286mcore_i9-9880hcore_i5-1240uxeon_gold_6250_firmwareceleron_7305core_i5-11600t_firmwarexeon_d-1623n_firmwarecore_i7-11370hxeon_gold_6244_firmwarexeon_d-1702xeon_d-1722ne_firmwarecore_i5-12500_firmwarexeon_d-1528_firmwarecore_i5-1035g4core_i5-l16g7core_i5-11500hcore_i9-12900kcore_i5-11600txeon_platinum_8276mxeon_d-1732te_firmwarecore_i5-10200hcore_i9-9900kxeon_platinum_8276xeon_d-1529xeon_gold_6240_firmwarexeon_gold_5220tcore_i3-1210u_firmwarecore_i7-1160g7core_i5-12600kfcore_i5-10400fxeon_gold_6244xeon_w-2265_firmwarexeon_w-3223_firmwarexeon_gold_6242rxeon_e-2324g_firmwarexeon_e-2278ge_firmwarecore_i5-1035g7_firmwarexeon_w-2275pentium_gold_g6400_firmwarexeon_w-10855xeon_w-2265xeon_gold_6226rcore_i5-9400_firmwarexeon_d-1564n_firmwarecore_i3-12100t_firmwarexeon_w-10885m_firmwarexeon_bronze_3204core_i9-12900kfcore_i9-9820xxeon_d-1714xeon_d-1567xeon_e-2286m_firmwarexeon_gold_5218b_firmwarexeon_platinum_8354hxeon_gold_6348hxeon_gold_6248_firmwarecore_i7-11850he_firmwarecore_i7-9750hfxeon_d-2141ixeon_d-1581_firmwarexeon_d-2141i_firmwarexeon_silver_4214r_firmwareceleron_6305e_firmwarecore_i5-1245uxeon_d-2776nt_firmwarecore_i5-1035g7core_i5-9300h_firmwarexeon_d-1734ntxeon_w-11855mxeon_gold_6240yceleron_g5900xeon_gold_6238lxeon_gold_5218n_firmwarexeon_w-1390xeon_gold_6328h_firmwarecore_i7-11700t_firmwarexeon_gold_5318h_firmwarecore_i3-1115grecore_i5-11600core_i7-11700fxeon_d-1587core_i7-8665ucore_i7-1270pcore_i3-10305txeon_d-2183itxeon_d-2123it_firmwarecore_i9-7940x_firmwarecore_i5-12500t_firmwarexeon_w-1370_firmwarexeon_d-1649n_firmwarexeon_d-1524nxeon_d-2712txeon_gold_5320hcore_i5-1240u_firmwarecore_i5-10600kcore_i9-12900f_firmwarecore_i9-7900x_firmwarexeon_gold_5222core_i7-10850hxeon_gold_6256xeon_d-1523ncore_i3-1005g1_firmwarecore_i3-12100_firmwarecore_i9-9900x_firmwarecore_i5-12600kf_firmwarecore_i5-10500te_firmwarexeon_w-1290e_firmwarexeon_d-1520core_i5-1145g7e_firmwarecore_i3-10300t_firmwarexeon_d-2187nt_firmwarexeon_d-1524n_firmwarexeon_w-1390p_firmwarexeon_platinum_8280lxeon_w-11955m_firmwarecore_i3-10100f_firmwarecore_i9-10900f_firmwarecore_m3-8100yxeon_platinum_8356hcore_i7-12700h_firmwarecore_i7-1280p_firmwarexeon_d-1543nxeon_d-1541xeon_d-1543n_firmwarexeon_d-2799_firmwarecore_i7-11700txeon_d-1564nxeon_gold_5222_firmwarexeon_d-1622xeon_d-1520_firmwarexeon_d-1732texeon_platinum_9242celeron_7300_firmwarecore_i7-10700e_firmwarecore_i5-1030g7_firmwarexeon_w-2223pentium_gold_g7400t_firmwarecore_i7-1185g7e_firmwarexeon_gold_6238tcore_i9-11900tcore_i5-11260h_firmwarecore_i5-9400h_firmwarecore_i5-8210ycore_i5-10400f_firmwarecore_i7-1060g7xeon_gold_6240r_firmwarecore_i7-8565u_firmwarexeon_w-11855m_firmwarexeon_gold_6212u_firmwarexeon_gold_6208u_firmwarexeon_gold_6300core_i5-11400t_firmwarexeon_d-1587_firmwarecore_i7-10700t_firmwarexeon_platinum_9282_firmwarexeon_d-2796ntxeon_platinum_8260lxeon_platinum_8270xeon_gold_6250xeon_d-1713ntexeon_d-1739celeron_6305exeon_w-1290txeon_e-2336_firmwarexeon_gold_6226core_i3-10105_firmwarecore_i5-11320hxeon_d-1577xeon_d-1735trxeon_silver_4214_firmwarexeon_platinum_8268_firmwarecore_i7-10850h_firmwarexeon_d-2766nt_firmwarexeon_d-2757nxxeon_e-2314xeon_d-2166ntcore_i3-10305xeon_w-1390pxeon_d-1539xeon_gold_5215mcore_i5-10505core_i5-1250p_firmwarexeon_silver_4300_firmwarecore_i3-12100xeon_platinum_8360h_firmwarexeon_w-2255core_i9-10900x_firmwarexeon_gold_6262vxeon_platinum_8354h_firmwarexeon_gold_5215_firmwarexeon_gold_5220s_firmwarexeon_d-1746ter_firmwarexeon_d-1581xeon_platinum_8300core_i5-10210ycore_i3-1000g4_firmwarecore_i5-10300hcore_i7-10710ucore_i7-1165g7_firmwarexeon_silver_4210_firmwarexeon_d-1627_firmwarexeon_d-1702_firmwarexeon_platinum_8380hl_firmwarexeon_d-1733ntxeon_gold_5218pentium_gold_g6500xeon_gold_6238mcore_i5-12400f_firmwareceleron_g5920_firmwareceleron_5305uxeon_gold_6238rxeon_w-1250_firmwarecore_i7-11700f_firmwarexeon_d-1653n_firmwarecore_i3-1125g4_firmwarecore_i9-10900fcore_i3-1125g4xeon_e-2278gelxeon_w-3225_firmwarexeon_d-1553ncore_i5-1030g4xeon_gold_6222v_firmwarexeon_e-2378gcore_i5-10200h_firmwarexeon_d-2798nt_firmwarexeon_gold_6238r_firmwarexeon_d-1573ncore_i5-12600kcore_i9-10980hk_firmwarexeon_d-1632xeon_d-2166nt_firmwarecore_i5-10400_firmwarexeon_w-3223xeon_gold_6242r_firmwarecore_i7-12800hceleron_g6900t_firmwarepentium_gold_g6505t_firmwarexeon_platinum_8376hlceleron_g5305u_firmwarexeon_gold_6222vxeon_silver_4216_firmwarexeon_d-1746tercore_i7-10700fxeon_d-1571core_i3-1115g4e_firmwarecore_i5-9600k_firmwarecore_i9-10900k_firmwarexeon_gold_5215l_firmwarexeon_gold_6238t_firmwarexeon_d-2738_firmwarexeon_platinum_8353h_firmwarexeon_w-2225_firmwarexeon_gold_6230xeon_d-1714_firmwareIntel(R) Processors
CVE-2022-26966
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.34% / 25.75%
||
7 Day CHG~0.00%
Published-12 Mar, 2022 | 21:30
Updated-03 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-h300eh500sactive_iq_unified_managerh300s_firmwareh410sh300sh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwareh700s_firmwareh500s_firmwareh500e_firmwareh700eh700e_firmwareh700sn/a
CVE-2022-25375
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-1.05% / 60.24%
||
7 Day CHG~0.00%
Published-20 Feb, 2022 | 19:47
Updated-03 Aug, 2024 | 04:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2024-43781
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.8||MEDIUM
EPSS-0.15% / 5.01%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 09:36
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINUMERIK 828D V4 (All versions < V4.95 SP3), SINUMERIK 840D sl V4 (All versions < V4.95 SP3 in connection with using Create MyConfig (CMC) <= V4.8 SP1 HF6), SINUMERIK ONE (All versions < V6.23 in connection with using Create MyConfig (CMC) <= V6.6), SINUMERIK ONE (All versions < V6.15 SP4 in connection with using Create MyConfig (CMC) <= V6.6). Affected systems, that have been provisioned with Create MyConfig (CMC), contain a Insertion of Sensitive Information into Log File vulnerability. This could allow a local authenticated user with low privileges to read sensitive information and thus circumvent access restrictions.

Action-Not Available
Vendor-Siemens AG
Product-SINUMERIK 828D V4SINUMERIK 840D sl V4SINUMERIK ONE
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2024-42344
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-4.8||MEDIUM
EPSS-0.15% / 5.00%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 09:36
Updated-10 Sep, 2024 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2). The affected application inserts sensitive information into a log file which is readable by all legitimate users of the underlying system. This could allow an authenticated attacker to compromise the confidentiality of other users' configuration data.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_clientSINEMA Remote Connect Client
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2017-17087
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.36% / 27.51%
||
7 Day CHG~0.00%
Published-01 Dec, 2017 | 08:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability than CVE-2017-1000382.

Action-Not Available
Vendor-n/aCanonical Ltd.VimDebian GNU/Linux
Product-debian_linuxubuntu_linuxvimn/a
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2024-35211
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.8||MEDIUM
EPSS-0.22% / 11.95%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 11:15
Updated-11 Feb, 2025 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes (such as ā€œSecureā€, ā€œHttpOnlyā€, or ā€œSameSiteā€).

Action-Not Available
Vendor-Siemens AG
Product-sinec_traffic_analyzerSINEC Traffic Analyzer
CWE ID-CWE-614
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
CVE-2024-35208
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-4.8||MEDIUM
EPSS-0.15% / 4.35%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 11:15
Updated-06 Aug, 2024 | 15:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server stored the password in cleartext. This could allow attacker in a privileged position to obtain access passwords.

Action-Not Available
Vendor-Siemens AG
Product-sinec_traffic_analyzerSINEC Traffic Analyzersinec_traffic_analyzer
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2019-11833
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.65% / 46.43%
||
7 Day CHG~0.00%
Published-15 May, 2019 | 12:19
Updated-04 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.

Action-Not Available
Vendor-n/aFedora ProjectCanonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncDebian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_for_real_time_for_nfv_tusenterprise_linux_server_ausenterprise_linux_workstationfedoraenterprise_linuxenterprise_linux_eusenterprise_linux_for_real_time_for_nfventerprise_linux_for_real_time_tusenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_for_real_timen/a
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2008-1567
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.30% / 21.35%
||
7 Day CHG~0.00%
Published-31 Mar, 2008 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.

Action-Not Available
Vendor-n/aphpMyAdminopenSUSEDebian GNU/LinuxFedora Project
Product-debian_linuxfedoraphpmyadminopensusen/a
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2022-21704
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.30% / 21.89%
||
7 Day CHG~0.00%
Published-19 Jan, 2022 | 00:00
Updated-23 Apr, 2025 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Default Permissions in log4js-node

log4js-node is a port of log4js to node.js. In affected versions default file permissions for log files created by the file, fileSync and dateFile appenders are world-readable (in unix). This could cause problems if log files contain sensitive information. This would affect any users that have not supplied their own permissions for the files via the mode parameter in the config. Users are advised to update.

Action-Not Available
Vendor-log4js_projectlog4js-nodeDebian GNU/Linux
Product-log4jsdebian_linuxlog4js-node
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-21151
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.34% / 26.29%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:36
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aNetApp, Inc.Debian GNU/LinuxIntel Corporation
Product-celeron_j3355_firmwareceleron_n2815core_i7-6870hqcore_i3-9100ecore_i7-7700t_firmwarecore_i3-10100core_i7-8850h_firmwarecore_i5-1038ng7core_i3-7300celeron_j4125core_i7-10510yceleron_n3010_firmwarecore_i7-10710u_firmwarecore_i5-7y57_firmwareceleron_n4120core_i9-10900_firmwarecore_i5-6350hqcore_i5-6300u_firmwarecore_i3-6300tceleron_j6412xeon_platinum_8353hcore_i7-9700k_firmwarecore_i5-8500t_firmwarecore_i3-9300t_firmwarecore_i5-9500t_firmwarecore_i7-8709g_firmwarecore_i7-10875h_firmwareceleron_j1900_firmwarecore_i5-7500core_i5-6500tcore_i5-6260uxeon_silver_4314_firmwarecore_i9-9900kf_firmwarecore_i5-7440hqcore_i7-6785r_firmwarecore_i7-8709gcore_i5-10600t_firmwarecore_i5-10300h_firmwarecore_i9-10900tcore_i5-8200ycore_i7-10700tecore_i9-10900kcore_i5-10500t_firmwarecore_i5-10600_firmwarepentium_silver_j5040_firmwarecore_i5-9400t_firmwarecore_i7-8809g_firmwarecore_i5-8260ucore_i5-10400tdebian_linuxcore_i7-6820eq_firmwarecore_i7-9700kfcore_i5-7287u_firmwarexeon_gold_6328hl_firmwareceleron_n3350ecore_i5-7600k_firmwarecore_i5-8305g_firmwareceleron_j4005_firmwarecore_m7-6y75core_i3-8100b_firmwarecore_i9-10900te_firmwarecore_i5-10500hcore_i3-8300t_firmwarecore_i3-7167u_firmwarecore_i5-10600kfxeon_platinum_8380_firmwarecore_i7-10700_firmwareceleron_n2840_firmwarexeon_silver_4314core_i5-1035g1_firmwareceleron_j3060core_i3-1005g1core_i7-1068ng7core_m3-6y30_firmwarecore_i7-7820eq_firmwarecore_i5-8210y_firmwarecore_i5-9400fcore_i3-10100ecore_i7-6650u_firmwarexeon_silver_4316_firmwarecore_i7-10700kf_firmwarecore_i5-9500f_firmwarecore_i7-7560ucore_i7-9700tceleron_j6413xeon_platinum_8368_firmwarecore_i7-8550u_firmwarecore_i5-7600tcore_i5-8365uxeon_platinum_8376hxeon_gold_6312u_firmwarecore_i5-9600kfceleron_j4105_firmwarecore_i5-6267u_firmwarecore_i5-8600_firmwareceleron_n2806_firmwarecore_i5-8269ucore_i3-8100_firmwarexeon_gold_6334_firmwarexeon_gold_6338ncore_i5-7600t_firmwareceleron_j3160_firmwarexeon_gold_6328hlcore_i7-9700t_firmwarecore_i7-8665ue_firmwarexeon_gold_6330core_i7-10810ucore_i3-10300tcore_i7-7820hq_firmwarecore_i3-8100core_i3-8145uecore_i7-6560u_firmwareceleron_j4025_firmwarecore_i5-6585rcore_i5-9600kcore_i5-8265ucore_i7-10700tcore_i9-9900kfcore_i3-7100core_m5-6y54core_i5-6300hqcore_i7-7600u_firmwarecore_i7-9700kf_firmwarecore_i5-6402p_firmwarecore_i5-9300hcore_i5-10500ecore_i7-10750hcore_i9-10850kcore_i5-6600t_firmwarecore_i5-8500bcore_i3-7100e_firmwarexeon_gold_6338celeron_n2840xeon_gold_5315yxeon_platinum_8368q_firmwarecore_i5-8250u_firmwarecore_i7-7820hk_firmwarecore_i5-6600core_i3-8100hcore_i5-8400b_firmwarecore_i3-7300t_firmwareceleron_n2810core_i7-8706gcore_i3-6300core_i5-7400t_firmwarecore_i7-9700f_firmwarecore_i5-8365u_firmwareceleron_n3450_firmwareceleron_j1750_firmwarecore_i7-6500u_firmwarecore_i3-8130u_firmwarecore_i9-10885hcore_i5-10310uceleron_n4500core_i7-8557uxeon_gold_6338tceleron_n2910_firmwarecore_i5-9500_firmwarecore_i5-7440eqcore_i3-6320core_i3-9100t_firmwarecore_i3-8350k_firmwarecore_m3-7y32celeron_n5105_firmwarecore_i7-10750h_firmwarexeon_platinum_8360y_firmwarecore_i7-8557u_firmwarecore_i5-6440eqcore_i5-1030g7core_m3-7y32_firmwareceleron_j4025xeon_platinum_8376hl_firmwarexeon_platinum_8360hcore_i9-10980hkcore_i3-1000g1_firmwareceleron_n2808_firmwarecore_i7-10700k_firmwarecore_i9-10900t_firmwarexeon_gold_5320tceleron_n4100core_i3-10305_firmwarecore_i3-7100u_firmwarecore_i3-10325_firmwarecore_i7-10510y_firmwarecore_i5-7267u_firmwarecore_i7-1060g7_firmwarecore_i5-6287ucore_i7-8500yxeon_gold_6330h_firmwarecore_i7-1068ng7_firmwarecore_i5-9600tfas_biospentium_silver_n5030_firmwarepentium_silver_j5040core_i5-7400_firmwareceleron_j3060_firmwarexeon_gold_6336y_firmwareceleron_n6211core_i7-6700te_firmwarecore_i5-9600core_i5-8600tcore_i5-7200u_firmwarecore_i7-7y75_firmwareceleron_n6210_firmwareceleron_j1850_firmwarecore_i3-10320_firmwarexeon_platinum_8360hl_firmwarexeon_gold_6328hcore_i3-6100hcore_i7-7500uxeon_gold_5318s_firmwarecore_i3-10320xeon_gold_6342_firmwarecore_i3-10105fxeon_gold_5320xeon_gold_5320h_firmwarecore_i3-6098pcore_i5-6400core_i7-10875hceleron_n3060_firmwarexeon_platinum_8362_firmwarecore_i5-6300hq_firmwarecore_i3-7101tecore_i7-7700core_i5-10400hcore_i5-6440eq_firmwarecore_i5-9600kf_firmwarecore_i5-7300hqcore_i5-10505_firmwareceleron_n3050_firmwareceleron_n2810_firmwarexeon_gold_6312uceleron_j1800_firmwareceleron_j3455_firmwarecore_i9-9900t_firmwarecore_i5-6600kcore_i5-9600_firmwarecore_i7-9700exeon_platinum_8380hlcore_i7-9700tecore_i7-8500y_firmwarecore_i7-6822eq_firmwarecore_i7-6700t_firmwarecore_i7-6700tcore_i5-6442eq_firmwarecore_i3-6102e_firmwarexeon_gold_5318ncore_i3-10105tcore_i9-9900k_firmwarecore_i3-8100h_firmwarecore_i7-10510u_firmwarexeon_platinum_8358_firmwarecore_i7-7700_firmwarecore_i7-6820hk_firmwarecore_i5-6500tecore_i5-6260u_firmwarecore_i3-10105t_firmwarepentium_silver_n6000core_i5-10400h_firmwarecore_i3-1000g4xeon_silver_4309ycore_i3-7100t_firmwarecore_i9-10900kfcore_i3-9100hlcore_i5-6500core_i3-10100tcore_i9-9980hk_firmwarecore_i3-9100f_firmwareceleron_n2805_firmwarexeon_gold_6314ucore_i5-8300h_firmwarecore_i9-9980hkceleron_j4125_firmwarecore_i5-8279u_firmwarecore_i5-8500b_firmwarecore_i7-7700hq_firmwarecore_i3-7100tcore_i3-6102ecore_i5-1035g4_firmwarexeon_platinum_8358p_firmwarexeon_platinum_8362core_i7-6770hqcore_i7-10610ucore_i7-9850h_firmwarexeon_platinum_8351n_firmwarecore_m5-6y54_firmwarecore_i7-7y75core_i7-8559ucore_i5-9500exeon_gold_6314u_firmwareceleron_n3010xeon_platinum_8368qcore_i5-9400core_i7-6600ucore_i3-6320_firmwarecore_i3-6100e_firmwarecore_i7-9750h_firmwarecore_i3-10325xeon_platinum_8356h_firmwarecore_i5-8500_firmwarecore_i7-8700core_i3-7130ucore_i5-8400celeron_n5100xeon_platinum_8380hcore_i3-10105f_firmwareceleron_n3000_firmwarecore_i7\+8700xeon_gold_5318sceleron_n2805core_i5-7440hq_firmwarecore_i7-9850hcore_i5-7300hq_firmwarecore_i3-10110u_firmwarecore_i5-7600core_i7-6500uceleron_n4505_firmwarecore_i5-1035g1celeron_n2808core_i5-8310y_firmwareceleron_n3060core_i3-10110ucore_i7-8665u_firmwarecore_i9-10885h_firmwarecore_i7-8086k_firmwareceleron_j6412_firmwareceleron_n4500_firmwarecore_i3-10100y_firmwarecore_i7-7567u_firmwarecore_i3-9100e_firmwareceleron_n6211_firmwarecore_i5-7442eq_firmwarecore_i3-7320_firmwarecore_i7-8569u_firmwarecore_i7-6770hq_firmwarecore_i9-10900core_i7-1065g7_firmwarecore_i5-9400tceleron_n5100_firmwarecore_i5-7360ucore_i5-7300ucore_i3-10300core_i3-8100t_firmwarecore_i5-7600_firmwarecore_i5-6600tceleron_j6413_firmwarecore_i5-6500t_firmwarecore_i5-10310u_firmwarecore_i7-8565ucore_i3-7100h_firmwarecore_i5-8400_firmwarecore_i7-6600u_firmwarecore_i7-6567u_firmwarecore_i7-7700kcore_i7-10870hcore_i7-10510ucore_i3-10100fcore_i3-6300t_firmwarecore_i9-9900_firmwarecore_i7-7920hq_firmwareceleron_n2940core_i5-8310ycore_i5-10500h_firmwarecore_i3-10300_firmwarecore_i5-6440hqcore_i7-9750hf_firmwareceleron_j1750core_i7-6660ucore_i7-6870hq_firmwarecore_i3-6100ecore_i5-7200ucore_i7-9700fcore_i5-8265u_firmwarecore_i7-6970hq_firmwarexeon_platinum_8352s_firmwarexeon_platinum_8380h_firmwareceleron_n3000core_i5-10210ucore_i7-6820hqcore_i3-7300_firmwarecore_i3-9100tcore_i5-10500xeon_platinum_8351nxeon_gold_6354_firmwarecore_i5-8400bcore_i7-8850hcore_i3-7100hcore_i9-8950hk_firmwareceleron_n2930celeron_n2830core_i5-8400h_firmwarecore_i3-6100ucore_i5-10400t_firmwarecore_i9-9900kscore_i5-6350hq_firmwarexeon_platinum_8352vceleron_n4020_firmwarecore_i3-10100_firmwarexeon_platinum_8352y_firmwarecore_i9-10900texeon_platinum_8358core_i9-8950hkcore_i5-1030g4_firmwarecore_i5-6360ucore_i3-6157ucore_i5-9500fcore_i3-10100yxeon_platinum_8360ycore_i5-10600tceleron_n3150_firmwarecore_i5-10600kf_firmwarexeon_gold_5317_firmwarecore_i5-9500te_firmwarecore_i7-7700k_firmwarexeon_gold_6336yceleron_n4505core_i9-10900e_firmwarecore_i5-9400hcore_i7-7660ucore_i3-9320core_i7-7700hqxeon_platinum_8376h_firmwarecore_i7-6820hq_firmwarecore_i7-10700f_firmwarecore_i3-10100t_firmwarecore_i5-6402pcore_m3-7y30core_i5-8269u_firmwarecore_i3-6100t_firmwarecore_i3-10105celeron_n6210xeon_silver_4309y_firmwareceleron_j3455eceleron_n4020core_i9-10900kf_firmwarecore_i7-8550ucore_i7-10810u_firmwarecore_i3-7101e_firmwareceleron_n2920_firmwarecore_i9-9880h_firmwarecore_i7-9700core_i7-6700hqcore_i3-8300core_i5-6500_firmwarecore_i3-7102e_firmwarecore_i7-9850hexeon_platinum_8360hlxeon_gold_6346_firmwareceleron_j4105core_i7-10700kfcore_i7-9850hl_firmwarecore_i5-8260u_firmwarecore_i5-8400txeon_gold_5315y_firmwarecore_i5-7500tcore_i5-6440hq_firmwarexeon_silver_4310tceleron_n4100_firmwarecore_i7-1065g7xeon_gold_5318hcore_i5-6267ucore_i3-1000g1core_i7-6660u_firmwarexeon_gold_5320_firmwarecore_i5-7y54core_i5-8257u_firmwarecore_i5-7400core_i5-1038ng7_firmwarecore_i3-6100te_firmwareceleron_n2815_firmwareceleron_j3355ecore_i5-9400f_firmwarecore_i7-8700b_firmwarecore_i3-10305t_firmwarecore_i7-8706g_firmwarecore_i5-7287ucore_i7-6567ucore_i9-10850k_firmwarecore_i5-8365ue_firmwarecore_i7-7660u_firmwarexeon_platinum_8352score_i3-6167u_firmwareceleron_n2910xeon_gold_6330n_firmwarecore_i7-7920hqcore_i7-10700core_i5-6600_firmwarecore_i5-9600t_firmwareceleron_n2940_firmwarecore_i7-10610u_firmwarecore_i5-10500e_firmwarecore_i3-7020uceleron_j3355core_i5-8600k_firmwarecore_i5-9300hfcore_i3-8145u_firmwarecore_i5-10400core_i3-9300core_i3-8145uceleron_j3355e_firmwarecore_i3-7020u_firmwarecore_i7-7567ucore_i7-8700kcore_i3-7130u_firmwarecore_i7-10870h_firmwarecore_i3-6098p_firmwareceleron_j1800core_i3-9300tcore_i7-7820hqcore_i7-7820eqcore_i7-9700kcore_i5-8365uecore_i3-8109uceleron_j3455core_i7-6920hq_firmwarepentium_silver_n6000_firmwarexeon_gold_6346celeron_n3160core_i5-8200y_firmwareceleron_n3160_firmwareceleron_n2830_firmwarecore_i7-10700ecore_i7-10700te_firmwarecore_i5-8350ucore_i3-7320core_i7-8750h_firmwarecore_i3-10100tecore_i5-6200u_firmwareceleron_n4000_firmwarecore_m5-6y57xeon_gold_6348h_firmwareceleron_n2807core_i5-10210u_firmwarecore_i7-9700te_firmwarecore_i3-8140u_firmwarecore_i5-7y57core_i7-6700tecore_i3-9300_firmwarecore_i3-10100te_firmwarexeon_gold_6330hcore_i5-7260ucore_i5-10600k_firmwarecore_i9-10900ecore_i5-8259u_firmwarecore_i3-9100core_i7-9750hcore_i3-6100u_firmwarepentium_silver_n6005core_i3-10110y_firmwarecore_i5-8600core_i5-8250uxeon_platinum_8380core_m3-8100y_firmwarexeon_platinum_8368core_i5-10500tecore_i7-6700_firmwarecore_i7-8559u_firmwarecore_i5-7500_firmwarecore_i7-7500u_firmwarecore_i5-10210y_firmwarecore_i7-8700k_firmwarecore_i3-6100tecore_i7-8700bcore_i5-10500tcore_i5-10600core_i5-10500_firmwarecore_i5-10310yxeon_platinum_8352mcore_i5-10310y_firmwarecore_i3-9100tecore_i5-9300hf_firmwarecore_m5-6y57_firmwarecore_i5-8259uxeon_gold_6326_firmwarecore_i3-6006u_firmwarecore_i7-10700kcore_i3-8109u_firmwarecore_i9-9880hcore_i7-8705g_firmwarecore_i7-6650ucore_i3-9350k_firmwarecore_i5-7442eqcore_i7-8665uecore_i5-6400_firmwarecore_i3-8130ucore_i3-7167ucore_i3-8300tcore_i5-1035g4xeon_gold_6342core_i7-8650ucore_i5-10200hpentium_silver_n5030core_i9-9900kcore_i7-8705gceleron_n2920xeon_silver_4316celeron_n4000core_i5-10400fcore_i3-6157u_firmwarecore_i7-7600uxeon_gold_6330ncore_i5-1035g7_firmwarecore_i3-7100ecore_i7\+8700_firmwarecore_i5-9400_firmwarecore_i5-9500core_i3-7101ecore_i9-9900core_i3-8145ue_firmwarecore_i3-7350k_firmwarecore_i5-8400t_firmwarepentium_silver_n5000_firmwarecore_i7-9850hlceleron_j4005celeron_n3150xeon_platinum_8354hpentium_silver_n5000xeon_gold_6348hcore_i5-8400hcore_i5-6300ucore_i7-9750hfcore_m3-6y30core_i3-10110yxeon_gold_6334core_i5-1035g7xeon_gold_6326core_i7-7820hkcore_i5-9300h_firmwareceleron_n3350core_i5-8305gcore_i3-6100core_i3-9350kxeon_gold_6328h_firmwareceleron_n2820celeron_n2820_firmwarexeon_gold_5318h_firmwarecore_i5-7400txeon_gold_6348core_i7-8750hcore_i3-6100tceleron_n5105xeon_gold_6354core_i7-8665ucore_i3-10305tcore_i3-10100e_firmwarecore_m7-6y75_firmwareceleron_n2807_firmwarecore_i3-9350kf_firmwarecore_i5-8300hcore_i5-7440eq_firmwarecore_i3-7101te_firmwareceleron_n2806pentium_silver_n6005_firmwarecore_i3-8140uxeon_gold_5320hceleron_n3350_firmwarecore_i7-8086kcore_i5-10600kcore_i3-8350kcore_i5-7360u_firmwarecore_i5-9500e_firmwarecore_i7-9700e_firmwarecore_i7-10850hcore_i3-1005g1_firmwarecore_i5-6360u_firmwarecore_i5-9500texeon_gold_6338n_firmwarecore_i3-9100hl_firmwarecore_i5-10500te_firmwarecore_i3-10300t_firmwarecore_i5-7y54_firmwarecore_i3-8100bcore_i3-6167ucore_i5-8279ucore_i9-10900f_firmwarecore_i3-10100f_firmwarecore_m3-8100yxeon_platinum_8356hxeon_gold_6338t_firmwarecore_i5-8600kcore_i5-7267ucore_i3-7100ucore_i5-6442eqcore_i7-8700tcore_i3-7100_firmwarecore_i3-9320_firmwarecore_i7-6700k_firmwarecore_i5-7260u_firmwarexeon_gold_5320t_firmwarexeon_gold_5318y_firmwarecore_i5-7300u_firmwareceleron_n2930_firmwareceleron_j1900core_i5-6685r_firmwarecore_i7-8700t_firmwarecore_i7-10700e_firmwarecore_i3-9100te_firmwarecore_i5-6500te_firmwarecore_i5-1030g7_firmwarecore_i5-8600t_firmwarexeon_platinum_8352v_firmwarecore_i7-6700kcore_i7-6970hqxeon_gold_5318n_firmwarecore_i7-6822eqcore_i3-7300tcore_i5-8500xeon_silver_4310t_firmwarecore_i5-9400h_firmwarecore_i5-8210ycore_i5-10400f_firmwareceleron_n4120_firmwarecore_i7-6785rpentium_silver_j5005_firmwarecore_i7-6560ucore_i7-1060g7core_i7-8565u_firmwarecore_i5-8257uxeon_gold_5318ycore_i7-8569uxeon_silver_4310core_i7-10700t_firmwarecore_i9-9900txeon_platinum_8352m_firmwarecore_i7-9700_firmwarecore_i7-7700tcore_i5-6685rcore_i3-9350kfceleron_n3350e_firmwarecore_i5-6287u_firmwarecore_i5-8500tcore_i7-8809gcore_i3-10105_firmwarecore_i7-8650u_firmwarecore_i5-6400t_firmwarecore_i3-6300_firmwarecore_i7-10850h_firmwarecore_i5-6400txeon_gold_6348_firmwarecore_i3-10305core_i7-8700_firmwarecore_i7-9850he_firmwarecore_i3-7350kcore_i3-6100h_firmwarecore_i3-8300_firmwarecore_i5-10505core_i3-9100_firmwarecore_i7-6820eqcore_i7-6700xeon_silver_4310_firmwarecore_i7-6920hqxeon_platinum_8360h_firmwarecore_i5-6585r_firmwarecore_i5-7600kcore_i7-7560u_firmwarecore_i7-6820hkcore_m3-7y30_firmwarecore_i3-6006uxeon_platinum_8354h_firmwarecore_i7-10710uceleron_j3160core_i5-10300hxeon_platinum_8358pcore_i5-10210yxeon_gold_6330_firmwarecore_i3-1000g4_firmwarecore_i5-8350u_firmwarexeon_platinum_8380hl_firmwarecore_i9-9900ks_firmwarexeon_gold_6338_firmwarecore_i3-9100fcore_i5-7500t_firmwarecore_i9-10900fceleron_j3455e_firmwareceleron_n3450core_i5-1030g4core_i5-10200h_firmwarecore_i3-8100tcore_i3-6100_firmwarecore_i9-10980hk_firmwarexeon_platinum_8352ycore_i5-9500tcore_i5-10400_firmwarexeon_gold_5317celeron_n3050core_i5-6600k_firmwarecore_i7-6700hq_firmwareceleron_j1850core_i3-7102exeon_platinum_8376hlcore_i5-6200ucore_i7-10700fcore_i5-9600k_firmwarecore_i9-10900k_firmwarexeon_platinum_8353h_firmwarepentium_silver_j5005Intel(R) Processors
CVE-2022-21125
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-6.45% / 92.89%
||
7 Day CHG~0.00%
Published-15 Jun, 2022 | 20:01
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aXen ProjectVMware (Broadcom Inc.)Debian GNU/LinuxIntel CorporationFedora Project
Product-esxidebian_linuxsgx_dcapsgx_pswsgx_sdkfedoraxenIntel(R) Processors
CWE ID-CWE-459
Incomplete Cleanup
CVE-2022-21166
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-5.90% / 92.33%
||
7 Day CHG~0.00%
Published-15 Jun, 2022 | 20:03
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aXen ProjectVMware (Broadcom Inc.)Debian GNU/LinuxIntel CorporationFedora Project
Product-esxidebian_linuxsgx_dcapsgx_pswsgx_sdkfedoraxenIntel(R) Processors
CWE ID-CWE-459
Incomplete Cleanup
CVE-2022-21123
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-6.28% / 92.73%
||
7 Day CHG~0.00%
Published-15 Jun, 2022 | 19:59
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aXen ProjectVMware (Broadcom Inc.)Debian GNU/LinuxIntel CorporationFedora Project
Product-esxidebian_linuxsgx_dcapsgx_pswsgx_sdkfedoraxenIntel(R) Processors
CWE ID-CWE-459
Incomplete Cleanup
CVE-2022-21127
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-5.46% / 91.78%
||
7 Day CHG-0.05%
Published-15 Jun, 2022 | 20:02
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aXen ProjectDebian GNU/LinuxIntel Corporation
Product-debian_linuxsgx_dcapsgx_pswsgx_sdkxenIntel(R) Processors
CWE ID-CWE-459
Incomplete Cleanup
CVE-2022-0854
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.46% / 37.02%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 19:46
Updated-02 Aug, 2024 | 23:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kernelKernel
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2024-10933
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
CVSS Score-4.1||MEDIUM
EPSS-0.27% / 18.75%
||
7 Day CHG+0.01%
Published-05 Dec, 2024 | 20:06
Updated-23 Sep, 2025 | 12:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenBSD readdir directory traversal

In OpenBSD 7.5 before errata 009 and OpenBSD 7.4 before errata 022, exclude any '/' in readdir name validation to avoid unexpected directory traversal on untrusted file systems.

Action-Not Available
Vendor-OpenBSD
Product-openbsdOpenBSD
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2013-0326
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.36% / 27.80%
||
7 Day CHG~0.00%
Published-05 Dec, 2019 | 16:09
Updated-06 Aug, 2024 | 14:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenStack nova base images permissions are world readable

Action-Not Available
Vendor-Debian GNU/LinuxOpenStack
Product-debian_linuxnovaopenstack-nova
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-5953
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.40% / 32.11%
||
7 Day CHG~0.00%
Published-07 Aug, 2018 | 18:00
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-3639
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-60.63% / 99.03%
||
7 Day CHG~0.00%
Published-22 May, 2018 | 12:00
Updated-29 May, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

Action-Not Available
Vendor-Oracle CorporationMicrosoft CorporationSiemens AGCanonical Ltd.Debian GNU/LinuxMitel Networks Corp.NVIDIA CorporationSchneider Electric SEIntel CorporationSonicWall Inc.Arm LimitedRed Hat, Inc.
Product-simatic_field_pg_m4enterprise_linux_desktopxeon_e3_1270_v3xeon_e3_12201_v2open_integration_gatewayxeon_e5_2630l_v2xeon_e3_1258l_v4xeon_e3_1260l_v5simatic_ipc677csimatic_ipc547gxeon_e5_2470xeon_e5_2418l_v3xeon_e5_2603_v3sinumerik_pcu_50.5_firmwaresimatic_ipc647c_firmwarexeon_e5_1630_v3simatic_ipc827dxeon_e3_1220_v3xeon_e3_1125c_v2debian_linuxsimatic_field_pg_m5_firmwareitc1900xeon_e5_2620openstackxeon_e3_1220l_v3surface_studiopentium_silveratom_exeon_e5_2609itc2200_pro_firmwarexeon_e5_2620_v2xeon_e3_1265l_v3core_i3enterprise_linux_server_ausmivoice_5000simatic_ipc477e_pro_firmwarexeon_e3_1240_v6simatic_itp1000_firmwareatom_x7-e3950windows_7simatic_s7-1500_firmwarexeon_e3_1225simatic_ipc847d_firmwarexeon_e3_1220_v5xeon_e5_1428l_v3enterprise_linux_euscortex-axeon_e5_2637_v2micloud_management_portalxeon_e3_1230_v2enterprise_linux_serversimatic_ipc677c_firmwarexeon_e5_2643mrg_realtimejetson_tx2itc1500_firmwarexeon_e3_1240_v5simatic_ipc427cxeon_e3_1230_v6sinumerik_tcu_30.3simatic_ipc547exeon_e3_1240_v2xeon_e3_1275_v5simatic_ipc627cxeon_e3_1105c_v2xeon_e5_2609_v3xeon_e3_1285_v3local_service_management_systementerprise_linux_server_tusxeon_e3_1265l_v2xeon_e5_2630_v2simatic_ipc427exeon_e3_1276_v3xeon_e5_2603_v4itc1900_proxeon_e3_1275_v6xeon_e5_2408l_v3simatic_ipc647dceleron_jxeon_e5_2418lpentium_jxeon_e5_2438l_v3simatic_ipc677d_firmwaresimatic_ipc627druggedcom_ape_firmwaresimatic_ipc427d_firmwaresinumerik_tcu_30.3_firmwarexeon_e5_1680_v3virtualization_managerxeon_e3_1268l_v5xeon_e5_1660_v4xeon_e5_2630l_v4xeon_e5_2640xeon_e3_1268l_v3simotion_p320-4ewindows_server_2016xeon_e5_2403_v2simatic_ipc647d_firmwarexeon_e3_1286_v3itc2200simatic_ipc347eubuntu_linuxxeon_e5_2623_v3xeon_e5_2450xeon_e5_2450lxeon_e5_2603_v2xeon_e5_2650l_v3xeon_e3_1280_v6enterprise_linux_workstationsinumerik_840_d_sl_firmwarexeon_e5_2628l_v2xeon_e5_2643_v4itc1900_pro_firmwarexeon_e3_1246_v3solarismivoic_mx-onemivoice_businessxeon_e3_1230_v3xeon_e3_1285l_v3xeon_e5_2430core_i7core_i5xeon_e5_2618l_v3xeon_e5_2620_v4simatic_et_200_spsimatic_ipc847c_firmwarexeon_e3_1226_v3xeon_e5_2630lsimatic_ipc547e_firmwaresimatic_ipc627c_firmwarecloud_global_management_systemvirtualizationxeon_e3_1225_v6xeon_e5xeon_e5_2430l_v2simatic_ipc477e_firmwarexeon_e5_1428l_v2xeon_e5_1620_v3xeon_e3_1260lxeon_e3_1235windows_10surface_bookxeon_e5_2407xeon_e5_2440xeon_e5_2428l_v2xeon_e5_2640_v4xeon_e3_1505l_v5itc2200_proxeon_e3_1280_v3simatic_ipc647cxeon_e3_1245xeon_e5_2618l_v4xeon_e5_2630l_v3xeon_e3_1265l_v4xeon_e7xeon_e3_1231_v3ruggedcom_apexeon_e5_2630_v4xeon_e3_1285_v6windows_server_2012xeon_e5_2618l_v2xeon_e3_1225_v2xeon_e3_1270_v6xeon_e3_1280_v2core_mxeon_e3_1245_v3simatic_ipc427c_firmwarestruxureware_data_center_expertenterprise_linuxxeon_e-1105cjetson_tx1sinema_remote_connect_firmwarexeon_e3_1290xeon_e5_2470_v2xeon_e5_2623_v4simatic_ipc477cglobal_management_systemxeon_e3_1245_v2xeon_e3_1240l_v5simatic_ipc3000_smartxeon_e5_2643_v3xeon_e5_2640_v3itc1500_prosimotion_p320-4e_firmwarexeon_e3_1280xeon_e5_1650xeon_e5_2648l_v3xeon_e5_2609_v4xeon_e3_1505l_v6xeon_goldxeon_e3_1230xeon_e3_1270_v2xeon_e3_1501l_v6xeon_e5_2648l_v4xeon_e3_1275_v3xeon_e3_1220_v6xeon_e3_1281_v3xeon_e5_1650_v3simatic_ipc627d_firmwarexeon_e3_1505m_v5celeron_nsurface_pro_with_lte_advancedxeon_e3_1275l_v3xeon_e3_1501m_v6itc1500xeon_e5_2609_v2surfacexeon_e3_1275_v2atom_x5-e3940xeon_e3_1240mivoice_connectsimatic_itp1000xeon_e5_2430lxeon_e3_1245_v5xeon_e3_1278l_v4xeon_e5_2418l_v2xeon_e5_1680_v4xeon_silverxeon_e5_1660_v2simatic_ipc3000_smart_firmwarexeon_e3_1270_v5xeon_e5_2650itc1900_firmwarexeon_e3_1286l_v3xeon_e3_1230_v5atom_x5-e3930xeon_e5_2643_v2simatic_ipc827c_firmwareatom_cxeon_e5_2450l_v2xeon_e5_2420simatic_ipc827cxeon_e5_2448l_v2xeon_e5_2608l_v4xeon_e5_1620_v4xeon_e5_2630_v3simatic_ipc847cxeon_e3_1230l_v3email_securityxeon_e5_2407_v2xeon_e5_2403xeon_e5_2637_v4xeon_e5_2430_v2xeon_e5_2637xeon_e5_1660simatic_ipc677ditc2200_firmwareweb_application_firewallxeon_e3_1290_v2xeon_e5_1428lxeon_e3_1285l_v4xeon_e5_2630xeon_e3_1285_v4simatic_ipc427e_firmwarexeon_e3_1225_v3xeon_e5_2650l_v2xeon_e3_1225_v5xeon_e5_1630_v4simatic_s7-1500pentiumxeon_e3_1240_v3xeon_e5_2428lwindows_8.1xeon_e5_1620_v2simatic_et_200_sp_firmwaresimatic_ipc347e_firmwarexeon_e5_1650_v4xeon_e5_2648l_v2simatic_ipc477c_firmwarexeon_e3_1270xeon_e5_2608l_v3simatic_field_pg_m5xeon_e3_1280_v5xeon_e5_1660_v3sinumerik_pcu_50.5atom_zxeon_e3_12201secure_mobile_accessxeon_e3_1241_v3simatic_ipc427dsimatic_ipc847dsimatic_ipc477e_proxeon_e5_2620_v3itc1500_pro_firmwarexeon_e5_1650_v2xeon_e5_2648lxeon_e5_2637_v3xeon_e5_2650_v4xeon_e5_2448lsimatic_ipc827d_firmwarexeon_e5_2650_v3simatic_ipc547g_firmwarexeon_e3_1271_v3xeon_platinumxeon_e5_2628l_v3simatic_ipc477d_firmwaresinumerik_840_d_slsimatic_field_pg_m4_firmwaresurface_prosimatic_ipc477exeon_e3_1235l_v5xeon_e5_2450_v2windows_server_2008sonicosvsinema_remote_connectxeon_e5_2640_v2micollabxeon_e5_2628l_v4mivoice_border_gatewayxeon_e5_1620xeon_e5_2650_v2xeon_e5_2650lxeon_e5_2603xeon_e5_2428l_v3xeon_e3_1240l_v3xeon_e5_2420_v2xeon_e3_1220_v2xeon_e5_2440_v2simatic_ipc477dxeon_e3_1245_v6xeon_e3Multiple
CWE ID-CWE-203
Observable Discrepancy
CVE-2023-38558
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.17% / 6.15%
||
7 Day CHG~0.00%
Published-14 Sep, 2023 | 10:39
Updated-27 Feb, 2025 | 20:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS neo (Administration Console) V4.0 (All versions), SIMATIC PCS neo (Administration Console) V4.0 Update 1 (All versions). The affected application leaks Windows admin credentials. An attacker with local access to the Administration Console could get the credentials, and impersonate the admin user, thereby gaining admin access to other Windows systems.

Action-Not Available
Vendor-Siemens AG
Product-simatic_pcs_neoSIMATIC PCS neo (Administration Console) V4.0 Update 1SIMATIC PCS neo (Administration Console) V4.0
CWE ID-CWE-538
Insertion of Sensitive Information into Externally-Accessible File or Directory
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2021-42015
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.22% / 12.47%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:32
Updated-04 Aug, 2024 | 03:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.26), Mendix Applications using Mendix 8 (All versions < V8.18.12), Mendix Applications using Mendix 9 (All versions < V9.6.1). Applications built with affected versions of Mendix Studio Pro do not prevent file documents from being cached when files are opened or downloaded using a browser. This could allow a local attacker to read those documents by exploring the browser cache.

Action-Not Available
Vendor-mendixSiemens AG
Product-mendixMendix Applications using Mendix 7Mendix Applications using Mendix 9Mendix Applications using Mendix 8
CWE ID-CWE-525
Use of Web Browser Cache Containing Sensitive Information
CVE-2023-30757
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.2||MEDIUM
EPSS-0.12% / 2.18%
||
7 Day CHG~0.00%
Published-13 Jun, 2023 | 08:17
Updated-10 Dec, 2024 | 14:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions). The know-how protection feature in affected products does not properly update the encryption of existing program blocks when a project file is updated. This could allow attackers with access to the project file to recover previous - yet unprotected - versions of the project without the knowledge of the know-how protection password.

Action-Not Available
Vendor-Siemens AG
Product-totally_integrated_automation_portalTotally Integrated Automation Portal (TIA Portal) V15Totally Integrated Automation Portal (TIA Portal) V17Totally Integrated Automation Portal (TIA Portal) V14Totally Integrated Automation Portal (TIA Portal) V18Totally Integrated Automation Portal (TIA Portal) V15.1Totally Integrated Automation Portal (TIA Portal) V16Totally Integrated Automation Portal (TIA Portal) V19Totally Integrated Automation Portal (TIA Portal) V20
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2022-0487
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.42% / 34.15%
||
7 Day CHG~0.00%
Published-04 Feb, 2022 | 22:29
Updated-02 Aug, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxRed Hat, Inc.
Product-debian_linuxlinux_kernelenterprise_linuxkernel
CWE ID-CWE-416
Use After Free
CVE-2020-10685
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-0.38% / 29.56%
||
7 Day CHG~0.00%
Published-11 May, 2020 | 00:00
Updated-04 Aug, 2024 | 11:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.
Product-ceph_storagedebian_linuxopenstackstorageansible_engineansible_towerAnsible
CWE ID-CWE-459
Incomplete Cleanup
CVE-2021-45095
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.34% / 25.75%
||
7 Day CHG~0.00%
Published-16 Dec, 2021 | 03:37
Updated-04 Aug, 2024 | 04:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2023-27538
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-7.7||HIGH
EPSS-1.16% / 63.35%
||
7 Day CHG~0.00%
Published-30 Mar, 2023 | 00:00
Updated-09 Jun, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.

Action-Not Available
Vendor-n/aNetApp, Inc.Fedora ProjectDebian GNU/LinuxBroadcom Inc.Splunk LLC (Cisco Systems, Inc.)CURL
Product-debian_linuxbrocade_fabric_operating_system_firmwareh700sh300sh410s_firmwareuniversal_forwarderfedorah300s_firmwareh700s_firmwareh500sh500s_firmwarelibcurlclustered_data_ontapactive_iq_unified_managerh410shttps://github.com/curl/curl
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-305
Authentication Bypass by Primary Weakness
CVE-2021-40364
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.23% / 14.06%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:32
Updated-04 Aug, 2024 | 02:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). The affected systems store sensitive information in log files. An attacker with access to the log files could publicly expose the information or reuse it to develop further attacks on the system.

Action-Not Available
Vendor-Siemens AG
Product-simatic_winccsimatic_pcs_7SIMATIC WinCC V15 and earlierSIMATIC WinCC V17SIMATIC PCS 7 V9.1SIMATIC PCS 7 V9.0SIMATIC WinCC V7.4SIMATIC WinCC V7.5SIMATIC WinCC V16SIMATIC PCS 7 V8.2
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2023-38633
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-2.13% / 79.73%
||
7 Day CHG~0.00%
Published-22 Jul, 2023 | 00:00
Updated-02 Aug, 2024 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element.

Action-Not Available
Vendor-n/aThe GNOME ProjectDebian GNU/LinuxFedora Project
Product-librsvgdebian_linuxfedoran/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2017-14737
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.32% / 23.64%
||
7 Day CHG~0.00%
Published-26 Sep, 2017 | 01:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key.

Action-Not Available
Vendor-botan_projectn/aDebian GNU/Linux
Product-debian_linuxbotann/a
CVE-2021-26933
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.33% / 24.56%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 01:05
Updated-03 Aug, 2024 | 20:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen 4.9 through 4.14.x. On Arm, a guest is allowed to control whether memory accesses are bypassing the cache. This means that Xen needs to ensure that all writes (such as the ones during scrubbing) have reached the memory before handing over the page to a guest. Unfortunately, the operation to clean the cache is happening before checking if the page was scrubbed. Therefore there is no guarantee when all the writes will reach the memory.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectXen Project
Product-xendebian_linuxfedoran/a
CVE-2016-7440
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.30% / 22.17%
||
7 Day CHG~0.00%
Published-13 Dec, 2016 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.

Action-Not Available
Vendor-wolfssln/aDebian GNU/LinuxMariaDB FoundationOracle Corporation
Product-mariadbmysqldebian_linuxwolfssln/a
CVE-2021-26313
Matching Score-8
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-8
Assigner-Advanced Micro Devices Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.33% / 24.71%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 11:23
Updated-16 Sep, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AMD Speculative Code Store Bypass

Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage.

Action-Not Available
Vendor-Xen ProjectAdvanced Micro Devices, Inc.Intel CorporationDebian GNU/LinuxBroadcom Inc.Arm Limited
Product-debian_linuxcore_i7-7700kryzen_5_5600xxeon_silver_4214core_i7-10700kryzen_threadripper_2990wxcortex-a72xenryzen_7_2700xcore_i9-9900kbcm2711All supported processors
CWE ID-CWE-208
Observable Timing Discrepancy
CWE ID-CWE-203
Observable Discrepancy
CVE-2016-5337
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.43% / 34.39%
||
7 Day CHG-0.00%
Published-14 Jun, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information.

Action-Not Available
Vendor-n/aCanonical Ltd.QEMUDebian GNU/Linux
Product-debian_linuxubuntu_linuxqemun/a
CVE-2016-2178
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-1.17% / 63.71%
||
7 Day CHG~0.00%
Published-20 Jun, 2016 | 00:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.

Action-Not Available
Vendor-n/aCanonical Ltd.Oracle CorporationSUSEOpenSSLDebian GNU/LinuxNode.js (OpenJS Foundation)
Product-debian_linuxubuntu_linuxnode.jslinux_enterprisesolarislinuxopenssln/a
CWE ID-CWE-203
Observable Discrepancy
CVE-2021-34999
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-3.8||LOW
EPSS-0.24% / 15.19%
||
7 Day CHG~0.00%
Published-07 May, 2024 | 22:54
Updated-14 Aug, 2025 | 01:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability

OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of multicast routing. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. . Was ZDI-CAN-14540.

Action-Not Available
Vendor-OpenBSD
Product-openbsdKernelopenbsd
CWE ID-CWE-908
Use of Uninitialized Resource
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found