Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-51384

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-18 Dec, 2023 | 00:00
Updated At-28 May, 2026 | 18:51
Rejected At-
Credits

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:18 Dec, 2023 | 00:00
Updated At:28 May, 2026 | 18:51
Rejected At:
▼CVE Numbering Authority (CNA)

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.openssh.com/txt/release-9.6
N/A
https://www.openwall.com/lists/oss-security/2023/12/18/2
N/A
https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b
N/A
https://www.debian.org/security/2023/dsa-5586
vendor-advisory
https://security.netapp.com/advisory/ntap-20240105-0005/
N/A
https://support.apple.com/kb/HT214084
N/A
http://seclists.org/fulldisclosure/2024/Mar/21
mailing-list
Hyperlink: https://www.openssh.com/txt/release-9.6
Resource: N/A
Hyperlink: https://www.openwall.com/lists/oss-security/2023/12/18/2
Resource: N/A
Hyperlink: https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b
Resource: N/A
Hyperlink: https://www.debian.org/security/2023/dsa-5586
Resource:
vendor-advisory
Hyperlink: https://security.netapp.com/advisory/ntap-20240105-0005/
Resource: N/A
Hyperlink: https://support.apple.com/kb/HT214084
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2024/Mar/21
Resource:
mailing-list
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.openssh.com/txt/release-9.6
x_transferred
https://www.openwall.com/lists/oss-security/2023/12/18/2
x_transferred
https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b
x_transferred
https://www.debian.org/security/2023/dsa-5586
vendor-advisory
x_transferred
https://security.netapp.com/advisory/ntap-20240105-0005/
x_transferred
https://support.apple.com/kb/HT214084
x_transferred
http://seclists.org/fulldisclosure/2024/Mar/21
mailing-list
x_transferred
Hyperlink: https://www.openssh.com/txt/release-9.6
Resource:
x_transferred
Hyperlink: https://www.openwall.com/lists/oss-security/2023/12/18/2
Resource:
x_transferred
Hyperlink: https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b
Resource:
x_transferred
Hyperlink: https://www.debian.org/security/2023/dsa-5586
Resource:
vendor-advisory
x_transferred
Hyperlink: https://security.netapp.com/advisory/ntap-20240105-0005/
Resource:
x_transferred
Hyperlink: https://support.apple.com/kb/HT214084
Resource:
x_transferred
Hyperlink: http://seclists.org/fulldisclosure/2024/Mar/21
Resource:
mailing-list
x_transferred
2.
Affected Products
Vendor
Siemens AGSiemens
Product
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP
Default Status
unknown
Versions
Affected
  • From V3.1.5 before * (custom)
Vendor
Siemens AGSiemens
Product
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP
Default Status
unknown
Versions
Affected
  • From V3.1.5 before * (custom)
Vendor
Siemens AGSiemens
Product
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP
Default Status
unknown
Versions
Affected
  • From V3.1.5 before * (custom)
Vendor
Siemens AGSiemens
Product
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP
Default Status
unknown
Versions
Affected
  • From V3.1.5 before * (custom)
Vendor
Siemens AGSiemens
Product
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP
Default Status
unknown
Versions
Affected
  • From V3.1.5 before * (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://cert-portal.siemens.com/productcert/html/ssa-794697.html
N/A
https://cert-portal.siemens.com/productcert/html/ssa-769027.html
N/A
https://cert-portal.siemens.com/productcert/html/ssa-082556.html
N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-794697.html
Resource: N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-769027.html
Resource: N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-082556.html
Resource: N/A
3. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-284CWE-284 Improper Access Control
Type: CWE
CWE ID: CWE-284
Description: CWE-284 Improper Access Control
Metrics
VersionBase scoreBase severityVector
3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:18 Dec, 2023 | 19:15
Updated At:28 May, 2026 | 20:16

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Secondary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Primary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CPE Matches

OpenBSD
openbsd
>>openssh>>Versions from 8.9(inclusive) to 9.6(exclusive)
cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>11.0
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>12.0
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE-284Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-284
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://seclists.org/fulldisclosure/2024/Mar/21cve@mitre.org
Mailing List
Third Party Advisory
https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754bcve@mitre.org
Patch
Third Party Advisory
https://security.netapp.com/advisory/ntap-20240105-0005/cve@mitre.org
Third Party Advisory
https://support.apple.com/kb/HT214084cve@mitre.org
Third Party Advisory
https://www.debian.org/security/2023/dsa-5586cve@mitre.org
Third Party Advisory
https://www.openssh.com/txt/release-9.6cve@mitre.org
Release Notes
https://www.openwall.com/lists/oss-security/2023/12/18/2cve@mitre.org
Mailing List
Release Notes
http://seclists.org/fulldisclosure/2024/Mar/21af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754baf854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
https://security.netapp.com/advisory/ntap-20240105-0005/af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://support.apple.com/kb/HT214084af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.debian.org/security/2023/dsa-5586af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.openssh.com/txt/release-9.6af854a3a-2127-422b-91ae-364da2661108
Release Notes
https://www.openwall.com/lists/oss-security/2023/12/18/2af854a3a-2127-422b-91ae-364da2661108
Mailing List
Release Notes
https://cert-portal.siemens.com/productcert/html/ssa-082556.html0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
N/A
https://cert-portal.siemens.com/productcert/html/ssa-769027.html0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
N/A
https://cert-portal.siemens.com/productcert/html/ssa-794697.html0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
N/A
Hyperlink: http://seclists.org/fulldisclosure/2024/Mar/21
Source: cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
Hyperlink: https://security.netapp.com/advisory/ntap-20240105-0005/
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://support.apple.com/kb/HT214084
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://www.debian.org/security/2023/dsa-5586
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://www.openssh.com/txt/release-9.6
Source: cve@mitre.org
Resource:
Release Notes
Hyperlink: https://www.openwall.com/lists/oss-security/2023/12/18/2
Source: cve@mitre.org
Resource:
Mailing List
Release Notes
Hyperlink: http://seclists.org/fulldisclosure/2024/Mar/21
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
Hyperlink: https://security.netapp.com/advisory/ntap-20240105-0005/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://support.apple.com/kb/HT214084
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://www.debian.org/security/2023/dsa-5586
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://www.openssh.com/txt/release-9.6
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Release Notes
Hyperlink: https://www.openwall.com/lists/oss-security/2023/12/18/2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Release Notes
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-082556.html
Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
Resource: N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-769027.html
Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
Resource: N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-794697.html
Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

266Records found

CVE-2021-35477
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.46% / 36.67%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 03:57
Updated-04 Aug, 2024 | 00:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncFedora ProjectDebian GNU/Linux
Product-debian_linuxlinux_kernelfedoran/a
CWE ID-CWE-203
Observable Discrepancy
CVE-2022-41946
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.48% / 37.95%
||
7 Day CHG-0.01%
Published-23 Nov, 2022 | 00:00
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TemporaryFolder on unix-like systems does not limit access to created files in pgjdbc

pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either `PreparedStatement.setText(int, InputStream)` or `PreparedStatemet.setBytea(int, InputStream)` will create a temporary file if the InputStream is larger than 2k. This will create a temporary file which is readable by other users on Unix like systems, but not MacOS. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. Java 1.7 and higher users: this vulnerability is fixed in 4.5.0. Java 1.6 and lower users: no patch is available. If you are unable to patch, or are stuck running on Java 1.6, specifying the java.io.tmpdir system environment variable to a directory that is exclusively owned by the executing user will mitigate this vulnerability.

Action-Not Available
Vendor-pgjdbcDebian GNU/LinuxThe PostgreSQL Global Development Group
Product-debian_linuxpostgresql_jdbc_driverpgjdbc
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-377
Insecure Temporary File
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2023-4569
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.28% / 19.98%
||
7 Day CHG~0.00%
Published-28 Aug, 2023 | 21:46
Updated-27 Feb, 2025 | 21:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: information leak in nft_set_catchall_flush in net/netfilter/nf_tables_api.c

A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, IncRed Hat, Inc.Fedora Project
Product-debian_linuxlinux_kernelenterprise_linuxRed Hat Enterprise Linux 9FedoraRed Hat Enterprise Linux 7KernelRed Hat Enterprise Linux 8Red Hat Enterprise Linux 6
CWE ID-CWE-402
Transmission of Private Resources into a New Sphere ('Resource Leak')
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2021-34556
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.42% / 33.75%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 04:02
Updated-04 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncFedora ProjectDebian GNU/Linux
Product-debian_linuxlinux_kernelfedoran/a
CWE ID-CWE-203
Observable Discrepancy
CVE-2023-3773
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.24% / 14.69%
||
7 Day CHG~0.00%
Published-25 Jul, 2023 | 15:47
Updated-14 Nov, 2025 | 14:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: xfrm: out-of-bounds read of xfrma_mtimer_thresh nlattr

A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace.

Action-Not Available
Vendor-Fedora ProjectDebian GNU/LinuxRed Hat, Inc.Linux Kernel Organization, Inc
Product-debian_linuxlinux_kernelfedoraenterprise_linuxRed Hat Enterprise Linux 6Red Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-8698
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.51% / 39.70%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:01
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aNetApp, Inc.Debian GNU/LinuxSiemens AGIntel CorporationFedora Project
Product-solidfire_bioshci_storage_nodecore_i5-1030g7core_i3-1000g4core_i7-1060g7simatic_ipc677ecore_i5-1035g1hci_compute_nodecore_i7-1160g7core_i5-1035g7core_i5-1135g7core_i3-1000g1clustered_data_ontapsimatic_ipc647e_firmwarefedorasimatic_ipc627e_firmwarecore_i7-1185g7simatic_field_pg_m6_firmwaresimatic_ipc477esimatic_ipc627ecore_i7-1165g7simatic_field_pg_m5simatic_ipc847e_firmwaresimatic_itp1000microcodecore_i3-1115g4core_i5-1030g4simatic_ipc477e_firmwarehci_compute_node_biossimatic_ipc427e_firmwarecore_i3-1110g4simatic_ipc847esimatic_ipc427ecore_i3-1005g1simatic_field_pg_m6simatic_ipc477e_prosimatic_field_pg_m5_firmwaresolidfiresimatic_ipc477e_pro_firmwaresimatic_ipc677e_firmwaredebian_linuxsimatic_itp1000_firmwarecore_i7-1065g7core_i5-1035g4core_i5-1130g7hci_storage_node_biossimatic_ipc647ecore_i3-1120g4core_i3-1125g4Intel(R) Processors
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2021-34693
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.47% / 37.43%
||
7 Day CHG~0.00%
Published-14 Jun, 2021 | 00:00
Updated-04 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-909
Missing Initialization of Resource
CVE-2021-0561
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.46% / 36.97%
||
7 Day CHG~0.00%
Published-22 Jun, 2021 | 11:00
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683

Action-Not Available
Vendor-n/aGoogle LLCFedora ProjectDebian GNU/Linux
Product-androiddebian_linuxfedoraAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-31829
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.31% / 22.34%
||
7 Day CHG~0.00%
Published-06 May, 2021 | 15:43
Updated-03 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also, the BPF stack can contain uninitialized data that might represent sensitive information previously operated on by the kernel.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncFedora ProjectDebian GNU/Linux
Product-debian_linuxlinux_kernelfedoran/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-29155
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-1.07% / 60.77%
||
7 Day CHG~0.00%
Published-20 Apr, 2021 | 00:00
Updated-03 Aug, 2024 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncFedora ProjectDebian GNU/Linux
Product-debian_linuxlinux_kernelfedoran/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2013-1425
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-5.5||MEDIUM
EPSS-0.34% / 25.95%
||
7 Day CHG~0.00%
Published-07 Nov, 2019 | 20:40
Updated-06 Aug, 2024 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions.

Action-Not Available
Vendor-ldap_git_backup_projectldap-git-backupDebian GNU/Linux
Product-ldap_git_backupdebian_linuxldap-git-backup
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-29647
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.37% / 28.64%
||
7 Day CHG~0.00%
Published-30 Mar, 2021 | 20:36
Updated-03 Aug, 2024 | 22:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncFedora ProjectDebian GNU/Linux
Product-debian_linuxlinux_kernelfedoran/a
CWE ID-CWE-909
Missing Initialization of Resource
CVE-2012-5476
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.40% / 31.81%
||
7 Day CHG~0.00%
Published-30 Dec, 2019 | 19:02
Updated-06 Aug, 2024 | 21:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value.

Action-Not Available
Vendor-Debian GNU/LinuxOpenStack
Product-horizondebian_linuxopenstack-dashboard
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2023-20593
Matching Score-8
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-8
Assigner-Advanced Micro Devices Inc.
CVSS Score-5.5||MEDIUM
EPSS-5.79% / 92.21%
||
7 Day CHG~0.00%
Published-24 Jul, 2023 | 19:38
Updated-13 Feb, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.

Action-Not Available
Vendor-Xen ProjectAdvanced Micro Devices, Inc.Debian GNU/Linux
Product-epyc_7302pryzen_9_3950xryzen_3_pro_4350g_firmwareryzen_3_5300uepyc_7742_firmwareepyc_7702pepyc_7552_firmwareepyc_7f32_firmwareepyc_7f52_firmwareepyc_7272_firmwareepyc_7302p_firmwareryzen_7_5700u_firmwareepyc_7232p_firmwareryzen_threadripper_3960xepyc_7402epyc_7662epyc_7662_firmwareryzen_5_5500uryzen_9_3900xepyc_7452ryzen_threadripper_3990x_firmwareepyc_7542epyc_7f72ryzen_3_4300g_firmwareryzen_7_pro_4750geryzen_threadripper_pro_3975wx_firmwareathlon_gold_7220uryzen_3_pro_4350ge_firmwareepyc_7262_firmwareepyc_7f72_firmwareepyc_7f52ryzen_9_3900_firmwareryzen_3_pro_4200g_firmwareryzen_7_3800xryzen_7_4700gryzen_3_4300gepyc_7402p_firmwareryzen_7_4700g_firmwareepyc_7282_firmwareepyc_7282ryzen_7_3800x_firmwareryzen_9_3950x_firmwareryzen_3_3300x_firmwareryzen_5_3500_firmwareepyc_7702ryzen_5_pro_4650gepyc_7272epyc_7532_firmwareryzen_7_3700x_firmwareepyc_7352_firmwareryzen_threadripper_3990xepyc_7302epyc_7352ryzen_7_4700geepyc_7232pathlon_gold_7220u_firmwareryzen_7_5700uryzen_threadripper_3970x_firmwareryzen_5_pro_4650g_firmwareepyc_7252ryzen_3_pro_4450u_firmwareepyc_7552ryzen_9_pro_3900_firmwareryzen_5_3600xt_firmwareryzen_3_3100_firmwareryzen_5_7520u_firmwareryzen_7_3800xtepyc_7542_firmwareryzen_3_4300ge_firmwareryzen_3_pro_4200gepyc_7h12epyc_7502ryzen_3_3300xepyc_7452_firmwareryzen_5_3600x_firmwareryzen_5_3500ryzen_threadripper_pro_3955wxryzen_threadripper_pro_3995wxxenryzen_7_pro_4750g_firmwareryzen_7_pro_4750ge_firmwareepyc_7642ryzen_3_7320uepyc_7702p_firmwareepyc_7502pryzen_5_pro_4400g_firmwareryzen_threadripper_pro_3945wx_firmwareepyc_7502p_firmwareryzen_9_pro_3900ryzen_7_3700xepyc_7252_firmwareryzen_5_pro_4650ge_firmwareryzen_threadripper_3960x_firmwareryzen_5_3600xtryzen_5_3600xryzen_3_7320u_firmwareryzen_3_4300geryzen_9_3900xt_firmwareryzen_5_7520uepyc_7302_firmwareepyc_7502_firmwareryzen_7_3800xt_firmwareryzen_5_3500xryzen_5_4600ge_firmwareryzen_7_pro_4750gepyc_7f32ryzen_5_pro_4650geepyc_7402pryzen_threadripper_pro_3945wxepyc_7642_firmwareryzen_threadripper_pro_3995wx_firmwareryzen_3_pro_4350gryzen_threadripper_pro_3975wxryzen_3_pro_4450uryzen_9_3900x_firmwareepyc_7532ryzen_7_pro_4750u_firmwareryzen_threadripper_pro_3955wx_firmwareepyc_7742ryzen_5_3600_firmwareryzen_9_3900xtryzen_5_3500x_firmwareryzen_7_4700ge_firmwareryzen_5_4600geryzen_5_4600g_firmwareryzen_3_5300u_firmwareryzen_5_3600ryzen_threadripper_3970xryzen_3_3100ryzen_7_pro_4750uepyc_7702_firmwareryzen_5_4600gepyc_7402_firmwareryzen_9_3900ryzen_5_5500u_firmwaredebian_linuxryzen_5_pro_4400gepyc_7h12_firmwareryzen_3_pro_4350geepyc_72622nd Gen AMD EPYC™ ProcessorsRyzen™ 5000 Series Mobile processors with Radeon™ Graphics “Lucienne”Ryzen™ 3000 Series Desktop Processors “Matisse” AM4Ryzen™ 4000 Series Mobile processors with Radeon™ Graphics “Renoir”Ryzen™ 7020 Series processors “Mendocino” FT6Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS SP33rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDTAMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics “Renoir” AM4
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
CVE-2023-20588
Matching Score-8
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-8
Assigner-Advanced Micro Devices Inc.
CVSS Score-5.5||MEDIUM
EPSS-12.40% / 95.71%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 17:06
Updated-17 Oct, 2024 | 14:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Speculative Leaks

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. 

Action-Not Available
Vendor-Debian GNU/LinuxMicrosoft CorporationXen ProjectFedora ProjectAdvanced Micro Devices, Inc.
Product-windows_server_2022_23h2athlon_gold_pro_3150ge_firmwareryzen_3_pro_3200ge_firmwareepyc_7371_firmwareepyc_7261epyc_7451ryzen_5_pro_3400g_firmwareryzen_3_3200gewindows_11_21h2epyc_7551_firmwareryzen_5_pro_3350ge_firmwareathlon_silver_pro_3125ge_firmwarewindows_10_21h2epyc_7351p_firmwareathlon_pro_300gefedoraathlon_gold_pro_3150gwindows_10_22h2epyc_7571_firmwareryzen_5_pro_3400gepyc_7401pryzen_5_3400gepyc_7281_firmwareathlon_silver_pro_3125geepyc_7601ryzen_5_pro_3350geryzen_3_pro_3200geryzen_3_pro_3200g_firmwareepyc_7371athlon_pro_300ge_firmwareryzen_3_3200g_firmwareryzen_3_pro_3200gathlon_silver_3050gedebian_linuxepyc_7451_firmwareryzen_3_3200gepyc_7281epyc_7551windows_11_22h2epyc_7301epyc_7551pwindows_server_2008epyc_7401p_firmwareathlon_gold_3150gwindows_server_2016athlon_silver_3050ge_firmwarewindows_server_2012epyc_7351pepyc_7551p_firmwarewindows_10_1507ryzen_5_pro_3350g_firmwareepyc_7601_firmwareepyc_7351_firmwareepyc_7251epyc_7401epyc_7571athlon_gold_pro_3150gexenwindows_10_1607athlon_gold_pro_3150g_firmwareathlon_gold_3150geepyc_7251_firmwareepyc_7401_firmwareryzen_5_pro_3400geryzen_5_pro_3350gryzen_3_3200ge_firmwareryzen_5_3400g_firmwareepyc_7351epyc_7261_firmwarewindows_11_23h2windows_10_1809ryzen_5_pro_3400ge_firmwareathlon_gold_3150ge_firmwareepyc_7501epyc_7501_firmwareathlon_gold_3150g_firmwareepyc_7301_firmwarewindows_server_2019Athlon™ PRO 3000 Series Processors with Radeon™ Vega Graphics EPYC™ 7001 ProcessorsRyzen™ PRO 3000 Series Processors with Radeon™ Vega GraphicsAthlon™ 3000 Series Processors with Radeon™ Graphics Ryzen™ 3000 Series Processors with Radeon™ Graphics
CWE ID-CWE-369
Divide By Zero
CVE-2019-2101
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.40% / 31.98%
||
7 Day CHG~0.00%
Published-07 Jun, 2019 | 19:41
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In uvc_parse_standard_control of uvc_driver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-111760968.

Action-Not Available
Vendor-Canonical Ltd.AndroidGoogle LLCDebian GNU/Linux
Product-androiddebian_linuxubuntu_linuxAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-34677
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.29% / 20.36%
||
7 Day CHG~0.00%
Published-30 Dec, 2022 | 00:00
Updated-11 Apr, 2025 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.

Action-Not Available
Vendor-Red Hat, Inc.Citrix (Cloud Software Group, Inc.)Debian GNU/LinuxVMware (Broadcom Inc.)Linux Kernel Organization, IncNVIDIA Corporation
Product-debian_linuxlinux_kernelgpu_display_driverenterprise_linux_kernel-based_virtual_machinevirtual_gpuhypervisornvsteslavspherequadrocloud_gaminggeforcertxvGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CVE-2025-40760
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.8||MEDIUM
EPSS-0.12% / 2.41%
||
7 Day CHG~0.00%
Published-11 Nov, 2025 | 20:20
Updated-12 Nov, 2025 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Altair Grid Engine (All versions < V2026.0.0). Affected products do not properly handle error messages and discloses sensitive password hash information when processing user authentication requests. This could allow a local attacker to extract password hashes for privileged accounts, which can then be subjected to offline brute-force attacks.

Action-Not Available
Vendor-Siemens AG
Product-Altair Grid Engine
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
CVE-2025-40572
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.8||MEDIUM
EPSS-0.12% / 2.25%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:38
Updated-08 Jul, 2025 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly assign permissions to critical ressources. This could allow a non-privileged local attacker to access sensitive information stored on the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403scalance_lpe9403_firmwareSCALANCE LPE9403
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2009-1073
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.92% / 56.08%
||
7 Day CHG~0.00%
Published-31 Mar, 2009 | 18:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

nss-ldapd before 0.6.8 uses world-readable permissions for the /etc/nss-ldapd.conf file, which allows local users to obtain a cleartext password for the LDAP server by reading the bindpw field.

Action-Not Available
Vendor-n/aDebian GNU/Linux
Product-debian_linuxnss-ldapn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-50302
Matching Score-8
Assigner-kernel.org
ShareView Details
Matching Score-8
Assigner-kernel.org
CVSS Score-5.5||MEDIUM
EPSS-0.81% / 52.41%
||
7 Day CHG~0.00%
Published-19 Nov, 2024 | 01:30
Updated-23 May, 2026 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-03-25||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
HID: core: zero-initialize the report buffer

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report.

Action-Not Available
Vendor-Debian GNU/LinuxGoogle LLCSiemens AGLinux Kernel Organization, Inc
Product-debian_linuxandroidlinux_kernelLinuxSCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 familySIMATIC S7-1500 TM MFP - GNU/Linux subsystemRUGGEDCOM RST2428PSCALANCE XCM-/XRM-/XCH-/XRH-300 familyKernel
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2022-46141
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-4.2||MEDIUM
EPSS-0.14% / 3.84%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:25
Updated-25 Nov, 2024 | 21:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An information disclosure vulnerability could allow a local attacker to gain access to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs, when entered by a legitimate user in the hardware configuration of the affected application.

Action-Not Available
Vendor-Siemens AG
Product-simatic_step_7SIMATIC STEP 7 (TIA Portal)
CWE ID-CWE-316
Cleartext Storage of Sensitive Information in Memory
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2012-0842
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.38% / 30.10%
||
7 Day CHG~0.00%
Published-19 Nov, 2019 | 14:53
Updated-06 Aug, 2024 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

surf: cookie jar has read access from other local user

Action-Not Available
Vendor-sucklesssurfDebian GNU/Linux
Product-debian_linuxsurfsurf
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2011-4915
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.51% / 39.92%
||
7 Day CHG~0.00%
Published-20 Feb, 2020 | 17:03
Updated-07 Aug, 2024 | 00:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kernelLinux kernel
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2021-21290
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-6.2||MEDIUM
EPSS-1.78% / 75.52%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 20:10
Updated-03 Aug, 2024 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local Information Disclosure Vulnerability in Netty on Unix-Like systems due temporary files

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the temporary directory is shared between all user. As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure. Of note, this does not impact modern MacOS Operating Systems. The method "File.createTempFile" on unix-like systems creates a random file, but, by default will create this file with the permissions "-rw-r--r--". Thus, if sensitive information is written to this file, other local users can read this information. This is the case in netty's "AbstractDiskHttpData" is vulnerable. This has been fixed in version 4.1.59.Final. As a workaround, one may specify your own "java.io.tmpdir" when you start the JVM or use "DefaultHttpDataFactory.setBaseDir(...)" to set the directory to something that is only readable by the current user.

Action-Not Available
Vendor-quarkusThe Netty ProjectNetApp, Inc.Debian GNU/LinuxOracle Corporation
Product-banking_trade_finance_process_managementdebian_linuxquarkuscommunications_messaging_servernettynosql_databasecommunications_design_studioactive_iq_unified_managerbanking_corporate_lending_process_managementcloud_secure_agentbanking_credit_facilities_process_managementcommunications_brm_-_elastic_charging_enginesnapcenternetty
CWE ID-CWE-378
Creation of Temporary File With Insecure Permissions
CWE ID-CWE-379
Creation of Temporary File in Directory with Insecure Permissions
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2020-8695
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.41% / 33.23%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:03
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel CorporationFedora ProjectDebian GNU/Linux
Product-xeon_e3-1501m_firmwarepentium_g4500_firmwarepentium_silver_n5000_firmwareceleron_3955u_firmwarexeon_e3-1235lpentium_4415ycore_i3-6300core_i5-1035g7core_i3-6100e_firmwarepentium_gold_g5420xeon_e-2124g_firmwarecore_i7-9700kfpentium_gold_g5420t_firmwarecore_i5-8305g_firmwarecore_i5-7500_firmwarecore_i5-8400hceleron_g3940pentium_gold_g5420_firmwarecore_i5-7y54xeon_e3-1535m_firmwarecore_i7-1060g7_firmwarecore_i3-7007u_firmwarecore_i7-6650u_firmwarecore_i9-9900kfpentium_g4400tceleron_g3920t_firmwarepentium_gold_g5400tcore_i3-10100f_firmwarexeon_e3-1268lcore_i7-8670core_i5-1035g4core_i3-8145ucore_i7-6822eqcore_i5-7210u_firmwarecore_i7-6700tecore_i3-7020ucore_i7-6567u_firmwarecore_i3-8109uxeon_e3-1565l_firmwarecore_i7-7600ucore_i5-9400f_firmwarecore_i5-7y57_firmwarecore_i3-6100t_firmwarecore_i3-7100e_firmwarecore_i3-7100exeon_e3-1275_firmwarecore_i5-6442eq_firmwarecore_i5-8269u_firmwarexeon_e-2278gexeon_e3-1268l_firmwarexeon_e-2134_firmwarecore_i5-6287u_firmwarexeon_e3-1578l_firmwarecore_m5-6y54core_i5-6600kceleron_n4100core_i3-7120t_firmwareceleron_g3940_firmwarecore_i7-7600u_firmwarepentium_g4520_firmwarecore_i5-8400bcore_i7-10610u_firmwarepentium_g4420core_i7-10710u_firmwarecore_i7-7820hkcore_i5-6500te_firmwarecore_i5-8550core_i5-8400h_firmwareceleron_n4120core_i7-6970hqcore_i5-7500ucore_i3-6120tceleron_3865u_firmwarecore_i5-8600xeon_e3-1225xeon_e-2136celeron_g3930tecore_i7-9700kcore_i5-9400_firmwarecore_i7-8500y_firmwareceleron_3865ucore_i3-8100core_i7-1060g7core_i7-7740x_firmwarecore_i9-10900xeon_e3-1545mpentium_g4520t_firmwarecore_m7-6y75xeon_e3-1270_firmwarecore_i5-6600t_firmwareceleron_g4900tcore_m3-6y30fedoraceleron_3855u_firmwarecore_4205ucore_i5-7287u_firmwarecore_i7-7700celeron_g3900te_firmwarecore_i7-7820hq_firmwarecore_i3-7102ecore_i7-7920hq_firmwarecore_i5-8600kxeon_e-2124_firmwarecore_i7-8700k_firmwarecore_i7-8700_firmwarexeon_e3-1220core_i7-8750hceleron_g3900_firmwarecore_i5-8365ucore_i5-9600kfcore_i5-8500b_firmwarepentium_4410ycore_i3-7100u_firmwarecore_i5-7600core_i3-6100h_firmwarexeon_e-2286mcore_i5-1030g4_firmwarecore_i7-10750hcore_i3-7120_firmwarecore_i7-7820eq_firmwarecore_i5-8550_firmwarecore_i3-8300core_i3-1000g4xeon_e-2186gcore_i5-7267u_firmwarecore_i5-7400tpentium_4415y_firmwarexeon_e3-1535mxeon_e3-1505m_firmwarexeon_e-2174gcore_i7-8809gceleron_j4105core_i5-7260ucore_i7-8700bcore_i5-8420_firmwarecore_i3-8000t_firmwarecore_i7-7500u_firmwarecore_i5-7267ucore_i3-8020_firmwarecore_i7-7820hk_firmwarecore_i9-9900kf_firmwarecore_i7-6560uxeon_e3-1505lpentium_g4420tcore_i5-8300hcore_i5-8600t_firmwarecore_i5-6600_firmwareceleron_j4125_firmwarepentium_gold_g5500tpentium_g4400_firmwarecore_i7-8510y_firmwarexeon_e3-1565lcore_i3-7110u_firmwarecore_i5-7300u_firmwarecore_i5-8600_firmwarecore_i5-9600kf_firmwarexeon_e3-1260lcore_i7-7510u_firmwarecore_i7-9750hfceleron_g4920core_i5-9300h_firmwarecore_i3-6167upentium_silver_j5005xeon_e-2278gelcore_i5-8400b_firmwarecore_i7-6700t_firmwarecore_i3-8100_firmwarecore_i7-7740xxeon_e3-1240_firmwarecore_i7-6500ucore_i3-7110ucore_i7-6500u_firmwarecore_i3-8120celeron_g3902exeon_e-2124core_i9-9880hcore_i5-7287ucore_i7-10710ucore_i5-8500t_firmwarexeon_e3-1558ldebian_linuxcore_i3-7100h_firmwarecore_i5-8300h_firmwarexeon_e-2136_firmwarecore_i5-6300ucore_i7-8565ucore_i5-7300hq_firmwarexeon_e3-1245core_i5-7300hqcore_i7-7560ucore_i7-8706g_firmwarecore_i5-6600k_firmwarepentium_gold_g5420tcore_i3-6110u_firmwarecore_i3-6100hcore_i5-7400t_firmwarecore_i5-6200u_firmwarecore_i3-8100t_firmwarecore_i5-8259upentium_gold_g5500xeon_e-2146g_firmwarecore_i8350kcore_i7-8850h_firmwarecore_m7-6y75_firmwarecore_i7-6700hqpentium_g4500t_firmwarecore_i7-9700kf_firmwarecore_i7-9850h_firmwarecore_i5-6350hqxeon_e3-1515m_firmwarecore_i7-6660u_firmwarecore_i5-7600tcore_i3-6100te_firmwarecore_i5-6350hq_firmwarexeon_e-2278g_firmwarecore_i7-7500ucore_i7-8550ucore_i3-6120_firmwarexeon_e3-1505mcore_i5-6310u_firmwareceleron_j4025core_i5-8310y_firmwarecore_i5-6400_firmwarecore_i7-6650ucore_i5-9300hcore_i5-6210uxeon_e3-1240core_i9-10900_firmwarecore_i7-8559u_firmwarecore_i7-10610ucore_i5-1035g1_firmwarecore_i7-8665u_firmwarexeon_e-2176g_firmwarecore_i3-6100tcore_i7-8500ycore_i5-9400hcore_i7-7567uxeon_e3-1240l_firmwareceleron_g3900e_firmwarecore_i3-8145u_firmwarepentium_4405u_firmwarecore_i3-7367ucore_i3-7340_firmwarecore_i7-7660u_firmwarecore_i7-7820hqcore_i5-6260u_firmwarecore_i5-8210yceleron_g3920tcore_i7-8750h_firmwarecore_i3-6100ecore_i3-8300t_firmwarecore_i3-8109u_firmwarecore_i5-7400_firmwarexeon_e3-1280xeon_e3-1260l_firmwareceleron_3955ucore_i7-9700k_firmwarexeon_e-2288g_firmwareceleron_n4000core_i5-7y54_firmwarepentium_4405y_firmwarecore_i7-6567uxeon_e-2176m_firmwarexeon_e-2174g_firmwarecore_i3-7101ecore_i9-8950hk_firmwarecore_i5-8500core_i7-6870hq_firmwarecore_i3-8000_firmwarecore_i5-7600_firmwarecore_i7-7510ucore_i8130ucore_i7-8510ycore_i5-6267u_firmwarecore_i5-8265ucore_i3-7007ucore_i5-6300hqcore_i3-6110ucore_i5-6440hqcore_i7-7y75pentium_gold_g5400t_firmwarecore_i7-7560u_firmwarecore_i7-6700core_i5-7y57celeron_g3920_firmwarexeon_e-2486g_firmwarepentium_silver_j5040core_i5-7500tcore_i5-9600k_firmwarepentium_gold_g5500_firmwarecore_i8350k_firmwarepentium_gold_g5600celeron_j4125core_i3-6102e_firmwarexeon_e3-1230_firmwarecore_i7-7700kcore_i7-8705gpentium_g4540_firmwarecore_i7-8665ucore_i3-8300tcore_i7-7660ucore_i7-6600ucore_i3-6100u_firmwarecore_i3-8120_firmwarecore_i7-8706gcore_i9-9880h_firmwarecore_i7-8700t_firmwarexeon_e-2126g_firmwarecore_i5-6310ucore_i5-7500u_firmwarecore_i7-8700core_i5-8259u_firmwarexeon_e3-1501lcore_i3-6300tcore_i3-7130u_firmwarecore_i5-8400core_i3-6120core_i7-8705g_firmwarecore_i7-7700tcore_i5-7260u_firmwarepentium_gold_g5500t_firmwarecore_i7-6600u_firmwarecore_i5-7600k_firmwarecore_i7-6770hqcore_i7-8700kxeon_e-2486gcore_i5-7200u_firmwarecore_i5-8600k_firmwarecore_i5-7442eqxeon_e-2134xeon_e3-1545m_firmwarepentium_g4500txeon_e3-1515mcore_i5-1030g7core_i5-7442eq_firmwarexeon_e-2144g_firmwarecore_i3-1000g1core_i5-7360u_firmwarecore_i5-8210y_firmwarecore_i5-6442eqcore_i5-8420tcore_i5-9600kceleron_g3900core_i3-6300_firmwarecore_i7-7700hqceleron_g4900t_firmwarecore_i3-8100hxeon_e3-1225_firmwarecore_i7-6870hqpentium_g4500core_i5-8350ucore_i3-1005g1_firmwareceleron_n4000_firmwarecore_i3-6320t_firmwarecore_i5-7300ucore_i5-6440hq_firmwarecore_m3-6y30_firmwarepentium_4415u_firmwarecore_i5-8500tceleron_3965y_firmwarecore_i5-7500core_i5-6400core_i5-7200upentium_g4540core_i5-8350u_firmwarecore_i7-8700b_firmwareceleron_g3930ecore_i9-8950hkpentium_g4520pentium_4405ucore_i7-6820hq_firmwarecore_i3-6320_firmwarecore_i7-7920hqxeon_e3-1575m_firmwarepentium_g4400t_firmwarepentium_gold_g5600_firmwarecore_i5-8400tcore_i3-6100_firmwarexeon_e3-1578lcore_i5-8420core_i7-8670tceleron_j4105_firmwarecore_i7-6660ucore_i7-10750h_firmwarexeon_e3-1240lceleron_3965uceleron_g4920_firmwarepentium_silver_n5000core_i3-6120t_firmwarecore_i5-6500_firmwarecore_i3-7100hcore_i3-7101te_firmwarexeon_e3-1220_firmwarecore_i5-6500t_firmwarexeon_e3-1501l_firmwarecore_i9-9900kxeon_e-2176gpentium_gold_g5400_firmwarecore_i3-6320tcore_i7-8709gcore_i7-7y75_firmwarecore_i5-8200y_firmwarecore_i7-8550u_firmwareceleron_j4025_firmwarecore_i5-1035g7_firmwarepentium_silver_j5040_firmwarecore_i3-7120pentium_g4420t_firmwarecore_i5-6287ucore_i5-7640x_firmwarecore_i5-9400core_m3-8100y_firmwarecore_i3-8100tpentium_4415ucore_i5-6500tcore_i5-6260ucore_i3-7120tcore_i7-6700k_firmwarecore_i5-8650k_firmwarexeon_e-2278ge_firmwarecore_i5-7500t_firmwarecore_i7-8700tcore_i7-6820hk_firmwarecore_i7-6820hqcore_i5-7400xeon_e3-1501mcore_i7-8650ucore_i3-7102e_firmwarexeon_e3-1585_firmwarecore_m3-7y30_firmwarexeon_e3-1245_firmwarexeon_e-2286m_firmwarecore_i5-6600core_i7-6700tcore_i7-6920hqcore_i3-6167u_firmwarexeon_e3-1585core_i3-6100ucore_i7-6700_firmwarecore_i3-7320t_firmwarepentium_g4400tecore_i5-1035g1pentium_silver_n5030xeon_e3-1280_firmwarecore_i7-6510u_firmwarecore_i7-8565u_firmwarecore_i7-6822eq_firmwarexeon_e-2186g_firmwarecore_i8130u_firmwarecore_i5-1035g4_firmwarecore_i5-8500bxeon_e-2124gcore_i5-7600t_firmwarecore_i5-8269ucore_i5-7440hq_firmwarecore_i5-1030g4xeon_e-2288gcore_i5-6300hq_firmwarecore_i7-8709g_firmwarepentium_g4520tceleron_3965u_firmwareceleron_g3930e_firmwarecore_5405u_firmwarecore_i7-9850hcore_i5-9400fcore_i7-6700kcore_i3-8000core_i3-6320celeron_n4100_firmwarecore_i3-7320tcore_i5-7440eqcore_i7-6820eq_firmwarepentium_4410y_firmwarepentium_silver_j5005_firmwareceleron_g3900tcore_i3-8000tceleron_g3920core_i5-6400tcore_i3-7100ucore_i3-7101tecore_i5-7600kcore_m5-6y57core_i5-8250ucore_i3-1000g4_firmwarecore_5405uxeon_e-2126gcore_i7-6920hq_firmwarecore_i7-7820eqxeon_e3-1275core_i5-7360ucore_i5-6500core_i3-7340core_i7-8650u_firmwarexeon_e3-1235l_firmwarecore_i5-6200ucore_i7-8670t_firmwarecore_m3-8100ycore_i9-9900k_firmwarecore_i7-7700k_firmwarecore_i7-6700hq_firmwarecore_i5-8650_firmwarecore_i5-8250u_firmwareceleron_n4120_firmwarecore_i7-7567u_firmwareceleron_g3902e_firmwarecore_i5-8400_firmwarecore_i7-8670_firmwarexeon_e-2176mcore_i7-6970hq_firmwarecore_i7-7700hq_firmwarecore_i7-6820hkpentium_g4400core_i5-7440eq_firmwarecore_i3-1000g1_firmwarecore_i7-9750hf_firmwarecore_i5-8400t_firmwarecore_i5-6400t_firmwarecore_i3-6102ecore_i5-8365u_firmwarecore_i7-6700te_firmwarecore_i5-6600tpentium_g4420_firmwarecore_i3-8020core_i7-6510upentium_silver_n5030_firmwarecore_i5-6360u_firmwarecore_i3-8100h_firmwarexeon_e-2278gcore_i7-8850hcore_i5-7210ucore_i3-7130uceleron_j4005_firmwarecore_i5-8265u_firmwarecore_i3-10100fcore_i7-6560u_firmwarecore_i3-8300_firmwarecore_i7-6820eqcore_i7-1065g7_firmwareceleron_g3930te_firmwarexeon_e3-1558l_firmwarecore_i5-8650core_i5-6500tecore_m3-7y30core_4205u_firmwarecore_i5-8500_firmwarecore_i5-6210u_firmwareceleron_n4020_firmwarecore_i5-6300u_firmwarecore_i7-8809g_firmwarexeon_e3-1575mxeon_e3-1230core_i7-7700t_firmwarecore_i9-9980hk_firmwareceleron_g4900core_i5-9400h_firmwarecore_i5-1030g7_firmwarepentium_4405ycore_i5-8420t_firmwarecore_i5-8200ypentium_gold_g5400celeron_g3900t_firmwarecore_i3-6100core_i5-8310ycore_i5-7640xceleron_n4020celeron_g4900_firmwarexeon_e-2278gel_firmwarecore_i5-7440hqxeon_e-2144gcore_i5-6360ucore_m5-6y54_firmwarexeon_e3-1505l_firmwarecore_i3-6300t_firmwarecore_m5-6y57_firmwarecore_i5-8650kceleron_g3900ecore_i7-7700_firmwarecore_i7-6770hq_firmwarecore_i5-6267uceleron_3965ypentium_g4400te_firmwareceleron_g3900tecore_i3-1005g1celeron_j4005core_i3-7020u_firmwarecore_i3-7101e_firmwareceleron_3855ucore_i5-6440eqcore_i3-7367u_firmwarecore_i5-6440eq_firmwarecore_i5-8600tcore_i7-1065g7core_i5-8305gcore_i9-9980hkcore_i7-8559uxeon_e-2146gcore_i3-6100texeon_e3-1270xeon_e3-1585l_firmwarexeon_e3-1585lIntel(R) Processors
CWE ID-CWE-203
Observable Discrepancy
CVE-2020-8696
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.44% / 35.19%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:02
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.Debian GNU/LinuxFedora Project
Product-xeon_platinum_8153xeon_platinum_8276lxeon_w-2223core_i7-7700kcore_i7-8705gxeon_e-2276mcore_i7-8665uxeon_platinum_9222xeon_w-3245mxeon_gold_6230txeon_e3-1235lcore_i3-8300tcore_i7-7660ucore_i7-6600uxeon_gold_6146pentium_4415ycore_i7-8706gcore_i3-6300xeon_gold_6126txeon_w-3225xeon_e-2236celeron_5305upentium_gold_g5420core_i7-9700kfxeon_gold_5115xeon_silver_4208rcore_i7-7640xxeon_gold_6136xeon_platinum_8170xeon_w-2125core_i9-10940xcore_i5-8400hceleron_g3940core_i5-6310ucore_i7-8700xeon_e3-1501lcore_i3-6300tcore_i3-6120core_i5-8400core_i5-7y54xeon_gold_6138core_i7-7700txeon_gold_6246core_i5-10210uxeon_w-2295xeon_platinum_8164core_i7-6770hqcore_i7-8700kxeon_e-2226gcore_i9-9900kfpentium_g4400txeon_gold_6234solidfirepentium_gold_g5400txeon_e3-1268lcore_i7-8670xeon_w-2255core_i3-8145ucore_i5-10400hxeon_gold_5215mcore_i5-7442eqcore_i7-6822eqxeon_e-2134xeon_gold_5215core_i7-6700tecore_i3-7020uxeon_d-2143itxeon_gold_6262vcore_i3-8109upentium_g4500txeon_d-2163itxeon_platinum_8168core_i9-7920xxeon_e3-1515mcore_i7-7600uxeon_e-2224xeon_gold_5218core_i5-10110ycore_i3-7100exeon_silver_4109tcore_i7-10510yxeon_e-2278gexeon_gold_5215lcore_i3-10110uxeon_gold_6138fcore_m5-6y54xeon_gold_5122xeon_w-2245core_i5-6442eqcore_i5-6600kcore_i5-8420tcore_i9-7960xceleron_g3900core_i5-9600kcore_i7-7820xcore_i7-7700hqcore_i5-8400bxeon_platinum_8280mcore_i9-7980xexeon_silver_4114xeon_e3-1285pentium_g4420core_i7-7820hkcore_i3-8100hcore_i7-6870hqcore_i9-9940xceleron_g5305ucore_i5-8550pentium_g4500xeon_bronze_3104xeon_e-2184gxeon_gold_6240xeon_gold_6240lcore_i7-6970hqxeon_gold_6238lcore_i5-8350ucore_i3-6120tcore_i5-7500uxeon_platinum_8156core_i5-7300ucore_i5-8600xeon_e3-1225xeon_d-2173itceleron_g3930texeon_e-2136xeon_d-2123itcore_i7-10510ucore_i7-9700kxeon_e-2246gcore_i5-8500txeon_w-3265mcore_8269ucore_i5-7500celeron_3865ucore_i3-8100xeon_w-2265core_i5-6400xeon_e3-1545mcore_m7-6y75core_i5-7200uxeon_gold_6126fceleron_g4900tcore_m3-6y30pentium_g4540celeron_g3930efedoraxeon_gold_5218txeon_platinum_p-8124core_4205ucore_i9-8950hkxeon_gold_6150pentium_g4520core_i7-7700xeon_gold_5220rxeon_gold_6140pentium_4405ucore_i7-7920hqcore_i3-7102exeon_d-2146ntcore_i5-8600kxeon_platinum_8160fxeon_e-2254mlxeon_platinum_p-8136core_i5-8400txeon_e3-1220core_i7-8750hxeon_e3-1578lcore_i5-8365ucore_i9-10920xxeon_silver_4214ccore_i5-8420xeon_d-2187ntcore_i5-9600kfcore_i7-8670tcore_i7-6660ucore_i3-10100tepentium_4410ycore_i5-7600xeon_gold_6126xeon_e3-1240lcore_i9-7940xxeon_platinum_8160mceleron_3965ucore_i9-9960xxeon_d-2166ntxeon_e-2286mxeon_silver_4216xeon_gold_6230xeon_platinum_8253xeon_w-2195core_i3-7100hxeon_e-2276gcore_i3-8300xeon_e-2186gcore_i5-7400txeon_e-2276mlxeon_d-2183itxeon_e3-1535mxeon_silver_4116txeon_e-2244gxeon_e-2174gcore_i9-9900kxeon_e-2176gcore_i7-8809gclustered_data_ontapxeon_gold_6142fcore_i3-6320tcore_i5-7260ucore_i7-8700bcore_i7-8709gxeon_d-2145ntcore_i3-7120core_i5-6287uxeon_gold_6238xeon_gold_6130core_i5-7267umicrocodexeon_platinum_8260mcore_i7-7800xcore_i5-9400core_i9-9920xcore_i3-8100tpentium_4415uxeon_silver_4208core_i5-6500tcore_i5-6260uxeon_platinum_8260core_i3-7120tcore_i5-10210ycore_i7-8557ucore_i7-6560uxeon_w-2123pentium_g4420txeon_e3-1505lxeon_gold_5220sxeon_w-3275mcore_i7-8700txeon_platinum_9242core_i5-8300hxeon_gold_5215rxeon_platinum_9282core_i7-6820hqcore_i5-7400xeon_platinum_8280lxeon_silver_4110xeon_e3-1501mcore_i7-8650uxeon_bronze_3204xeon_gold_5119tcore_i5-6600xeon_silver_4108xeon_gold_6130tcore_i7-6700txeon_silver_4210core_i7-6920hqxeon_e3-1585pentium_gold_g5500tcore_i3-6100uxeon_e3-1565lxeon_gold_5217pentium_g4400texeon_gold_6230nxeon_platinum_8276mcore_i9-9800xxeon_w-3265xeon_gold_5218nxeon_e3-1260lxeon_bronze_3106xeon_gold_6138txeon_w-3245core_i7-9750hfxeon_gold_6238mceleron_g4920xeon_gold_5120core_i3-6167uxeon_e-2274gpentium_gold_g6405ucore_i5-8500bxeon_e-2124gxeon_e-2278gelxeon_e-2288gxeon_gold_5220xeon_platinum_8160txeon_e-2234core_i7-7740xxeon_silver_4214rcore_i7-6500ucore_i3-7110upentium_g4520txeon_gold_6254xeon_silver_4114tcore_i3-6320core_i3-8120celeron_g3902ecore_i5-9400fcore_i7-6700kxeon_e-2124core_i9-9880hcore_i3-8000core_i7-9850hcore_i5-7287uxeon_d-2141ixeon_gold_6154xeon_e3-1558ldebian_linuxcore_i3-7320tcore_i5-7440eqxeon_w-2175core_i7-8560uceleron_g3900thci_storage_node_biosxeon_platinum_8268core_i3-8000tceleron_g3920core_i5-6400tcore_i5-6300ucore_i3-7100uxeon_platinum_8176mxeon_e-2276mecore_i7-8565ucore_i3-7101texeon_gold_5222xeon_w-3275core_i5-7600kcore_m5-6y57core_i5-8250ucore_5405uxeon_e3-1245xeon_e-2126gcore_i5-7300hqcore_i7-7560uxeon_silver_4209txeon_silver_4116xeon_gold_6240mpentium_gold_g5420tcore_i7-7820eqcore_i3-6100hxeon_e3-1275xeon_gold_6252ncore_i5-8259uxeon_platinum_9221core_i5-7360uxeon_gold_6244core_i5-6500xeon_platinum_8160core_i3-7340xeon_gold_6248pentium_gold_g5500celeron_g5205uhcl_compute_nodexeon_silver_4216rcore_i5-6200uxeon_platinum_8280core_m3-8100ycore_i7-6700hqxeon_w-2235xeon_e-2186mxeon_gold_6148fcore_i5-6350hqxeon_e-2176mxeon_gold_6132xeon_gold_6240ycore_i7-6820hkcore_i5-7600txeon_platinum_8256xeon_gold_6152core_i9-9820xpentium_g4400xeon_platinum_8158xeon_w-2155core_i9-9900xcore_i7-7500ucore_i7-8550ucore_i5-10310yxeon_e-2224gxeon_w-2135xeon_e-2286gxeon_gold_6222vxeon_e-2284gcore_i3-6102exeon_platinum_8176xeon_e3-1505mxeon_gold_6242xeon_w-2145core_i5-6600tcore_i3-8020xeon_e-2226gecore_i7-6650ucore_i7-6510uxeon_gold_6142xeon_e-2278gxeon_platinum_8260yxeon_platinum_8270core_i5-9300hcore_i5-6210uxeon_e3-1240xeon_gold_6128xeon_silver_4215xeon_d-2142itxeon_platinum_8180mcore_i7-8850hcore_i5-7210ucore_i3-7130ucore_i7-10610uxeon_gold_5118xeon_gold_6130fcore_i3-7167ucore_i3-6100tcore_i5-9400hcore_i7-8500ycore_i7-7567ucore_i7-6820eqxeon_gold_6134mcore_i9-10900xxeon_silver_4214core_i5-8650xeon_platinum_8276xeon_gold_6238txeon_d-2161ixeon_silver_4210rcore_i5-6500texeon_silver_4214ycore_i7-7820hqceleron_g3920tcore_i5-8210yxeon_gold_5218bcore_m3-7y30xeon_gold_6142mcore_i3-6100exeon_e3-1280celeron_3955uxeon_platinum_8176fxeon_e3-1575mcore_i7-8750hfxeon_e3-1230solidfire_bioshci_storage_nodeceleron_g4900pentium_4405ycore_i5-8200ycore_i7-6567upentium_gold_g5400hcl_compute_node_bioscore_i3-7101ecore_i3-6100core_i5-8310yxeon_w-2275core_i9-7900xcore_i5-7640xcore_i5-8500xeon_silver_4112xeon_w-3223core_i5-7440hqxeon_gold_6226core_i5-6360uxeon_e-2144gcore_i7-7510uxeon_gold_5120tcore_i7-8510ycore_i7-8569ucore_i5-8650kxeon_gold_6252xeon_gold_6134core_i5-8265uxeon_platinum_9220xeon_e-2254mecore_i3-6110ucore_i3-7007ucore_i5-6300hqxeon_w-3235core_i5-6267uceleron_3965ycore_i5-6440hqcore_i7-7y75celeron_g3900texeon_bronze_3206rxeon_w-2225xeon_w-2133core_i7-6700celeron_3855ucore_i5-7y57core_i3-8350kxeon_gold_6148core_i5-6440eqcore_i5-8600tcore_i5-7500txeon_gold_6144core_i5-8305gxeon_platinum_8260lcore_i9-9980hkcore_i7-8559uxeon_gold_6140mxeon_platinum_8170mxeon_e-2146gcore_i3-6100texeon_d-2177ntcore_i3-8130uxeon_platinum_8180xeon_e3-1270pentium_gold_g5600xeon_gold_5220txeon_e3-1585lIntel(R) Processors
CWE ID-CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
CVE-2020-8632
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.37% / 28.75%
||
7 Day CHG~0.00%
Published-05 Feb, 2020 | 13:40
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEDebian GNU/Linux
Product-cloud-initdebian_linuxleapn/a
CWE ID-CWE-521
Weak Password Requirements
CVE-2020-8631
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.44% / 35.19%
||
7 Day CHG~0.00%
Published-05 Feb, 2020 | 13:39
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEDebian GNU/Linux
Product-cloud-initdebian_linuxleapn/a
CWE ID-CWE-330
Use of Insufficiently Random Values
CVE-2020-5202
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.46% / 36.97%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 17:54
Updated-04 Aug, 2024 | 08:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit SocketPath=/var/run/apt-cacher-ng/socket command-line option is passed. The cron job /etc/cron.daily/apt-cacher-ng (which is active by default) attempts this periodically. Because 3142 is an unprivileged port, any local user can try to bind to this port and will receive requests from acngtool. There can be sensitive data in these requests, e.g., if AdminAuth is enabled in /etc/apt-cacher-ng/security.conf. This sensitive data can leak to unprivileged local users that manage to bind to this port before the apt-cacher-ng daemon can.

Action-Not Available
Vendor-apt-cacher-ng_projectn/aDebian GNU/LinuxopenSUSE
Product-apt-cacher-ngdebian_linuxbackportsleapn/a
CVE-2020-3812
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-5.5||MEDIUM
EPSS-0.43% / 34.19%
||
7 Day CHG~0.00%
Published-26 May, 2020 | 13:04
Updated-16 Sep, 2024 | 16:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. A local attacker can test for the existence of files and directories anywhere in the filesystem because qmail-verify runs as root and tests for the existence of files in the attacker's home directory, without dropping its privileges first.

Action-Not Available
Vendor-netqmailCanonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxnetqmaildebian_linuxnetqmail
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-0427
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.49% / 38.66%
||
7 Day CHG~0.00%
Published-17 Sep, 2020 | 00:00
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-140550171

Action-Not Available
Vendor-starwindsoftwaren/aopenSUSEGoogle LLCDebian GNU/Linux
Product-androiddebian_linuxstarwind_virtual_sanleapAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-28394
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.71% / 49.15%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 15:38
Updated-04 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of RAS files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12283)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-28390
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.44% / 35.34%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 20:18
Updated-04 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Execution Core (V8.2), Opcenter Execution Core (V8.3). The application contains an information leakage vulnerability in the handling of web client sessions. A local attacker who has access to the Web Client Session Storage could disclose the passwords of currently logged-in users.

Action-Not Available
Vendor-Siemens AG
Product-opcenter_execution_coreOpcenter Execution Core
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2020-27008
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.71% / 49.15%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 15:38
Updated-04 Aug, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of PLT files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12209)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-26998
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.65% / 46.48%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 15:38
Updated-04 Aug, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information. (ZDI-CAN-12040)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-25231
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.17% / 6.68%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 21:05
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The encryption of program data for the affected devices uses a static key. An attacker could use this key to extract confidential information from protected program files.

Action-Not Available
Vendor-Siemens AG
Product-logo\!_soft_comfortlogo\!_8_bmlogo\!_8_bm_firmwareLOGO! 8 BM (incl. SIPLUS variants)LOGO! Soft Comfort
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-25233
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.19% / 8.61%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 21:05
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The firmware update of affected devices contains the private RSA key that is used as a basis for encryption of communication with the device.

Action-Not Available
Vendor-Siemens AG
Product-logo\!_8_bmlogo\!_8_bm_firmwareLOGO! 8 BM (incl. SIPLUS variants)
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CVE-2020-10053
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.15% / 4.58%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:31
Updated-04 Aug, 2024 | 10:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application writes sensitive data, such as database credentials in configuration files. A local attacker with access to the configuration files could use this information to launch further attacks.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rtls_locating_managerSIMATIC RTLS Locating Manager
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2020-1753
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-0.51% / 39.49%
||
7 Day CHG~0.00%
Published-16 Mar, 2020 | 14:37
Updated-04 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Fedora Project
Product-ansible_engineansible_towerdebian_linuxfedoraAnsible
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CWE ID-CWE-214
Invocation of Process Using Visible Sensitive Information
CVE-2020-16150
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.37% / 28.80%
||
7 Day CHG+0.01%
Published-02 Sep, 2020 | 00:00
Updated-04 Aug, 2024 | 13:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectArm Limited
Product-mbed_tlsdebian_linuxfedoran/a
CWE ID-CWE-203
Observable Discrepancy
CVE-2020-17490
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.41% / 32.71%
||
7 Day CHG~0.00%
Published-06 Nov, 2020 | 07:29
Updated-04 Aug, 2024 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.

Action-Not Available
Vendor-saltstackn/aDebian GNU/Linux
Product-debian_linuxsaltn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-14330
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-0.57% / 42.90%
||
7 Day CHG~0.00%
Published-11 Sep, 2020 | 00:00
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.
Product-ansible_enginedebian_linuxAnsible
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2020-14347
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.39% / 30.79%
||
7 Day CHG~0.00%
Published-05 Aug, 2020 | 13:08
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.

Action-Not Available
Vendor-Canonical Ltd.Debian GNU/LinuxX.Org Foundation
Product-debian_linuxubuntu_linuxx_serverxorg-x11-server
CWE ID-CWE-665
Improper Initialization
CVE-2020-14332
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.41% / 32.61%
||
7 Day CHG~0.00%
Published-11 Sep, 2020 | 17:59
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.
Product-ansible_enginedebian_linuxAnsible
CWE ID-CWE-117
Improper Output Neutralization for Logs
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2020-1472
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-99.51% / 99.94%
||
7 Day CHG~0.00%
Published-17 Aug, 2020 | 19:13
Updated-23 Feb, 2026 | 20:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.
Netlogon Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels. For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020). When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.

Action-Not Available
Vendor-SambaOracle CorporationSynology, Inc.openSUSEMicrosoft CorporationCanonical Ltd.Fedora ProjectDebian GNU/Linux
Product-windows_server_2016windows_server_2004directory_serverzfs_storage_appliance_kitleapwindows_server_1903windows_server_2012windows_server_2008debian_linuxwindows_server_20h2ubuntu_linuxwindows_server_1909sambafedorawindows_server_2019Windows Server 2012 (Server Core installation)Windows Server 2019Windows Server 2008 R2 Service Pack 1Windows Server 2016 (Server Core installation)Windows Server 2012Windows Server 2012 R2Windows Server 2019 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server, version 1903 (Server Core installation)Windows Server, version 1909 (Server Core installation)Windows Server 2016Windows Server version 20H2Windows Server version 2004Netlogon
CVE-2020-13397
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.54% / 41.35%
||
7 Day CHG~0.00%
Published-22 May, 2020 | 00:00
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEFreeRDPDebian GNU/Linux
Product-freerdpubuntu_linuxdebian_linuxleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-10729
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.43% / 34.93%
||
7 Day CHG~0.00%
Published-27 May, 2021 | 18:46
Updated-04 Aug, 2024 | 11:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.
Product-debian_linuxansible_engineenterprise_linuxAnsible
CWE ID-CWE-330
Use of Insufficiently Random Values
CVE-2020-10052
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.22% / 13.06%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:31
Updated-04 Aug, 2024 | 10:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application writes sensitive data, such as usernames and passwords in log files. A local attacker with access to the log files could use this information to launch further attacks.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rtls_locating_managerSIMATIC RTLS Locating Manager
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2020-0549
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.59% / 43.77%
||
7 Day CHG~0.00%
Published-28 Jan, 2020 | 00:03
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-Intel CorporationDebian GNU/LinuxCanonical Ltd.openSUSEFedora Project
Product-xeon_e3-1501m_firmwarexeon_6126xeon_8276_firmwarepentium_g4500_firmwarexeon_5222xeon_w-3245mceleron_3955u_firmwarexeon_6154_firmwarexeon_5215l_firmwarepentium_4415ycore_i3-6300xeon_8180_firmwarecore_i3-6100e_firmwarecore_i3-8350k_firmwarexeon_5218txeon_e-2124g_firmwarecore_i7-9700kfcore_i7-7640xcore_i5-8305g_firmwarecore_i5-7500_firmwarexeon_5220_firmwarecore_i9-10940xcore_i5-8400hxeon_e-2254me_firmwarecore_i7_8500yceleron_g3940xeon_w-2125xeon_5118_firmwarexeon_6262vcore_i5-7y54xeon_8160txeon_e3-1535m_firmwarexeon_8170_firmwarecore_i3-7007u_firmwarecore_i7-6650u_firmwarecore_i9-9900kfxeon_5215_firmwarepentium_g4400tceleron_g3920t_firmwarexeon_6128_firmwarecore_i7-8670xeon_w-2255core_i3-8145uxeon_6246core_i7_10510ycore_i7-6822eqxeon_8160m_firmwarecore_i9-9940x_firmwarecore_i5-7210u_firmwarecore_i3-7020ucore_i7-6700texeon_e3-1285_firmwarecore_i7-6567u_firmwarexeon_5218_firmwarecore_i9-7920xcore_i7-7600uxeon_6142mcore_i5-9400f_firmwarexeon_e-2224xeon_e-2184g_firmwarecore_i5-7y57_firmwarecore_i3-6100t_firmwarexeon_9222core_i3-7100e_firmwarecore_i3-7100ecore_i9-7940x_firmwarexeon_e3-1275_firmwarecore_i5-6442eq_firmwarecore_i5-6287u_firmwarexeon_e-2134_firmwarexeon_3104xeon_6142fcore_m5-6y54xeon_w-2245core_i5-6600kxeon_6252n_firmwarepentium_g5400_firmwarecore_i3-7120t_firmwareceleron_g3940_firmwarexeon_8260lxeon_6242_firmwarecore_i7-7600u_firmwarepentium_g4520_firmwarecore_i5-8400bxeon_4214xeon_e3-1285pentium_g4420xeon_6152core_i7-7820hkcore_i5-6500te_firmwarexeon_8260_firmwarexeon_4116t_firmwarecore_i9-9940xcore_i5-8550xeon_6134mcore_i5-8400h_firmwarexeon_e-2184gcore_i7-6970hqxeon_6140_firmwarecore_i9-9820x_firmwarecore_i5-7500ucore_i3-6120tcore_i5-8600xeon_6240ypentium_g5420_firmwarexeon_4214yceleron_g3930teceleron_3865u_firmwarecore_i7-9700kxeon_3206r_firmwarecore_i5-9400_firmwarexeon_e3-1225celeron_3865ucore_i7-7740x_firmwarexeon_w-2265core_i3-8100xeon_8156pentium_g4520t_firmwarecore_m7-6y75xeon_w-2245_firmwarexeon_e3-1270_firmwarecore_i5-6600t_firmwareceleron_g4900tcore_m3-6y30fedoraceleron_3855u_firmwarecore_i5-7287u_firmwarecore_i7-7700celeron_g3900te_firmwarexeon_8153_firmwarepentium_g5600_firmwarecore_i7-7820hq_firmwarecore_i3-7102ecore_i7-7920hq_firmwarecore_i5-8600kxeon_4114t_firmwarexeon_e-2124_firmwarecore_i7-8700k_firmwarexeon_5218n_firmwarexeon_w-2223_firmwarecore_i7-8700_firmwarexeon_e3-1220core_i7-8750hceleron_g3900_firmwarecore_i5-8365ucore_i9-9960x_firmwarecore_i5-9600kfcore_i5-8500b_firmwarexeon_4109t_firmwarepentium_4410ycore_i3-7100u_firmwarexeon_8164core_i5-7600core_i3-6100h_firmwarecore_i9-7940xxeon_5118pentium_g5400txeon_w-3265_firmwarecore_i9-9960xxeon_6230n_firmwarecore_i3-7120_firmwarexeon_w-2195core_i7-7820eq_firmwarexeon_5218ncore_i5-8550_firmwarexeon_w-3235_firmwarecore_i3-8300core_i5-7400tcore_i5-7267u_firmwarexeon_e3-1535mpentium_4415y_firmwarexeon_e3-1505m_firmwarexeon_6226_firmwarexeon_e-2174gxeon_5215mcore_i7-8809gxeon_8160fxeon_4214_firmwarecore_i7-8700bcore_i5-8420_firmwarecore_i5-7260uxeon_w-2145_firmwarecore_i3-8000t_firmwarecore_i7_8560u_firmwarecore_i7-7500u_firmwarepentium_g5420tcore_i5-7267uxeon_6130f_firmwarecore_i7-7800xxeon_6146_firmwarexeon_6154xeon_6238_firmwarecore_i3-8020_firmwarexeon_4116xeon_5220r_firmwarecore_i7-7820hk_firmwarecore_i9-9900kf_firmwarecore_i7-6560uxeon_w-2123xeon_w-3275mxeon_e3-1505lpentium_g4420txeon_4112_firmwarecore_i5-8300hcore_i5-8600t_firmwarexeon_6252xeon_8180mxeon_6130txeon_6136xeon_4116_firmwarecore_i5-6600_firmwarexeon_6242xeon_8270_firmwarexeon_5120txeon_8160pentium_g4400_firmwarexeon_8158_firmwarecore_i3-7110u_firmwarexeon_6230t_firmwarecore_i5-7300u_firmwarecore_i5-8600_firmwarecore_i5-9600kf_firmwarecore_i7-7510u_firmwarexeon_e-2224_firmwarecore_i7-9750hfceleron_g4920core_i5-9300h_firmwarexeon_6244xeon_e-2274gcore_i3-6167uxeon_6230nxeon_6252ncore_i5-8400b_firmwarecore_i9-9800x_firmwarexeon_6130_firmwarexeon_9221_firmwarecore_i7-6700t_firmwarecore_i3-8100_firmwarecore_i7-7740xxeon_e3-1240_firmwarecore_i7-6500ucore_i3-7110ucore_i7-6500u_firmwarecore_i3-8120xeon_8276l_firmwareceleron_g3902exeon_e-2124core_i9-9880hxeon_6144_firmwarecore_i5-7287ucore_i5-8500t_firmwaredebian_linuxcore_i3-7100h_firmwarecore_i5-8300h_firmwarexeon_6238t_firmwarexeon_4214cxeon_6238core_i5-6300uxeon_5215r_firmwarecore_i7-8565uxeon_4210_firmwarexeon_5218b_firmwarexeon_6134m_firmwarexeon_6238l_firmwarexeon_4108_firmwarecore_i5-7300hq_firmwarexeon_9282_firmwarexeon_e-2274g_firmwarexeon_e3-1245core_i5-7300hqcore_i7-8706g_firmwarecore_i7-7560uxeon_w-2133_firmwarecore_i5-6600k_firmwarecore_i3-6110u_firmwarexeon_5222_firmwarecore_i5-7400t_firmwarecore_i3-6100hcore_i3-8100t_firmwarecore_i5-6200u_firmwarexeon_6138f_firmwarexeon_8276xeon_6226xeon_w-3265m_firmwarexeon_6148_firmwarexeon_8164_firmwarecore_i7-8850h_firmwarecore_m7-6y75_firmwarecore_i7-6700hqpentium_g4500t_firmwarexeon_5218t_firmwarecore_i7-9700kf_firmwarecore_i9-7900x_firmwarecore_i7-7800x_firmwarexeon_w-2225_firmwarecore_i7-9850h_firmwarexeon_6150core_i5-6350hqxeon_5120xeon_8280l_firmwarecore_i7-6660u_firmwarecore_i5-7600txeon_8276mcore_i5405u_firmwarecore_i9-9820xcore_i3-6100te_firmwarexeon_6126f_firmwarexeon_9222_firmwarexeon_w-2155core_i5-6350hq_firmwarexeon_8260l_firmwarecore_i7-7500ucore_i7-8550uxeon_9242_firmwareubuntu_linuxxeon_e-2224gxeon_w-2135core_i3-6120_firmwarexeon_e3-1505mcore_i5-6310u_firmwarexeon_w-2145xeon_8276lcore_i5-6400_firmwarecore_i7-6650ucore_i7_8650ucore_i9-9900x_firmwarecore_i5_10110y_firmwarecore_i5-9300hcore_i5-6210uxeon_e3-1240xeon_4210rpentium_g5420core_i3-7167u_firmwarecore_i9-10920x_firmwarepentium_g5500_firmwarecore_i7-8665u_firmwarecore_i3-7167ucore_i3-6100tcore_i5-9400hleapcore_i7-7567uxeon_w-2295_firmwarecore_i3-8145u_firmwarepentium_4405u_firmwarexeon_6126fcore_i7_10510y_firmwarecore_i3-7340_firmwarexeon_8268_firmwarecore_i7-7660u_firmwarexeon_4216rpentium_g5500tcore_i7-7820hqcore_i5-6260u_firmwareceleron_g3920txeon_8156_firmwarexeon_6126txeon_4215core_i7-8750h_firmwarexeon_3106core_i3-6100ecore_i3-8300t_firmwarecore_i5-7400_firmwarexeon_e3-1280xeon_5220s_firmwareceleron_3955ucore_i7-9700k_firmwarexeon_6240_firmwarexeon_4214y_firmwarexeon_5115core_i5-7y54_firmwarexeon_5215pentium_4405y_firmwarecore_i7-6567uxeon_6130fxeon_e-2174g_firmwarecore_i3-7101exeon_8180xeon_6138fxeon_6238lcore_i9-7900xcore_i9-8950hk_firmwarecore_i5-8500xeon_4209tcore_i7-6870hq_firmwarexeon_w-3223core_i3-8000_firmwarecore_i5-7600_firmwarexeon_w-3275m_firmwarecore_i7-7510uxeon_w-2235_firmwarecore_i5-6267u_firmwarexeon_6140mcore_i5-8265uxeon_5115_firmwarexeon_e-2254mexeon_6240xeon_w-3235core_i3-7007ucore_i5-6300hqcore_i3-6110uxeon_6142f_firmwarexeon_6148f_firmwarecore_i5-6440hqcore_i7-7y75xeon_8176mxeon_w-2225xeon_6252_firmwarecore_i7-7560u_firmwarexeon_w-2133core_i7-6700core_i5-7y57celeron_g3920_firmwarexeon_4108core_i3-8350kcore_i7_8560ucore_i5-7500tcore_i5-9600k_firmwarexeon_e-2224g_firmwarecore_i7_8500y_firmwarecore_i3-6102e_firmwarexeon_6240m_firmwarexeon_e3-1230_firmwarexeon_w-2223xeon_4214c_firmwarecore_i9-7920x_firmwarecore_i7-8705gcore_i7-7700kpentium_g4540_firmwarecore_i7-8665ucore_i4205ucore_i3-8300txeon_6240y_firmwarecore_i7-7660ucore_i7-6600ucore_i3-6100u_firmwarecore_i3-8120_firmwarecore_i7-8706gxeon_w-3225xeon_4215_firmwarecore_i9-9880h_firmwarecore_i7-8700t_firmwarexeon_5220t_firmwarecore_i9-7960x_firmwarepentium_g5500t_firmwarecore_i7-8700core_i5-7500u_firmwarexeon_e3-1501lcore_i3-6300txeon_6238mcore_i5-6310ucore_i3-7130u_firmwarexeon_w-2155_firmwarecore_i5-8400core_i3-6120xeon_4110_firmwarecore_i7-8705g_firmwarecore_i7-7700txeon_w-3225_firmwarexeon_9282xeon_w-2295core_i5-7260u_firmwarecore_i7-6600u_firmwarecore_i5-7600k_firmwarecore_i7-6770hqxeon_w-3245m_firmwarecore_i7-8700kxeon_9220_firmwarexeon_6262v_firmwarexeon_5220core_i7_8550ucore_i5-8600k_firmwarecore_i5-7200u_firmwarecore_i5-7442eqxeon_e-2134xeon_e-2284g_firmwarexeon_5120t_firmwarepentium_g4500txeon_4116tcore_i7_8550u_firmwarecore_i5-7442eq_firmwarecore_i7_8559uxeon_8170m_firmwarecore_i7-8569u_firmwarexeon_e-2144g_firmwarexeon_5122xeon_9242xeon_4208xeon_6246_firmwarexeon_5218bcore_i5-7360u_firmwarexeon_w-2275_firmwarexeon_6144xeon_6230txeon_8280_firmwarecore_i5-6442eqxeon_6254core_i5-8420tcore_i9-7960xcore_i5-9600kcore_i7-7820xceleron_g3900core_i3-6300_firmwarecore_i5_10110ycore_i7-7640x_firmwarecore_i7-7700hqpentium_g5600xeon_6142_firmwarecore_i9-7980xexeon_3206rceleron_g4900t_firmwarecore_i3-8100hxeon_e3-1225_firmwarecore_i7-6870hqxeon_5220sxeon_4114pentium_g4500xeon_6146xeon_8253_firmwarexeon_6222v_firmwarecore_i5-8350uxeon_6134xeon_3104_firmwarecore_i3-6320t_firmwarexeon_5119txeon_w-3223_firmwarecore_i5-7300ucore_i5-6440hq_firmwarecore_m3-6y30_firmwarexeon_5217_firmwarepentium_4415u_firmwarexeon_w-3265mcore_i5-8500tceleron_3965y_firmwarecore_i5-7500xeon_8268xeon_w-2255_firmwarexeon_6234xeon_6240lcore_i5-6400xeon_5215rcore_i5-7200upentium_g4540core_i5-8350u_firmwarecore_i7-8700b_firmwareceleron_g3930exeon_8168_firmwarecore_i9-8950hkpentium_g4520xeon_8256_firmwarexeon_4210xeon_6142pentium_4405ucore_i7-6820hq_firmwarecore_i3-6320_firmwarecore_i7-7920hqpentium_g4400t_firmwarexeon_8260yxeon_6126t_firmwarexeon_e-2254mlxeon_5220tcore_i5-8400txeon_w-2123_firmwarexeon_8160f_firmwarexeon_8256core_i3-6100_firmwarexeon_8280xeon_4209t_firmwarecore_i9-10920xxeon_8160t_firmwarexeon_6244_firmwarecore_i5-8420core_i7-8670txeon_e-2254ml_firmwarexeon_6148core_i7-6660uceleron_3965uceleron_g4920_firmwarecore_i3-6120t_firmwarexeon_9220core_i5_10310yxeon_8160mcore_i5-6500_firmwarecore_i3-7100hcore_i3-7101te_firmwarexeon_e3-1220_firmwarexeon_4109txeon_6128core_i5-6500t_firmwarexeon_e3-1501l_firmwarexeon_e-2244gcore_i9-9900kxeon_4110core_i3-6320tcore_i7-8709gcore_i3-7120xeon_5220rcore_i7-8550u_firmwarecore_i7-7y75_firmwarecore_i5-6287upentium_g4420t_firmwarexeon_8180m_firmwarexeon_6130t_firmwarexeon_5215lcore_i5-7640x_firmwarecore_i5-9400core_i9-9920xcore_i3-8100txeon_6150_firmwarepentium_4415ucore_i5-6500tcore_i5-6260ucore_i3-7120tcore_i7-6700k_firmwarecore_i5-8650k_firmwarecore_i5-7500t_firmwarecore_i7-8700tcore_i7-6820hk_firmwarexeon_6230_firmwarecore_i7-6820hqxeon_6140core_i5-7400xeon_e3-1501mcore_i7-8650uxeon_8160_firmwarecore_i5_10210y_firmwarecore_i3-7102e_firmwarecore_m3-7y30_firmwarexeon_e3-1245_firmwarexeon_8153xeon_6132_firmwarecore_i5-6600core_i7-6700tcore_i7-6920hqxeon_8170mxeon_6132xeon_8276m_firmwarecore_i3-6167u_firmwarecore_i3-6100uxeon_4208rxeon_8176fcore_i7-6700_firmwarexeon_e-2234_firmwarecore_i3-7320t_firmwarepentium_g4400texeon_e3-1280_firmwarecore_i9-9800xxeon_w-3265core_i7-6510u_firmwarexeon_6136_firmwarecore_i7-6822eq_firmwarecore_i7-8565u_firmwarexeon_w-3245xeon_4216_firmwarexeon_8158xeon_8176f_firmwarexeon_6148fxeon_8168core_i5-8500bxeon_e-2124gcore_i5-7600t_firmwarexeon_8176_firmwarecore_i9-7980xe_firmwarecore_i5-7440hq_firmwarecore_i7_8650u_firmwarecore_i5-6300hq_firmwarexeon_e-2234core_i7-8709g_firmwarexeon_6238m_firmwarepentium_g4520tceleron_g3930e_firmwareceleron_3965u_firmwarexeon_6138tcore_i7-9850hcore_i5_10310y_firmwarecore_i5-9400fcore_i3-8000core_i7-6700kcore_i3-6320core_i3-7320tcore_i5-7440eqcore_i7-6820eq_firmwarepentium_4410y_firmwarecore_i7-7820x_firmwareceleron_g3900txeon_8280lxeon_w-2195_firmwarexeon_6230xeon_4208r_firmwarecore_i3-8130u_firmwarecore_i3-8000tceleron_g3920core_i5-6400txeon_6140m_firmwarexeon_4216core_i3-7100uxeon_5122_firmwarexeon_3204core_i3-7101texeon_5119t_firmwarexeon_6234_firmwarexeon_w-3275xeon_w-2265_firmwarexeon_8270core_i5-7600kxeon_4112core_m5-6y57core_i5-8250ucore_i7-6920hq_firmwarecore_i7-7820eqxeon_e3-1275xeon_4114txeon_6248_firmwarecore_i5405ucore_i5-7360ucore_i7_8565ucore_i5-6500core_i3-7340core_i7-8650u_firmwarecore_i7_8559u_firmwarexeon_w-3245_firmwarexeon_8260mcore_i5-6200ucore_i7-8670t_firmwarecore_i9-9900k_firmwarecore_i7-7700k_firmwarecore_i7-6700hq_firmwarexeon_4208_firmwarecore_i5-8650_firmwarexeon_w-2135_firmwarecore_i5-8250u_firmwarexeon_6126_firmwareceleron_g3902e_firmwarecore_i7-7567u_firmwarexeon_8176m_firmwarecore_i5-8400_firmwarecore_i7-8670_firmwarecore_i7-6970hq_firmwarexeon_6138t_firmwarecore_i7-7700hq_firmwarecore_i7-6820hkxeon_6254_firmwarexeon_8260y_firmwarepentium_g4400core_i5-7440eq_firmwarecore_i9-9900xcore_i7-9750hf_firmwarecore_i5-8400t_firmwarexeon_4216r_firmwarexeon_w-2125_firmwarexeon_e-2284gcore_i5-6400t_firmwarecore_i3-6102ecore_i5-8365u_firmwarexeon_w-2175_firmwarecore_i7-6700te_firmwarecore_i5-6600txeon_8280m_firmwarecore_i3-8020pentium_g4420_firmwarexeon_6134_firmwarexeon_e-2244g_firmwarecore_i7-6510ucore_i5-6360u_firmwarecore_i3-8100h_firmwarexeon_5120_firmwarexeon_w-2235core_i7-8850hcore_i5-7210ucore_i3-7130ucore_i5-8265u_firmwarexeon_6130core_i9-10900x_firmwarecore_i7-6560u_firmwarecore_i3-8300_firmwarecore_i7_8565u_firmwarecore_i7-6820eqxeon_4214rcore_i9-10900xceleron_g3930te_firmwarexeon_5215m_firmwarecore_i5-8650core_i5-6500texeon_6152_firmwarecore_i5_10210ycore_m3-7y30core_i5-8500_firmwarecore_i5-6210u_firmwarexeon_6222vxeon_6240mcore_i5-6300u_firmwarexeon_4214r_firmwarecore_i7-8809g_firmwarexeon_6238txeon_e3-1230xeon_8170xeon_8260m_firmwarexeon_6240l_firmwarecore_i7-7700t_firmwarecore_i9-9980hk_firmwarexeon_w-3275_firmwareceleron_g4900core_i5-9400h_firmwarepentium_4405yxeon_6142m_firmwarecore_i5-8420t_firmwarepentium_g5500xeon_8176celeron_g3900t_firmwarecore_i3-6100xeon_w-2275core_i5-7640xxeon_5218xeon_8280mceleron_g4900_firmwarecore_i5-7440hqcore_m5-6y54_firmwarexeon_e-2144gcore_i5-6360uxeon_e3-1505l_firmwarecore_i9-10940x_firmwarepentium_g5420t_firmwarecore_i3-6300t_firmwarecore_m5-6y57_firmwarecore_i7-8569uxeon_4210r_firmwarecore_i5-8650kcore_i7-7700_firmwarecore_i7-6770hq_firmwarexeon_8260core_i5-6267uceleron_3965ypentium_g5400t_firmwarexeon_9221pentium_g4400te_firmwarexeon_6138_firmwarexeon_6138xeon_6248celeron_g3900texeon_3204_firmwarecore_i4205u_firmwarecore_i3-7020u_firmwarecore_i3-7101e_firmwareceleron_3855ucore_i5-6440eqcore_i9-9920x_firmwarecore_i5-8600tcore_i5-8305gcore_i5-6440eq_firmwarecore_i9-9980hkxeon_8253core_i3-6100texeon_5217pentium_g5400core_i3-8130uxeon_e3-1270xeon_3106_firmwarexeon_w-2175xeon_4114_firmwareIntel(R) Processors
CWE ID-CWE-404
Improper Resource Shutdown or Release
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found