Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-21925

Summary
Assigner-AMD
Assigner Org ID-b58fc414-a1e4-4f92-9d70-1add41838648
Published At-11 Feb, 2025 | 20:39
Updated At-27 Jun, 2025 | 21:55
Rejected At-
Credits

Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:AMD
Assigner Org ID:b58fc414-a1e4-4f92-9d70-1add41838648
Published At:11 Feb, 2025 | 20:39
Updated At:27 Jun, 2025 | 21:55
Rejected At:
▼CVE Numbering Authority (CNA)

Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution.

Affected Products
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD EPYC™ 7001 Processors
Default Status
unknown
Versions
Unaffected
  • Naples PI 1.0.0.N
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD EPYC™ 7002 Processors
Default Status
unknown
Versions
Unaffected
  • Rome PI 1.0.0.K
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD EPYC™ 9004 Processors
Default Status
unknown
Versions
Unaffected
  • Genoa PI 1.0.0.D
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD EPYC™ 7003 Processors
Default Status
unknown
Versions
Unaffected
  • Milan PI 1.0.0.E
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ 3000 Series Desktop Processors
Default Status
unknown
Versions
Unaffected
  • ComboAM4PI 1.0.0.C
  • ComboAM4v2PI 1.2.0.D
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ 5000 Series Desktop Processors
Default Status
unknown
Versions
Unaffected
  • ComboAM4v2PI 1.2.0.D
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics
Default Status
unknown
Versions
Unaffected
  • ComboAM4v2PI 1.2.0.D
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ 7000 Series Desktop Processors
Default Status
unknown
Versions
Unaffected
  • ComboAM5PI 1.2.0.2b
  • ComboAM5PI 1.1.0.3b
  • ComboAM5PI 1.0.0.a
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics
Default Status
unknown
Versions
Unaffected
  • ComboAM4PI 1.0.0.C
  • ComboAM4v2PI 1.2.0.D
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics
Default Status
unknown
Versions
Unaffected
  • ComboAM4v2PI 1.2.0.D
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics
Default Status
unknown
Versions
Unaffected
  • ComboAM5PI 1.2.0.2b
  • ComboAM5PI 1.1.0.3b
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ Threadripper™ 3000 Series Processors
Default Status
unknown
Versions
Unaffected
  • CastlePeakPI-SP3r3 1.0.0.D
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors
Default Status
unknown
Versions
Unaffected
  • CastlePeakWSPI-sWRX8 1.0.0.F
  • ChagallWSPI-sWRX8 1.0.0.9
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors
Default Status
unknown
Versions
Unaffected
  • ChagallWSPI-sWRX8 1.0.0.9
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors
Default Status
unknown
Versions
Unaffected
  • StormPeakPI-SP6 1.1.0.0h
  • StormPeakPI-SP6 1.0.0.1j
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics
Default Status
unknown
Versions
Unaffected
  • PicassoPI-FP5 1.0.1.2a
  • PollockPI-FT5 1.0.0.8a
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics
Default Status
unknown
Versions
Unaffected
  • PicassoPI-FP5 1.0.1.2a
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics
Default Status
unknown
Versions
Unaffected
  • RenoirPI-FP6 1.0.0.Ea
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics
Default Status
unknown
Versions
Unaffected
  • CezannePI-FP6 1.0.1.1a
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics
Default Status
unknown
Versions
Unaffected
  • MendocinoPI-FT6 1.0.0.7a
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics
Default Status
unknown
Versions
Unaffected
  • RembrandtPI-FP7 1.0.0.Ba
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics
Default Status
unknown
Versions
Unaffected
  • RembrandtPI-FP7 1.0.0.Ba
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics
Default Status
unknown
Versions
Unaffected
  • PhoenixPI-FP8-FP7 1.1.8.0
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics
Default Status
unknown
Versions
Unaffected
  • PhoenixPI-FP8-FP7 1.1.8.0
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ 7000 Series Mobile Processors
Default Status
unknown
Versions
Unaffected
  • DragonRangeFL1PI 1.0.0.3f
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD EPYC™ Embedded 3000
Default Status
unknown
Versions
Unaffected
  • SnowyOwlPI 1.1.0.E
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD EPYC™ Embedded 7002
Default Status
unknown
Versions
Unaffected
  • EmbRomePI-SP3 1.0.0.D
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD EPYC™ Embedded 7003
Default Status
unknown
Versions
Unaffected
  • EmbMilanPI-SP3 1.0.0.A
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD EPYC™ Embedded 9004
Default Status
unknown
Versions
Unaffected
  • EmbGenoaPI 1.0.0.9
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ Embedded 5000
Default Status
unknown
Versions
Unaffected
  • EmbAM4PI 1.0.0.7
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ Embedded 7000
Default Status
unknown
Versions
Unaffected
  • EmbeddedV2KAPI-FP6 1.0.0.7
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ Embedded V2000
Default Status
unknown
Versions
Unaffected
  • EmbeddedPI-FP6 1.0.0.B
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ Embedded V3000
Default Status
unknown
Versions
Unaffected
  • EmbeddedPI_FP7R2 1.0.0.C
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ Embedded 8000
Default Status
unknown
Versions
Unaffected
  • EmbeddedPhoenixPI-FP7r2_1.2.0.0
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ Embedded R1000
Default Status
affected
Versions
Unaffected
  • EmbeddedPI-FP5 1.2.0.F
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ Embedded R2000
Default Status
affected
Versions
Unaffected
  • EmbeddedR2KPIFP5 1.0.0.5
Vendor
Advanced Micro Devices, Inc.AMD
Product
AMD Ryzen™ Embedded V1000
Default Status
affected
Versions
Unaffected
  • EmbeddedPI-FP5 1.2.0.F
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20 Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.18.2HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7027.html
N/A
Hyperlink: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7027.html
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@amd.com
Published At:11 Feb, 2025 | 21:15
Updated At:15 Apr, 2026 | 00:35

Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.2HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-20Secondarypsirt@amd.com
CWE ID: CWE-20
Type: Secondary
Source: psirt@amd.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7027.htmlpsirt@amd.com
N/A
Hyperlink: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7027.html
Source: psirt@amd.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

88Records found
CVE-2024-21949
Matching Score-6
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-6
Assigner-Advanced Micro Devices Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 23.87%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:15
Updated-15 Nov, 2024 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of user input in the NPU driver could allow an attacker to provide a buffer with unexpected size, potentially leading to system crash.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-ryzen_ai_softwareAMD Ryzen™ AI Softwareryzen_ai_software
CWE ID-CWE-20
Improper Input Validation
CVE-2025-29936
Matching Score-6
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-6
Assigner-Advanced Micro Devices Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 9.65%
||
7 Day CHG~0.00%
Published-15 May, 2026 | 01:52
Updated-15 May, 2026 | 14:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation within the AMD Platform Management Framework (PMF) could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix")AMD Ryzen™ AI 300 Series Processors (formerly codenamed "Strix Point")AMD Ryzen™ Embedded 8000 Series ProcessorsAMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Hawk Point")AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R")AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt")AMD Ryzen™ Al Max+
CWE ID-CWE-20
Improper Input Validation
CVE-2022-23820
Matching Score-6
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-6
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.55%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 18:52
Updated-03 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-ryzen_9_5900xryzen_5_6600h_firmwareryzen_5_3580uathlon_3015ceryzen_7_4800u_firmwareryzen_5_5500x_firmwareryzen_5_pro_5645ryzen_3_3100_firmwareryzen_threadripper_2950x_firmwareryzen_7_7735hs_firmwareryzen_9_3900xryzen_5_pro_3350ge_firmwareryzen_9_5900x_firmwareryzen_9_6900hx_firmwareryzen_9_5980hxathlon_3015eryzen_7_5800hsryzen_5_5500hryzen_5_5600xryzen_9_5900_firmwareryzen_5_5600hsryzen_5_3600xt_firmwareryzen_7_5825uryzen_7_5825u_firmwareryzen_5_3600x_firmwareryzen_7_3750h_firmwareryzen_threadripper_3960x_firmwareryzen_5_6600hryzen_threadripper_3960xryzen_threadripper_2950xryzen_5_4500u_firmwareryzen_9_6980hxryzen_threadripper_pro_3975wxryzen_5_5560uryzen_3_3100ryzen_7_3750hryzen_5_6600hsryzen_7_3780uryzen_7_pro_5845athlon_3015e_firmwareryzen_9_5900hsryzen_9_4900hsryzen_7_4980u_firmwareryzen_threadripper_2920xryzen_9_5980hsryzen_7_3700cryzen_5_pro_3350g_firmwareryzen_7_3800xt_firmwareryzen_3_5125c_firmwareryzen_5_55003xd_firmwareryzen_9_6900hxryzen_7_5800h_firmwareryzen_9_6900hsryzen_3_3300xryzen_7_3700xryzen_5_3500uryzen_5_5500ryzen_3_5400uryzen_9_4900hs_firmwareryzen_9_4900h_firmwareryzen_5_5600_firmwareryzen_7_5800xryzen_5_3550hryzen_5_4500uryzen_9_pro_5945ryzen_threadripper_3990x_firmwareryzen_7_3780u_firmwareryzen_9_3900ryzen_3_4300uryzen_7_4800h_firmwareryzen_3_4300u_firmwareryzen_5_5600x_firmwareryzen_9_3900_firmwareryzen_7_3700x_firmwareryzen_5_pro_3350gryzen_7_4980uryzen_9_5900ryzen_9_5980hs_firmwareryzen_7_6800h_firmwareryzen_7_6800u_firmwareryzen_7_7735uryzen_threadripper_3990xryzen_5_3500c_firmwareryzen_5_5600hs_firmwareryzen_5_56003xdryzen_3_3350u_firmwareryzen_5_5600h_firmwareryzen_7_5700ryzen_5_4680uryzen_3_5400u_firmwareryzen_9_6900hs_firmwareryzen_3_3300u_firmwareryzen_7_5800ryzen_7_4700uryzen_7_6800hs_firmwareryzen_7_3800xryzen_5_7535uryzen_5_4600uryzen_9_5950xryzen_5_3600_firmwareryzen_5_5500_firmwareryzen_5_3580u_firmwareryzen_threadripper_2990wx_firmwareryzen_5_3500cryzen_5_4600hryzen_5_4600u_firmwareryzen_5_56003xd_firmwareryzen_3_3300x_firmwareryzen_5_5600hryzen_7_6800hsryzen_5_pro_3400g_firmwareryzen_9_3900xt_firmwareryzen_5_7535u_firmwareryzen_7_6800uryzen_3_3300uryzen_7_7736uryzen_5_3600xtryzen_3_5425u_firmwareryzen_7_7735hsryzen_5_3500x_firmwareryzen_9_3900xtryzen_5_3550h_firmwareryzen_7_4800hryzen_5_5600uryzen_9_4900hryzen_9_5900hx_firmwareryzen_5_3500xryzen_9_5950x_firmwareathlon_3015ce_firmwareryzen_threadripper_2970wxryzen_7_4800hsryzen_7_3700u_firmwareryzen_7_5800x_firmwareryzen_5_5625uryzen_5_6600uryzen_5_pro_3400gryzen_threadripper_2920x_firmwareryzen_7_4800hs_firmwareryzen_9_6980hs_firmwareryzen_5_3450uryzen_3_5125cryzen_7_3800x_firmwareryzen_5_pro_3350geryzen_9_6980hx_firmwareryzen_7_7735u_firmwareryzen_7_pro_5845_firmwareryzen_threadripper_pro_3945wx_firmwareryzen_9_5900hs_firmwareryzen_5_5600u_firmwareryzen_5_3600xryzen_5_6600u_firmwareryzen_3_7335uryzen_7_3800xtryzen_threadripper_2970wx_firmwareryzen_7_5700_firmwareryzen_5_7535hs_firmwareryzen_9_3950x_firmwareryzen_9_pro_5945_firmwareryzen_threadripper_pro_3995wxryzen_5_4600h_firmwareryzen_5_7535hsryzen_7_3700c_firmwareryzen_7_5700x_firmwareryzen_threadripper_pro_3955wxryzen_5_4600hsryzen_7_5800u_firmwareryzen_7_7736u_firmwareryzen_9_3900x_firmwareryzen_7_4700u_firmwareryzen_7_3700uryzen_5_6600hs_firmwareryzen_5_pro_5645_firmwareryzen_3_3350uryzen_5_3500_firmwareryzen_3_5425uryzen_threadripper_pro_3955wx_firmwareryzen_7_5800_firmwareryzen_9_5980hx_firmwareryzen_3_5100_firmwareryzen_5_5560u_firmwareryzen_threadripper_pro_3995wx_firmwareryzen_7_5800uryzen_9_5900hxryzen_5_4680u_firmwareryzen_5_4600hs_firmwareryzen_5_pro_3400geryzen_5_5500h_firmwareryzen_9_3950xryzen_threadripper_2990wxryzen_5_5600ryzen_threadripper_3970xryzen_3_5100ryzen_5_3500ryzen_7_5800hryzen_5_3450u_firmwareryzen_threadripper_pro_3945wxryzen_5_3600ryzen_5_pro_3400ge_firmwareryzen_threadripper_3970x_firmwareryzen_5_3500u_firmwareryzen_threadripper_pro_3975wx_firmwareryzen_7_5800hs_firmwareryzen_7_4800uryzen_5_5625u_firmwareryzen_3_7335u_firmwareryzen_7_5700xryzen_9_6980hsryzen_7_6800hAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics “Picasso” FP5AMD Ryzen™ Threadripper™ 3000 Series Processors “Castle Peak” HEDTAMD Ryzen™ 5000 Series Desktop Processors “Vermeer”AMD EPYC™ Embedded 7003AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics “Picasso” AM43rd Gen AMD EPYC™ ProcessorsAMD Ryzen™ Threadripper™ PRO 3000WX Series Processors “Chagall” WSAMD Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS SP3AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R”AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics "Rembrandt"AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics “Renoir” FP6AMD Ryzen™ Threadripper™ 2000 Series Processors “Colfax”AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics “Barcelo-R”AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics “Barcelo”Ryzen™ 3000 series Desktop Processors “Matisse"AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics “Cezanne”
CWE ID-CWE-20
Improper Input Validation
CVE-2022-23831
Matching Score-6
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-6
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.5||HIGH
EPSS-0.39% / 60.38%
||
7 Day CHG~0.00%
Published-09 Nov, 2022 | 20:45
Updated-01 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of the IOCTL input buffer in AMD μProf may allow an attacker to send an arbitrary buffer leading to a potential Windows kernel crash resulting in denial of service.

Action-Not Available
Vendor-FreeBSD FoundationLinux Kernel Organization, IncMicrosoft CorporationAdvanced Micro Devices, Inc.
Product-amd_uprofwindowsfreebsdlinux_kernelAMD μProf
CWE ID-CWE-20
Improper Input Validation
CVE-2023-20564
Matching Score-6
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-6
Assigner-Advanced Micro Devices Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 26.72%
||
7 Day CHG~0.00%
Published-15 Aug, 2023 | 21:07
Updated-08 Oct, 2024 | 19:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.Microsoft Corporation
Product-ryzen_master_monitoring_sdkwindows_11ryzen_masterwindows_10Ryzen™ Masterryzen
CWE ID-CWE-20
Improper Input Validation
CVE-2023-34431
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.06% / 18.13%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:05
Updated-30 Aug, 2024 | 17:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) Server Board BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bps24compute_module_hns2600bpblc24rserver_board_s2600bpsserver_board_s2600bpqrcompute_module_hns2600bps_firmwarecompute_module_hns2600bpq24_firmwarecompute_module_hns2600bpq_firmwarecompute_module_hns2600bpblc24_firmwareserver_board_s2600bpqr_firmwareserver_system_vrn2224bphy6compute_module_hns2600bpq24r_firmwarecompute_module_hns2600bps24rcompute_module_hns2600bpbserver_board_s2600bpb_firmwarecompute_module_hns2600bpsrcompute_module_liquid-cooled_hns2600bpbrctserver_system_m70klp4s2uhhserver_system_vrn2224bphy6_firmwarecompute_module_hns2600bpblc_firmwarecompute_module_hns2600bpblcrcompute_module_hns2600bpbr_firmwareserver_system_m20ntp1ur304server_system_vrn2224bpaf6compute_module_hns2600bpqrcompute_module_hns2600bpbrserver_system_vrn2224bpaf6_firmwarecompute_module_hns2600bpb_firmwareserver_board_m20ntp2sbserver_board_m10jnp2sb_firmwareserver_board_s2600bpbrserver_system_m70klp4s2uhh_firmwareserver_board_m70klp2sbcompute_module_hns2600bps24_firmwarecompute_module_hns2600bps24r_firmwareserver_system_zsb2224bpaf2compute_module_hns2600bpsr_firmwarecompute_module_hns2600bpb24_firmwareserver_system_mcb2208wfaf5_firmwarecompute_module_liquid-cooled_hns2600bpbrct_firmwareserver_board_s2600bpbr_firmwarecompute_module_hns2600bpqcompute_module_hns2600bpblcr_firmwareserver_board_s2600bpbcompute_module_hns2600bpblc24server_system_zsb2224bphy1_firmwareserver_system_m20ntp1ur304_firmwareserver_board_m70klp2sb_firmwarecompute_module_hns2600bpblc24r_firmwareserver_board_s2600bpqserver_board_m10jnp2sbserver_system_zsb2224bpaf1server_board_s2600bpq_firmwarecompute_module_hns2600bpblcserver_system_zsb2224bpaf1_firmwareserver_board_s2600bpsrcompute_module_hns2600bpqr_firmwareserver_board_s2600bps_firmwarecompute_module_hns2600bpsserver_board_s2600bpsr_firmwarecompute_module_hns2600bpb24server_system_zsb2224bphy1server_system_zsb2224bpaf2_firmwarecompute_module_hns2600bpq24rcompute_module_hns2600bpq24server_board_m20ntp2sb_firmwareserver_system_mcb2208wfaf5Intel(R) Server Board BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-32617
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.04% / 12.73%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-02 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc7i5bnknuc_7_home_nuc7i3bnhxfnuc_board_nuc7i3bnbnuc_7_home_nuc7i3bnhxf_firmwarenuc_kit_nuc7i3bnhx1_firmwarenuc_kit_nuc7i5bnh_firmwarenuc_board_nuc8cchbnuc_kit_nuc7i5bnk_firmwarenuc_kit_nuc7i7bnhx1_firmwarecompute_stick_stk2mv64cc_firmwarenuc_7_enthusiast_nuc7i7bnkq_firmwarenuc_8_rugged_kit_nuc8cchkrn_firmwarenuc_8_rugged_kit_nuc8cchkrnuc_kit_nuc7i5bnhx1nuc_kit_nuc6cayh_firmwarenuc_7_home_nuc7i5bnkpnuc_7_enthusiast_nuc7i7bnhxg_firmwarenuc_kit_nuc7i5bnhx1_firmwarenuc_kit_nuc7i3bnk_firmwarenuc_kit_nuc7i7bnhx1nuc_board_nuc8cchb_firmwarenuc_7_home_nuc7i5bnhxfnuc_8_rugged_board_nuc8cchbn_firmwarenuc_kit_nuc7i5bnhnuc_8_rugged_kit_nuc8cchkr_firmwarenuc_board_nuc7i5bnbnuc_kit_nuc7i3bnknuc_kit_nuc6cays_firmwarenuc_board_nuc7i5bnb_firmwarenuc_board_nuc7i3bnb_firmwarenuc_7_home_nuc7i5bnkp_firmwarenuc_7_enthusiast_nuc7i7bnhxgnuc_kit_nuc7i7bnhnuc_kit_nuc7i3bnh_firmwarenuc_kit_nuc7i3bnhx1nuc_7_home_nuc7i5bnhxf_firmwarecompute_stick_stk2mv64ccnuc_kit_nuc6caysnuc_kit_nuc7i7bnh_firmwarenuc_8_rugged_board_nuc8cchbnnuc_board_nuc7i7bnb_firmwarenuc_8_rugged_kit_nuc8cchkrnnuc_7_enthusiast_nuc7i7bnkqnuc_kit_nuc7i3bnhnuc_board_nuc7i7bnbnuc_kit_nuc6cayhIntel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2025-20197
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 24.13%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 17:39
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions. Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CVE-2019-1471
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.2||HIGH
EPSS-1.39% / 80.78%
||
7 Day CHG~0.00%
Published-10 Dec, 2019 | 21:41
Updated-04 Aug, 2024 | 18:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2019windows_10WindowsWindows 10 Version 1903 for x64-based SystemsWindows ServerWindows Server, version 1909 (Server Core installation)Windows Server, version 1903 (Server Core installation)Windows 10 Version 1909 for x64-based Systems
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11137
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.15% / 35.17%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:56
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel CorporationHewlett Packard Enterprise (HPE)
Product-xeon_platinum_8153atom_c3858_firmwarexeon_bronze_3104_firmwarexeon_e5-4610_v4xeon_e7-8894_v4xeon_e5-2608l_v4_firmwarexeon_gold_6146xeon_gold_6126f_firmwareatom_c3830_firmwarexeon_platinum_8168_firmwarexeon_silver_4108_firmwareapollo_4200_gen10_serverxeon_d-1527xeon_e5-2697_v4xeon_gold_5115synergy_620_gen9_compute_modulexeon_platinum_8170xeon_gold_6136xeon_gold_6138f_firmwarexeon_gold_5217_firmwareproliant_bl460c_gen9_server_bladeproliant_dl160_gen9_server_firmwarexeon_gold_6138xeon_e5-4650_v4xeon_e7-8880_v4atom_c3336_firmwarexeon_d-2163it_firmwarexeon_e5-1660_v4proliant_bl660c_gen9_serverxeon_e7-8891_v4xeon_platinum_8164xeon_d-1521_firmwareproliant_ml350_gen9_server_firmwarexeon_gold_6240_firmwarexeon_d-1557_firmwareatom_c3708_firmwareproliant_dl60_gen9_serverxeon_d-1518atom_c2550synergy_620_gen9_compute_module_firmwarexeon_platinum_8268_firmwarexeon_gold_6248_firmwarexeon_gold_6262vxeon_e5-2609_v4_firmwarexeon_platinum_8168xeon_e5-2683_v4atom_c2538_firmwarexeon_e5-2608l_v4xeon_gold_5218xeon_e5-1620_v4xeon_gold_6238m_firmwarexeon_d-1567_firmwarexeon_d-1567xeon_e5-4640_v4xeon_e5-4655_v4_firmwarexeon_gold_6138t_firmwarexeon_silver_4116_firmwarexeon_d-2173it_firmwarexeon_gold_5122xeon_platinum_8180_firmwarexeon_silver_4210_firmwareapollo_4200_gen9_server_firmwarexeon_gold_6126_firmwarexeon_d-2191proliant_dl380_gen9_serverxeon_e7-8870_v4_firmwarexeon_e5-4627_v4_firmwareproliant_ml110_gen9_server_firmwarexeon_platinum_8276_firmwarexeon_e7-8870_v4xeon_gold_6240xeon_gold_6150_firmwarexeon_platinum_8156xeon_bronze_3106_firmwarexeon_d-2177nt_firmwarexeon_gold_6138_firmwarexeon_e7-8893_v4_firmwarexeon_d-1533n_firmwarexeon_e5-2667_v4_firmwarexeon_gold_5220s_firmwarexeon_gold_5215_firmwarexeon_e5-2667_v4proliant_xl230a_gen9_server_firmwarexeon_platinum_8274proliant_dl580_gen9_serverxeon_gold_6126fxeon_d-1539xeon_silver_4109t_firmwarexeon_e5-1680_v4xeon_silver_4114_firmwarexeon_gold_6230_firmwarexeon_d-2146ntproliant_xl250a_gen9_server_firmwarexeon_platinum_8280l_firmwarexeon_platinum_8160fxeon_d-1577_firmwareatom_c2550_firmwarexeon_e5-4660_v4atom_c3538_firmwarexeon_gold_6210uxeon_d-2187ntatom_c2738xeon_e5-4669_v4_firmwarexeon_platinum_8158_firmwarexeon_d-2166ntxeon_gold_5120_firmwarexeon_gold_6140m_firmwarexeon_silver_4216xeon_platinum_8253xeon_gold_6230xeon_e5-2630l_v4xeon_gold_6134_firmwarexeon_e5-4667_v4atom_c3336atom_c3958xeon_e5-2628l_v4xeon_gold_6130t_firmwareproliant_dl380_gen10_server_firmwarexeon_d-2183itxeon_e5-2690_v4_firmwarexeon_e5-2630_v4xeon_d-1622atom_c2350_firmwarexeon_d-2145ntxeon_e5-1650_v4xeon_gold_6238xeon_gold_6126t_firmwarexeon_silver_4208xeon_e5-2623_v4xeon_e5-4620_v4_firmwarexeon_gold_5220sxeon_platinum_8280m_firmwarexeon_e7-8890_v4_firmwareapollo_4200_gen9_serverxeon_platinum_9282xeon_d-1513n_firmwarexeon_platinum_9242_firmwarexeon_e5-1620_v4_firmwarexeon_silver_4108xeon_gold_6130txeon_silver_4210xeon_platinum_8256_firmwarexeon_e5-2618l_v4_firmwarexeon_e5-2637_v4_firmwarexeon_e7-8867_v4atom_c2358_firmwareproliant_ml350_gen10_serverproliant_ml150_gen9_server_firmwarexeon_platinum_8276matom_c2338xeon_bronze_3106synergy_480_gen10_compute_module_firmwarexeon_gold_6238matom_c3708atom_c2518_firmwarexeon_d-1540xeon_platinum_8160txeon_e5-2698_v4xeon_d-1528xeon_e5-4627_v4proliant_e910_server_blade_firmwarexeon_d-2141ixeon_e5-2660_v4xeon_d-1541xeon_e7-4830_v4xeon_silver_4208_firmwarexeon_d-1633n_firmwarexeon_platinum_8268xeon_e5-2650_v4_firmwareproliant_xl230a_gen9_serverxeon_gold_5222proliant_ws460c_gen9_graphics_server_blade_firmwarexeon_e5-2687w_v4xeon_e5-2630_v4_firmwareatom_c2516synergy_680_gen9_compute_module_firmwarexeon_gold_6240mxeon_e5-4667_v4_firmwarexeon_d-1548xeon_e5-2699a_v4_firmwarexeon_d-1649nxeon_d-1529xeon_e5-2603_v4_firmwareatom_c3308_firmwarexeon_platinum_8160xeon_gold_5115_firmwareproliant_ml110_gen10_server_firmwarexeon_platinum_8156_firmwarexeon_e5-4660_v4_firmwareproliant_xl270d_gen10_serverxeon_gold_5118_firmwarexeon_e7-4809_v4proliant_xl450_gen9_serveratom_c2718xeon_gold_6146_firmwarexeon_gold_6148fxeon_e5-2630l_v4_firmwareatom_c2750xeon_gold_5218_firmwarexeon_gold_6132xeon_gold_6238t_firmwareatom_c3338atom_c2316xeon_e5-2618l_v4xeon_e7-8891_v4_firmwarexeon_e5-2650l_v4_firmwareatom_c2358proliant_dl580_gen10_serverxeon_platinum_8160_firmwarexeon_d-1623nproliant_xl170r_gen10_serveratom_c2508_firmwarexeon_e7-8894_v4_firmwareproliant_dl360_gen9_server_firmwareproliant_xl450_gen9_server_firmwarexeon_gold_6148_firmwarexeon_gold_5220t_firmwarexeon_e5-4610_v4_firmwarexeon_platinum_8253_firmwarexeon_gold_5220_firmwarexeon_d-1622_firmwareatom_c2538xeon_e5-2680_v4_firmwareproliant_e910_server_bladexeon_gold_6240m_firmwareatom_c2530_firmwarexeon_e5-1630_v4_firmwarexeon_silver_4214proliant_ml150_gen9_serverxeon_d-2161iatom_c3858xeon_platinum_8164_firmwaresynergy_680_gen9_compute_modulexeon_d-2141i_firmwareproliant_dl80_gen9_server_firmwareatom_c3558_firmwarexeon_gold_5218bproliant_dl160_gen10_server_firmwarexeon_e5-4640_v4_firmwarexeon_e5-1680_v4_firmwareproliant_xl270d_gen10_server_firmwarexeon_silver_4216_firmwarexeon_gold_6254_firmwarexeon_platinum_8284_firmwarexeon_e5-1650_v4_firmwarexeon_e5-2648l_v4xeon_e5-4620_v4proliant_dl380_gen10_serverxeon_d-1513nxeon_d-1537xeon_d-2187nt_firmwarexeon_e7-8880_v4_firmwarexeon_gold_6209uxeon_d-1539_firmwarexeon_silver_4112xeon_d-1559xeon_gold_6130_firmwarexeon_gold_5120txeon_gold_6134proliant_bl460c_gen10_server_blade_firmwarexeon_gold_6222v_firmwarexeon_platinum_8160f_firmwareatom_c3558xeon_platinum_8260_firmwarexeon_e5-2648l_v4_firmwarexeon_d-2183it_firmwareatom_c3308proliant_xl170r_gen9_server_firmwarexeon_d-1557xeon_gold_6148xeon_e7-4850_v4xeon_gold_6144xeon_gold_6140mxeon_platinum_9282_firmwareatom_c3758xeon_d-1553n_firmwarexeon_gold_6128_firmwarexeon_gold_5220tatom_c3830atom_c2750_firmwarexeon_platinum_8276latom_c3750xeon_platinum_8170_firmwareproliant_dl560_gen10_serveratom_c2730xeon_d-1627_firmwareproliant_bl660c_gen9_server_firmwarexeon_gold_6126txeon_gold_6140_firmwarexeon_gold_6238_firmwareatom_c3950_firmwareproliant_xl250a_gen9_serverxeon_e5-2640_v4_firmwareatom_c2758_firmwarexeon_gold_6246xeon_e5-1630_v4atom_c3955_firmwareatom_c2758xeon_d-1527_firmwarexeon_e5-2683_v4_firmwarexeon_e5-2628l_v4_firmwarexeon_e5-4628l_v4_firmwarexeon_e7-4850_v4_firmwarexeon_gold_5215mxeon_gold_5215proliant_xl450_gen10_server_firmwarexeon_d-2143itxeon_e5-2620_v4_firmwareproliant_xl190r_gen10_server_firmwarexeon_d-2163itsynergy_660_gen10_compute_modulexeon_e5-2699_v4xeon_gold_6244_firmwarexeon_d-2161i_firmwareatom_c3538xeon_platinum_8284xeon_silver_4109txeon_e5-2643_v4_firmwareatom_c2308_firmwarexeon_gold_5215lxeon_silver_4215_firmwarexeon_gold_5122_firmwarexeon_e5-4655_v4xeon_gold_6138fxeon_e5-2658_v4xeon_gold_6132_firmwarexeon_gold_6136_firmwareproliant_xl730f_gen9_serversynergy_480_gen9_compute_module_firmwareproliant_ml350_gen9_serverxeon_gold_6212u_firmwareatom_c2316_firmwarexeon_gold_6212uxeon_d-1531_firmwarexeon_e5-2697_v4_firmwarexeon_platinum_8280mxeon_gold_6240l_firmwarexeon_silver_4114atom_c3750_firmwarexeon_d-2123it_firmwaresynergy_480_gen9_compute_moduleatom_c3508xeon_bronze_3104xeon_d-1571xeon_gold_6240lxeon_gold_6238lxeon_e5-2699_v4_firmwarexeon_d-2173itxeon_d-2123itatom_c2338_firmwareatom_c2730_firmwarexeon_d-1627xeon_gold_5218n_firmwareproliant_ml350_gen10_server_firmwarexeon_e5-2637_v4proliant_dl120_gen10_server_firmwareproliant_dl180_gen9_serverxeon_platinum_8260y_firmwarexeon_gold_6144_firmwarexeon_e5-2695_v4_firmwarexeon_d-1602xeon_e7-8890_v4xeon_e5-2680_v4proliant_dl360_gen9_serverxeon_gold_5218txeon_gold_6240y_firmwarexeon_gold_6150xeon_e5-2697a_v4xeon_gold_6242_firmwarexeon_gold_6140xeon_e5-2690_v4xeon_d-1649n_firmwarexeon_e5-2609_v4proliant_dl360_gen10_serverxeon_e5-2658_v4_firmwarexeon_gold_6148f_firmwarexeon_d-2145nt_firmwareproliant_xl450_gen10_serverproliant_xl230k_gen10_serverxeon_d-1537_firmwarexeon_gold_6126xeon_d-1541_firmwarexeon_d-2166nt_firmwarexeon_d-1623n_firmwarexeon_e5-2699a_v4xeon_e5-2643_v4proliant_dl160_gen9_serverxeon_d-1548_firmwareatom_c3850_firmwarexeon_gold_6130f_firmwarexeon_d-1559_firmwareproliant_xl190r_gen10_serverxeon_e5-2698_v4_firmwareproliant_dl580_gen9_server_firmwarexeon_gold_6142fxeon_e7-4809_v4_firmwarexeon_platinum_8153_firmwarexeon_e5-2697a_v4_firmwarexeon_gold_6130xeon_e5-2650l_v4xeon_d-1529_firmwarexeon_d-1540_firmwarexeon_platinum_8260mxeon_silver_4214y_firmwarexeon_d-1637_firmwareproliant_xl170r_gen10_server_firmwareproliant_dl360_gen10_server_firmwarexeon_platinum_8260xeon_platinum_8160t_firmwareproliant_ws460c_gen9_graphics_server_bladeproliant_bl460c_gen10_server_bladexeon_bronze_3204_firmwaresynergy_480_gen10_compute_modulexeon_silver_4214_firmwareatom_c2738_firmwarexeon_d-2142it_firmwareproliant_dl120_gen10_serverproliant_ml110_gen9_serverxeon_d-2143it_firmwarexeon_platinum_9242proliant_dl160_gen10_serversynergy_660_gen10_compute_module_firmwarexeon_platinum_8280lxeon_silver_4110xeon_bronze_3204xeon_d-1523n_firmwarexeon_platinum_8280_firmwareproliant_dl580_gen10_server_firmwarexeon_gold_5217xeon_e5-2687w_v4_firmwareatom_c3758_firmwareatom_c2558_firmwarexeon_gold_5218nxeon_gold_6246_firmwarexeon_gold_5222_firmwarexeon_gold_6138txeon_e5-2620_v4xeon_e7-4820_v4_firmwareproliant_dl80_gen9_serverxeon_gold_5120proliant_dl180_gen10_server_firmwarexeon_d-1523nxeon_gold_5220xeon_gold_6154_firmwarexeon_d-1653nproliant_dl120_gen9_server_firmwarexeon_e7-8860_v4_firmwarexeon_d-1637xeon_gold_6254xeon_silver_4209t_firmwarexeon_d-1577xeon_gold_6240yxeon_platinum_8176_firmwarexeon_e5-4669_v4xeon_gold_6154proliant_ml110_gen10_serverxeon_gold_5215l_firmwarexeon_d-1543n_firmwarexeon_e5-2640_v4xeon_e7-8893_v4xeon_gold_6252n_firmwarexeon_gold_5120t_firmwareproliant_dl560_gen9_server_firmwarexeon_d-1653n_firmwareproliant_xl230k_gen10_server_firmwarexeon_platinum_8270_firmwarexeon_d-1553natom_c3808_firmwarexeon_d-1571_firmwareatom_c3955xeon_silver_4209txeon_silver_4116xeon_d-1633nxeon_gold_6210u_firmwareproliant_xl170r_gen9_serveratom_c3850xeon_gold_6252nxeon_e7-4820_v4xeon_gold_6244xeon_gold_5218t_firmwarexeon_gold_6248xeon_platinum_8260l_firmwarexeon_gold_6226_firmwarexeon_d-1518_firmwarexeon_platinum_8274_firmwarexeon_platinum_8280atom_c2558xeon_gold_6152_firmwarexeon_platinum_8176f_firmwarexeon_d-1520proliant_dl180_gen10_serverproliant_dl380_gen9_server_firmwarexeon_platinum_8256xeon_gold_6152xeon_d-2146nt_firmwarexeon_platinum_8158xeon_gold_6238l_firmwarexeon_e7-4830_v4_firmwareatom_c3508_firmwarexeon_gold_5218b_firmwarexeon_gold_6222vproliant_bl460c_gen9_server_blade_firmwarexeon_d-1520_firmwarexeon_platinum_8176xeon_gold_6242xeon_silver_4112_firmwarexeon_d-1531atom_c2518xeon_gold_6262v_firmwarexeon_e5-2660_v4_firmwarexeon_platinum_8260yxeon_platinum_8270xeon_e5-2650_v4xeon_platinum_8260m_firmwareproliant_dl560_gen9_serverxeon_d-1533nproliant_xl190r_gen9_serverxeon_gold_6128xeon_silver_4215xeon_d-2142itxeon_gold_5118xeon_gold_6130fxeon_e5-2695_v4atom_c2530atom_c2508proliant_xl730f_gen9_server_firmwarexeon_gold_5215m_firmwarexeon_platinum_8276xeon_gold_6142f_firmwarexeon_gold_6238txeon_silver_4214yxeon_e5-2603_v4proliant_xl190r_gen9_server_firmwarexeon_e5-1660_v4_firmwarexeon_e5-4628l_v4xeon_e7-8860_v4atom_c2350atom_c2516_firmwareatom_c3338_firmwarexeon_platinum_8276m_firmwarexeon_platinum_8176fxeon_e7-8867_v4_firmwareatom_c2308xeon_e5-2623_v4_firmwareapollo_4200_gen10_server_firmwareatom_c3808xeon_d-1543nxeon_d-1528_firmwareproliant_dl120_gen9_serverxeon_gold_6226xeon_d-1521xeon_d-2191_firmwarexeon_gold_6252atom_c3950xeon_e5-4650_v4_firmwareproliant_dl560_gen10_server_firmwareatom_c2718_firmwarexeon_gold_6252_firmwarexeon_gold_6209u_firmwarexeon_silver_4110_firmwarexeon_platinum_8260lproliant_dl60_gen9_server_firmwarexeon_d-1602_firmwarexeon_platinum_8180proliant_dl180_gen9_server_firmwarexeon_d-2177ntatom_c3958_firmwarexeon_platinum_8276l_firmware2019.2 IPU – UEFI
CWE ID-CWE-20
Improper Input Validation
CVE-2023-21501
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.2||HIGH
EPSS-0.05% / 15.70%
||
7 Day CHG~0.00%
Published-04 May, 2023 | 00:00
Updated-12 Feb, 2025 | 16:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code.

Action-Not Available
Vendor-Samsung ElectronicsSamsung
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2023-20063
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.39%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 17:11
Updated-16 Dec, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Cisco Firepower Threat Defense Software and Cisco Firepower Management Center Code Injection Vulnerability

A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_firewall_management_centerfirepower_threat_defenseCisco Firepower Management CenterCisco Firepower Threat Defense Software
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2022-36448
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.08% / 23.32%
||
7 Day CHG~0.00%
Published-28 Sep, 2022 | 15:50
Updated-21 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory corruption vulnerability in the Software SMI handler in the PnpSmm driver.

Action-Not Available
Vendor-n/aInsyde Software Corp. (ISC)
Product-insydeh2on/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-35893
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.21% / 43.42%
||
7 Day CHG~0.00%
Published-23 Sep, 2022 | 18:01
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM memory corruption vulnerability in the FvbServicesRuntimeDxe driver allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

Action-Not Available
Vendor-n/aInsyde Software Corp. (ISC)
Product-insydeh2on/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33945
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.07% / 20.43%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:05
Updated-14 Aug, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) Server board and Intel(R) Server System BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bps24compute_module_hns2600bpblc24rserver_board_s2600bpsserver_board_s2600bpqrcompute_module_hns2600bps_firmwarecompute_module_hns2600bpq24_firmwarecompute_module_hns2600bpq_firmwarecompute_module_hns2600bpblc24_firmwareserver_board_s2600bpqr_firmwareserver_system_vrn2224bphy6compute_module_hns2600bpq24r_firmwarecompute_module_hns2600bps24rcompute_module_hns2600bpbserver_board_s2600bpb_firmwarecompute_module_hns2600bpsrcompute_module_liquid-cooled_hns2600bpbrctserver_system_m70klp4s2uhhserver_system_vrn2224bphy6_firmwarecompute_module_hns2600bpblc_firmwarecompute_module_hns2600bpblcrcompute_module_hns2600bpbr_firmwareserver_system_m20ntp1ur304server_system_vrn2224bpaf6compute_module_hns2600bpqrcompute_module_hns2600bpbrserver_system_vrn2224bpaf6_firmwarecompute_module_hns2600bpb_firmwareserver_board_m20ntp2sbserver_board_m10jnp2sb_firmwareserver_board_s2600bpbrserver_system_m70klp4s2uhh_firmwareserver_board_m70klp2sbcompute_module_hns2600bps24_firmwarecompute_module_hns2600bps24r_firmwareserver_system_zsb2224bpaf2compute_module_hns2600bpsr_firmwarecompute_module_hns2600bpb24_firmwareserver_system_mcb2208wfaf5_firmwarecompute_module_liquid-cooled_hns2600bpbrct_firmwareserver_board_s2600bpbr_firmwarecompute_module_hns2600bpqcompute_module_hns2600bpblcr_firmwareserver_board_s2600bpbcompute_module_hns2600bpblc24server_system_zsb2224bphy1_firmwareserver_system_m20ntp1ur304_firmwareserver_board_m70klp2sb_firmwarecompute_module_hns2600bpblc24r_firmwareserver_board_s2600bpqserver_board_m10jnp2sbserver_system_zsb2224bpaf1server_board_s2600bpq_firmwarecompute_module_hns2600bpblcserver_system_zsb2224bpaf1_firmwareserver_board_s2600bpsrcompute_module_hns2600bpqr_firmwareserver_board_s2600bps_firmwarecompute_module_hns2600bpsserver_board_s2600bpsr_firmwarecompute_module_hns2600bpb24server_system_zsb2224bphy1server_system_zsb2224bpaf2_firmwarecompute_module_hns2600bpq24rcompute_module_hns2600bpq24server_board_m20ntp2sb_firmwareserver_system_mcb2208wfaf5Intel(R) Server board and Intel(R) Server System BIOS firmwareserver_system_m70klp_familyserver_board_m10jnp2sb_familyserver_board_s2600bp_familyserver_m20ntp_family
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33176
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.06% / 18.44%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_11_performance_kit_nuc11pahi70z_firmwarenuc_11_performance_kit_nuc11paki7nuc_11_performance_kit_nuc11pahi7_firmwarenuc_11_performance_kit_nuc11pahi30z_firmwarenuc_11_performance_mini_pc_nuc11paqi70qanuc_11_performance_kit_nuc11paki5nuc_11_performance_kit_nuc11paki3nuc_11_performance_kit_nuc11pahi5nuc_11_performance_kit_nuc11pahi30znuc_11_performance_kit_nuc11pahi5_firmwarenuc_11_performance_kit_nuc11pahi70znuc_11_performance_kit_nuc11pahi3_firmwarenuc_11_performance_kit_nuc11paki7_firmwarenuc_11_performance_mini_pc_nuc11paqi50wanuc_11_performance_kit_nuc11paki3_firmwarenuc_11_performance_kit_nuc11pahi50znuc_11_performance_kit_nuc11pahi7nuc_11_performance_kit_nuc11pahi3nuc_11_performance_kit_nuc11paki5_firmwarenuc_11_performance_mini_pc_nuc11paqi50wa_firmwarenuc_11_performance_mini_pc_nuc11paqi70qa_firmwarenuc_11_performance_kit_nuc11pahi50z_firmwareIntel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs
CWE ID-CWE-20
Improper Input Validation
CVE-2022-32489
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.05% / 15.70%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5401vostro_5391_firmwareinspiron_3470latitude_e7270inspiron_7570vostro_3669inspiron_5590_firmwareinspiron_5477_firmwareg7_17_7790_firmwareoptiplex_3280_aio_firmwarelatitude_7380_firmwarevostro_3888xps_13_9370inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_e5270precision_7540wyse_7040_thin_clientwyse_5070inspiron_5490_firmwarealienware_area_51m_r1_firmwarelatitude_5590optiplex_5080latitude_5511latitude_7390_2-in-1latitude_7214_rugged_extreme_firmwareprecision_5530_2-in-1inspiron_7580_firmwarealienware_x14_firmwarealienware_m15_r1_firmwareprecision_7720vostro_5581_firmwarealienware_m17_r3_firmwarelatitude_5300alienware_x14precision_5530_firmwareoptiplex_5050alienware_aurora_r11latitude_7300optiplex_3050_aioprecision_3620_toweroptiplex_5055_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_7000inspiron_3782latitude_3590_firmwarelatitude_7490_firmwarealienware_m15_r2latitude_5310_2-in-1_firmwareinspiron_7490_firmwarexps_8950precision_5720_aiolatitude_7400latitude_5591inspiron_3471latitude_3390optiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwareinspiron_7586optiplex_3040_firmwareoptiplex_5070g5_5000optiplex_3280_aioxps_15_9575_2-in-1inspiron_5491_2-in-1_firmwareoptiplex_3090_firmwarexps_13_9370_firmwarevostro_3581_firmwarevostro_3581latitude_9410inspiron_7777optiplex_7070optiplex_7080_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwarelatitude_5310vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedvostro_3268_firmwarealienware_aurora_r8inspiron_7000_firmwarelatitude_7220_rugged_extreme_tabletalienware_x15_r1latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7480_firmwarelatitude_e5470_firmwarevostro_5591vostro_5090latitude_3190latitude_7220ex_rugged_extreme_tablet_firmwarealienware_aurora_r8_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_5488latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540alienware_aurora_r11_firmwarealienware_x17_r2_firmwareinspiron_3580_firmwareinspiron_3781_firmwarewyse_5070_firmwarevostro_3670_firmwarelatitude_7214_rugged_extremeinspiron_3280_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520wyse_5470_all-in-one_firmwareinspiron_5482precision_7820_toweroptiplex_3090latitude_7290latitude_7212_rugged_extreme_tablet_firmwarealienware_area_51m_r1precision_7540_firmwareinspiron_3582inspiron_7700_aiolatitude_7480vostro_3401_firmwareinspiron_7391_firmwarevostro_3881wyse_5470_firmwareedge_gateway_5000_firmwareinspiron_5593inspiron_7580vostro_5390_firmwareinspiron_5770alienware_m17_r2_firmwarelatitude_3580precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwareinspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarevostro_3584optiplex_xe3precision_5510latitude_3301_firmwareinspiron_7370vostro_3481_firmwareinspiron_3502latitude_5491optiplex_7040inspiron_7386alienware_aurora_r12optiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_5400alienware_aurora_r13_firmwarelatitude_5410inspiron_7373_firmwareprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwarelatitude_3379_firmwarelatitude_5401_firmwareprecision_3551alienware_m17_r3precision_5820_towerprecision_7730inspiron_7380precision_3640_tower_firmwarelatitude_7275_2-in-1_firmwareg7_17_7790embedded_box_pc_3000inspiron_7570_firmwarelatitude_5400_firmwareinspiron_7391alienware_m17_r4vostro_3671_firmwareoptiplex_7460_all_in_one_firmwareprecision_3440precision_7510_firmwareg5_5000_firmwareoptiplex_7470_all-in-oneinspiron_5680_firmwarealienware_m15_r3_firmwareinspiron_3671_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwareinspiron_3781optiplex_3050_firmwarealienware_aurora_r10_firmwareinspiron_7590_firmwareinspiron_7791_firmwareprecision_7740_firmwareinspiron_15_3567alienware_m15_r2_firmwarelatitude_7389vostro_3681inspiron_5570_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareinspiron_3582_firmwarelatitude_5411_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultraprecision_7740inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareinspiron_3790_firmwarexps_13_7390_firmwarelatitude_9510inspiron_5770_firmwareinspiron_7586_firmwarelatitude_3180_firmwarevostro_3681_firmwarealienware_m17_r1_firmwarevostro_3580_firmwareinspiron_3581_firmwarelatitude_9510_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwarevostro_3668vostro_3670edge_gateway_3000latitude_5280inspiron_5490inspiron_3501_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareinspiron_3277precision_3930_rackprecision_7550vostro_3490inspiron_5391inspiron_5598inspiron_3482xps_7590_firmwareinspiron_15_2-in-1_5582_firmwareoptiplex_3080alienware_m17_r1latitude_3480inspiron_3782_firmwarexps_13_9300_firmwarealienware_m15_r4optiplex_7460_all_in_onevostro_3671inspiron_7591latitude_7310inspiron_7790inspiron_7790_firmwarelatitude_3379vostro_3584_firmwareoptiplex_7480_all-in-onechengming_3990_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareinspiron_7700_aio_firmwareoptiplex_7060latitude_5290_firmwareinspiron_15_2-in-1_5582latitude_7424_rugged_extremeoptiplex_7480_all-in-one_firmwareg5_5090_firmwarelatitude_7390g3_15_3590latitude_3390_firmwareprecision_3240_compactprecision_7750_firmwarealienware_aurora_r12_firmwarelatitude_5285_2-in-1_firmwareprecision_7510vostro_3401chengming_3991_firmwarevostro_3480_firmwarevostro_7590_firmwarealienware_aurora_r10precision_3510_firmwareinspiron_7370_firmwarelatitude_7389_firmwareoptiplex_7470_all-in-one_firmwarelatitude_e7470precision_3630_tower_firmwareinspiron_3581inspiron_5400_firmwarelatitude_5488_firmwareinspiron_5583precision_3541_firmwareinspiron_5591_2-in-1alienware_m15_r1alienware_x15_r2inspiron_5680vostro_3881_firmwareinspiron_7373latitude_7200_2-in-1latitude_5511_firmwarevostro_3490_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550latitude_7370latitude_7370_firmwarexps_13_7390_2-in-1_firmwareoptiplex_5070_firmwarealienware_aurora_r13latitude_3310_2-in-1inspiron_5390_firmwarelatitude_5490alienware_m17_r2vostro_3070_firmwareinspiron_7390_firmwareprecision_5720_aio_firmwarexps_7590latitude_3190_2-in-1optiplex_7071edge_gateway_5000vostro_3481inspiron_7786latitude_9410_firmwarevostro_7590latitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180latitude_5300_2-in-1latitude_7424_rugged_extreme_firmwarelatitude_e5470optiplex_3070_firmwarelatitude_7410_firmwarevostro_3667alienware_x15_r2_firmwarelatitude_e7470_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1inspiron_5491_aioinspiron_3780inspiron_7380_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarevostro_5090_firmwarexps_13_7390g3_15_5590_firmwareinspiron_3502_firmwareinspiron_5584precision_3520inspiron_7573_firmwarelatitude_5495_firmwarelatitude_e5570inspiron_3880_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareoptiplex_5055optiplex_5080_firmwarelatitude_e5270_firmwareinspiron_5493_firmwarevostro_3471inspiron_3480_firmwarealienware_m15_r3optiplex_5060_firmwarevostro_3590vostro_5390vostro_5590_firmwareprecision_7530_firmwarealienware_m17_r4_firmwarealienware_x17_r1inspiron_3790vostro_3583_firmwarelatitude_3190_firmwareinspiron_5494g7_17_7590g3_3779_firmwarexps_13_9300latitude_5500precision_7550_firmwareinspiron_5477chengming_3991inspiron_5480xps_8950_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwareinspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501chengming_3990vostro_3583alienware_x17_r2latitude_5491_firmwarevostro_5880_firmwareinspiron_3493optiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarewyse_5470_all-in-oneinspiron_5583_firmwarelatitude_5580_firmwareinspiron_3477_firmwarelatitude_3189xps_15_9575_2-in-1_firmwarevostro_3580precision_7750inspiron_14_3467_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579inspiron_7386_firmwareoptiplex_7080alienware_aurora_r9alienware_area_51m_r2_firmwarealienware_m15_r4_firmwareg3_15_5590latitude_5480optiplex_3046latitude_5414_rugged_firmwarelatitude_7300_firmwarealienware_x15_r1_firmwarelatitude_5510wyse_5470vostro_3501_firmwareinspiron_3593_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarealienware_x17_r1_firmwarexps_8930inspiron_7786_firmwarelatitude_3310_2-in-1_firmwarelatitude_7410inspiron_3590_firmwarelatitude_5501_firmwarexps_13_7390_2-in-1latitude_5411optiplex_7450_firmwareoptiplex_7450xps_13_9365_2-in-1optiplex_3050_aio_firmwareinspiron_15_3567_firmwareg3_3579_firmwareg7_17_7590_firmwarelatitude_3480_firmwarelatitude_3189_firmwarevostro_3590_firmwareinspiron_5498inspiron_7591_firmwarelatitude_5290latitude_5289_firmwarechengming_3980_firmwareinspiron_5491_2-in-1latitude_3120_firmwarelatitude_5590_firmwareinspiron_5590vostro_3267inspiron_14_3467g3_15_3590_firmwareinspiron_3671inspiron_5498_firmwareprecision_5540inspiron_3480latitude_3490precision_3930_rack_firmwareinspiron_3670inspiron_3793_firmwareprecision_3430_tower_firmwareinspiron_7390latitude_3300_firmwarelatitude_7400_2-in-1precision_3640_towervostro_5581inspiron_3490latitude_7210_2-in-1_firmwarelatitude_5510_firmwareinspiron_3670_firmwarelatitude_7212_rugged_extreme_tabletlatitude_e5570_firmwarelatitude_7220_rugged_extreme_tablet_firmwareprecision_3540_firmwareinspiron_7777_firmwareoptiplex_3046_firmwareinspiron_3482_firmwarelatitude_5289precision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwareprecision_5510_firmwareprecision_3420_towerinspiron_3881xps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwarealienware_area_51m_r2latitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_5310_firmwarevostro_3070inspiron_3793precision_3430_towerinspiron_5481_firmwarechengming_3988xps_15_7590inspiron_3477latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareedge_gateway_3000_firmwareinspiron_3277_firmwareinspiron_5401_firmwareinspiron_7573precision_5540_firmwarevostro_5590xps_8940_firmwarelatitude_3120vostro_3480optiplex_5260_all-in-one_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwarevostro_3582_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarevostro_3470latitude_5414_ruggedalienware_aurora_r9_firmwareoptiplex_3070inspiron_3280optiplex_3040latitude_7290_firmwareprecision_7530xps_8930_firmwarexps_13_9365_2-in-1_firmwareinspiron_5391_firmwarexps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareprecision_3510xps_13_9380_firmwarelatitude_7490inspiron_5390optiplex_7060_firmwareprecision_3240_compact_firmwareg3_3779inspiron_5401vostro_3582vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwareCPG BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2022-32488
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.05% / 15.70%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5401vostro_5391_firmwareinspiron_3470latitude_e7270inspiron_7570vostro_3669inspiron_5590_firmwareinspiron_5477_firmwareg7_17_7790_firmwareoptiplex_3280_aio_firmwarelatitude_7380_firmwarevostro_3888xps_13_9370inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_e5270precision_7540wyse_7040_thin_clientwyse_5070inspiron_5490_firmwarealienware_area_51m_r1_firmwarelatitude_5590optiplex_5080latitude_5511latitude_7390_2-in-1latitude_7214_rugged_extreme_firmwareprecision_5530_2-in-1inspiron_7580_firmwarealienware_x14_firmwarealienware_m15_r1_firmwareprecision_7720vostro_5581_firmwarealienware_m17_r3_firmwarelatitude_5300alienware_x14precision_5530_firmwareoptiplex_5050alienware_aurora_r11latitude_7300optiplex_3050_aioprecision_3620_toweroptiplex_5055_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_7000inspiron_3782latitude_3590_firmwarelatitude_7490_firmwarealienware_m15_r2latitude_5310_2-in-1_firmwareinspiron_7490_firmwarexps_8950precision_5720_aiolatitude_7400latitude_5591inspiron_3471latitude_3390optiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwareinspiron_7586optiplex_3040_firmwareoptiplex_5070g5_5000optiplex_3280_aioxps_15_9575_2-in-1inspiron_5491_2-in-1_firmwareoptiplex_3090_firmwarexps_13_9370_firmwarevostro_3581_firmwarevostro_3581latitude_9410inspiron_7777optiplex_7070optiplex_7080_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwarelatitude_5310vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedvostro_3268_firmwarealienware_aurora_r8inspiron_7000_firmwarelatitude_7220_rugged_extreme_tabletalienware_x15_r1latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7480_firmwarelatitude_e5470_firmwarevostro_5591vostro_5090latitude_3190latitude_7220ex_rugged_extreme_tablet_firmwarealienware_aurora_r8_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_5488latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540alienware_aurora_r11_firmwarealienware_x17_r2_firmwareinspiron_3580_firmwareinspiron_3781_firmwarewyse_5070_firmwarevostro_3670_firmwarelatitude_7214_rugged_extremeinspiron_3280_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520wyse_5470_all-in-one_firmwareinspiron_5482precision_7820_toweroptiplex_3090latitude_7290latitude_7212_rugged_extreme_tablet_firmwarealienware_area_51m_r1precision_7540_firmwareinspiron_3582inspiron_7700_aiolatitude_7480vostro_3401_firmwareinspiron_7391_firmwarevostro_3881wyse_5470_firmwareedge_gateway_5000_firmwareinspiron_5593inspiron_7580vostro_5390_firmwareinspiron_5770alienware_m17_r2_firmwarelatitude_3580precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwareinspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarevostro_3584optiplex_xe3precision_5510latitude_3301_firmwareinspiron_7370vostro_3481_firmwareinspiron_3502latitude_5491optiplex_7040inspiron_7386alienware_aurora_r12optiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_5400alienware_aurora_r13_firmwarelatitude_5410inspiron_7373_firmwareprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwarelatitude_3379_firmwarelatitude_5401_firmwareprecision_3551alienware_m17_r3precision_5820_towerprecision_7730inspiron_7380precision_3640_tower_firmwarelatitude_7275_2-in-1_firmwareg7_17_7790embedded_box_pc_3000inspiron_7570_firmwarelatitude_5400_firmwareinspiron_7391alienware_m17_r4vostro_3671_firmwareoptiplex_7460_all_in_one_firmwareprecision_3440precision_7510_firmwareg5_5000_firmwareoptiplex_7470_all-in-oneinspiron_5680_firmwarealienware_m15_r3_firmwareinspiron_3671_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwareinspiron_3781optiplex_3050_firmwarealienware_aurora_r10_firmwareinspiron_7590_firmwareinspiron_7791_firmwareprecision_7740_firmwareinspiron_15_3567alienware_m15_r2_firmwarelatitude_7389vostro_3681inspiron_5570_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareinspiron_3582_firmwarelatitude_5411_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultraprecision_7740inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareinspiron_3790_firmwarexps_13_7390_firmwarelatitude_9510inspiron_5770_firmwareinspiron_7586_firmwarelatitude_3180_firmwarevostro_3681_firmwarealienware_m17_r1_firmwarevostro_3580_firmwareinspiron_3581_firmwarelatitude_9510_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwarevostro_3668vostro_3670edge_gateway_3000latitude_5280inspiron_5490inspiron_3501_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareinspiron_3277precision_3930_rackprecision_7550vostro_3490inspiron_5391inspiron_5598inspiron_3482xps_7590_firmwareinspiron_15_2-in-1_5582_firmwareoptiplex_3080alienware_m17_r1latitude_3480inspiron_3782_firmwarexps_13_9300_firmwarealienware_m15_r4optiplex_7460_all_in_onevostro_3671inspiron_7591latitude_7310inspiron_7790inspiron_7790_firmwarelatitude_3379vostro_3584_firmwareoptiplex_7480_all-in-onechengming_3990_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareinspiron_7700_aio_firmwareoptiplex_7060latitude_5290_firmwareinspiron_15_2-in-1_5582latitude_7424_rugged_extremeoptiplex_7480_all-in-one_firmwareg5_5090_firmwarelatitude_7390g3_15_3590latitude_3390_firmwareprecision_3240_compactprecision_7750_firmwarealienware_aurora_r12_firmwarelatitude_5285_2-in-1_firmwareprecision_7510vostro_3401chengming_3991_firmwarevostro_3480_firmwarevostro_7590_firmwarealienware_aurora_r10precision_3510_firmwareinspiron_7370_firmwarelatitude_7389_firmwareoptiplex_7470_all-in-one_firmwarelatitude_e7470precision_3630_tower_firmwareinspiron_3581inspiron_5400_firmwarelatitude_5488_firmwareinspiron_5583precision_3541_firmwareinspiron_5591_2-in-1alienware_m15_r1alienware_x15_r2inspiron_5680vostro_3881_firmwareinspiron_7373latitude_7200_2-in-1latitude_5511_firmwarevostro_3490_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550latitude_7370latitude_7370_firmwarexps_13_7390_2-in-1_firmwareoptiplex_5070_firmwarealienware_aurora_r13latitude_3310_2-in-1inspiron_5390_firmwarelatitude_5490alienware_m17_r2vostro_3070_firmwareinspiron_7390_firmwareprecision_5720_aio_firmwarexps_7590latitude_3190_2-in-1optiplex_7071edge_gateway_5000vostro_3481inspiron_7786latitude_9410_firmwarevostro_7590latitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180latitude_5300_2-in-1latitude_7424_rugged_extreme_firmwarelatitude_e5470optiplex_3070_firmwarelatitude_7410_firmwarevostro_3667alienware_x15_r2_firmwarelatitude_e7470_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1inspiron_5491_aioinspiron_3780inspiron_7380_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarevostro_5090_firmwarexps_13_7390g3_15_5590_firmwareinspiron_3502_firmwareinspiron_5584precision_3520inspiron_7573_firmwarelatitude_5495_firmwarelatitude_e5570inspiron_3880_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareoptiplex_5055optiplex_5080_firmwarelatitude_e5270_firmwareinspiron_5493_firmwarevostro_3471inspiron_3480_firmwarealienware_m15_r3optiplex_5060_firmwarevostro_3590vostro_5390vostro_5590_firmwareprecision_7530_firmwarealienware_m17_r4_firmwarealienware_x17_r1inspiron_3790vostro_3583_firmwarelatitude_3190_firmwareinspiron_5494g7_17_7590g3_3779_firmwarexps_13_9300latitude_5500precision_7550_firmwareinspiron_5477chengming_3991inspiron_5480xps_8950_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwareinspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501chengming_3990vostro_3583alienware_x17_r2latitude_5491_firmwarevostro_5880_firmwareinspiron_3493optiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarewyse_5470_all-in-oneinspiron_5583_firmwarelatitude_5580_firmwareinspiron_3477_firmwarelatitude_3189xps_15_9575_2-in-1_firmwarevostro_3580precision_7750inspiron_14_3467_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579inspiron_7386_firmwareoptiplex_7080alienware_aurora_r9alienware_area_51m_r2_firmwarealienware_m15_r4_firmwareg3_15_5590latitude_5480optiplex_3046latitude_5414_rugged_firmwarelatitude_7300_firmwarealienware_x15_r1_firmwarelatitude_5510wyse_5470vostro_3501_firmwareinspiron_3593_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarealienware_x17_r1_firmwarexps_8930inspiron_7786_firmwarelatitude_3310_2-in-1_firmwarelatitude_7410inspiron_3590_firmwarelatitude_5501_firmwarexps_13_7390_2-in-1latitude_5411optiplex_7450_firmwareoptiplex_7450xps_13_9365_2-in-1optiplex_3050_aio_firmwareinspiron_15_3567_firmwareg3_3579_firmwareg7_17_7590_firmwarelatitude_3480_firmwarelatitude_3189_firmwarevostro_3590_firmwareinspiron_5498inspiron_7591_firmwarelatitude_5290latitude_5289_firmwarechengming_3980_firmwareinspiron_5491_2-in-1latitude_3120_firmwarelatitude_5590_firmwareinspiron_5590vostro_3267inspiron_14_3467g3_15_3590_firmwareinspiron_3671inspiron_5498_firmwareprecision_5540inspiron_3480latitude_3490precision_3930_rack_firmwareinspiron_3670inspiron_3793_firmwareprecision_3430_tower_firmwareinspiron_7390latitude_3300_firmwarelatitude_7400_2-in-1precision_3640_towervostro_5581inspiron_3490latitude_7210_2-in-1_firmwarelatitude_5510_firmwareinspiron_3670_firmwarelatitude_7212_rugged_extreme_tabletlatitude_e5570_firmwarelatitude_7220_rugged_extreme_tablet_firmwareprecision_3540_firmwareinspiron_7777_firmwareoptiplex_3046_firmwareinspiron_3482_firmwarelatitude_5289precision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwareprecision_5510_firmwareprecision_3420_towerinspiron_3881xps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwarealienware_area_51m_r2latitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_5310_firmwarevostro_3070inspiron_3793precision_3430_towerinspiron_5481_firmwarechengming_3988xps_15_7590inspiron_3477latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareedge_gateway_3000_firmwareinspiron_3277_firmwareinspiron_5401_firmwareinspiron_7573precision_5540_firmwarevostro_5590xps_8940_firmwarelatitude_3120vostro_3480optiplex_5260_all-in-one_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwarevostro_3582_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarevostro_3470latitude_5414_ruggedalienware_aurora_r9_firmwareoptiplex_3070inspiron_3280optiplex_3040latitude_7290_firmwareprecision_7530xps_8930_firmwarexps_13_9365_2-in-1_firmwareinspiron_5391_firmwarexps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareprecision_3510xps_13_9380_firmwarelatitude_7490inspiron_5390optiplex_7060_firmwareprecision_3240_compact_firmwareg3_3779inspiron_5401vostro_3582vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwareCPG BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2022-30542
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.14% / 33.71%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the firmware for some Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families before version R02.01.0014 may allow a privileged user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-r2000wf_firmwarer2000wfr1000wfs2600wf_firmwarer1000wf_firmwares2600wfIntel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families
CWE ID-CWE-20
Improper Input Validation
CVE-2024-36282
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.1||HIGH
EPSS-0.10% / 26.47%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 21:11
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) Server Board S2600ST Family BIOS and Firmware Update software all versions may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) Server Board S2600ST Family BIOS and Firmware Update softwareserver_board_s2600st_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2024-36482
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.1||HIGH
EPSS-0.12% / 31.21%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 21:11
Updated-04 Feb, 2025 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) CIP software before version 2.4.10852 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-computing_improvement_programIntel(R) CIP softwarecip_software
CWE ID-CWE-20
Improper Input Validation
CVE-2024-34163
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.7||HIGH
EPSS-0.09% / 25.82%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-12 Sep, 2024 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) NUC may allow a privileged user to potentially enableescalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_x15_laptop_kit_laprc510nuc_x15_laptop_kit_lapbc710_firmwarenuc_x15_laptop_kit_lapbc510_firmwarenuc_x15_laptop_kit_lapbc710nuc_x15_laptop_kit_lapkc51e_firmwarenuc_x15_laptop_kit_laprc710_firmwarenuc_x15_laptop_kit_lapac71hnuc_x15_laptop_kit_lapkc51enuc_x15_laptop_kit_laprc710nuc_x15_laptop_kit_lapac71gnuc_x15_laptop_kit_lapbc510nuc_x15_laptop_kit_lapkc71f_firmwarenuc_x15_laptop_kit_lapac71g_firmwarenuc_x15_laptop_kit_laprc510_firmwarenuc_x15_laptop_kit_lapac71h_firmwarenuc_x15_laptop_kit_lapkc71e_firmwarenuc_x15_laptop_kit_lapkc71fnuc_x15_laptop_kit_lapkc71eIntel(R) NUClapkc71f_firmwarelapbc710_firmwarelapkc51e_firmwarelapkc71e_firmwarelaprc510_firmwarelaprc710_firmwarelapbc510_firmwarelapac71h_firmwarelapac71g_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2024-32860
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.04% / 14.04%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 13:00
Updated-16 Aug, 2024 | 16:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_x15_r2_firmwarealienware_aurora_r13_firmwarealienware_x17_r2alienware_m17_r4_firmwarealienware_x17_r1alienware_x15_r2alienware_m17_r3alienware_aurora_r15_amd_firmwarealienware_area_51m_r2_firmwarealienware_aurora_ryzen_edition_r14_firmwarexps_8960inspiron_15_352_firmwarexps_8950alienware_x15_r1_firmwareinspiron_15_352alienware_x15_r1alienware_aurora_ryzen_edition_r14xps_8960_firmwareinspiron_3502_firmwarealienware_aurora_r13inspiron_15_3510alienware_m17_r4alienware_aurora_r12_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarexps_8950_firmwarealienware_x14_firmwarealienware_m15_r3_firmwarealienware_m17_r3_firmwarealienware_aurora_r11_firmwarealienware_aurora_r15_amdalienware_m15_r3alienware_m15_r4alienware_x14alienware_x17_r2_firmwareinspiron_3502inspiron_15_3510_firmwarealienware_aurora_r15alienware_aurora_r12aurora_r16alienware_aurora_r11alienware_aurora_r15_firmwareaurora_r16_firmwareCPG BIOScpg_bios
CWE ID-CWE-20
Improper Input Validation
CVE-2024-32858
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.04% / 14.04%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 12:48
Updated-24 Sep, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_x15_r2_firmwarealienware_aurora_r13_firmwarealienware_x17_r2alienware_x17_r1alienware_m17_r4_firmwarealienware_x15_r2alienware_m17_r3alienware_aurora_r15_amd_firmwarealienware_area_51m_r2_firmwarealienware_aurora_ryzen_edition_r14_firmwarexps_8960xps_8950alienware_x15_r1_firmwarealienware_x15_r1xps_8960_firmwarealienware_aurora_ryzen_edition_r14inspiron_3502_firmwarealienware_aurora_r13inspiron_15_3521_firmwareinspiron_15_3510alienware_m17_r4alienware_aurora_r12_firmwarealienware_area_51m_r2xps_8950_firmwarealienware_x17_r1_firmwarealienware_aurora_r10alienware_x14_firmwarealienware_m15_r3_firmwarealienware_aurora_r10_firmwarealienware_m17_r3_firmwarealienware_x17_r2_firmwarealienware_m15_r4alienware_x14inspiron_3502inspiron_15_3521alienware_m15_r3alienware_aurora_r15_amdalienware_aurora_r11_firmwarealienware_aurora_r11alienware_aurora_r15aurora_r16alienware_aurora_r12inspiron_15_3510_firmwarealienware_aurora_r15_firmwareaurora_r16_firmwareCPG BIOSalienware_aurora_r11_firmwarealienware_aurora_r13_firmwarealienware_aurora_r12_firmwarexps_8950_firmwarexps_8960_firmwarealienware_aurora_r15_amd_firmwareinspiron_3502_firmwarealienware_aurora_r15_firmwarealienware_aurora_r14_ryzen_edition_firmwarealienware_aurora_r16_firmwarealienware_aurora_r10_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2024-28947
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.1||HIGH
EPSS-0.09% / 25.82%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-12 Sep, 2024 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_board_s2600st_firmwareIntel(R) Server Board S2600ST Family firmwareserver_board_s2600st_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2022-28126
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6||MEDIUM
EPSS-0.06% / 18.44%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xmm_7560_firmwarexmm_7560Intel(R) XMM(TM) 7560 Modem software
CWE ID-CWE-20
Improper Input Validation
CVE-2022-26006
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.14% / 34.62%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:49
Updated-05 Feb, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_e5-2699r_v4_firmwarecore_i7-3920xmxeon_e5-4667_v3_firmwarexeon_e5-4620_v4_firmwarexeon_e5-2623_v4xeon_e5-1630_v4xeon_e5-2603_v3xeon_e5-4660_v4xeon_e5-2640_v3_firmwarexeon_e5-2640_v4xeon_e5-2690_v3xeon_e5-2670_v3_firmwarexeon_e5-2687w_v4_firmwarecore_i7-6900k_firmwarexeon_e5-4640_v3xeon_e5-2699_v3core_i7-3940xm_firmwarecore_i7-6950x_firmwarexeon_e5-2630l_v4xeon_e5-2699_v3_firmwarexeon_e5-2698_v3_firmwarexeon_e5-2650_v3xeon_e5-4610_v3_firmwarecore_i7-6850k_firmwarexeon_e5-2620_v4_firmwarexeon_e5-2687w_v3xeon_e5-2618l_v3core_i9-10980xe_firmwarexeon_e5-2699a_v4core_i7-9800xxeon_e5-2695_v3_firmwarexeon_e5-2658_v3_firmwarexeon_e5-4620_v4core_i9-7920x_firmwarexeon_e5-2618l_v3_firmwarexeon_e5-1650_v3xeon_e5-2699_v4_firmwarexeon_e5-2630l_v4_firmwarecore_i5-7640x_firmwarexeon_e5-2650l_v4core_i7-7800x_firmwarexeon_e5-1630_v3_firmwarexeon_e5-2683_v4xeon_e5-2683_v3_firmwarecore_i7-5930k_firmwarexeon_e5-4660_v4_firmwarexeon_e5-2650_v3_firmwarexeon_e5-2623_v4_firmwarexeon_e5-2695_v3xeon_e5-1428l_v3_firmwarecore_i9-9940xxeon_e5-2658a_v3_firmwarexeon_e5-2680_v3xeon_e5-4628l_v4_firmwarexeon_e5-2650_v4_firmwarexeon_e5-4655_v3_firmwarecore_i7-6800kxeon_e5-2428l_v3xeon_e5-1620_v4_firmwarexeon_e5-2630l_v3_firmwarexeon_e5-2438l_v3xeon_e5-2667_v3_firmwarexeon_e5-2680_v4xeon_e5-1620_v4core_i7-4930kxeon_e5-1660_v3_firmwarexeon_e5-2667_v4core_i7-3960xxeon_e5-2648l_v4xeon_e5-2698_v4_firmwarecore_i7-3960x_firmwarexeon_e5-2628l_v3core_i9-7980xe_firmwarexeon_e5-2609_v4xeon_e5-4655_v4_firmwarexeon_e5-1680_v3_firmwarecore_i7-4820k_firmwarexeon_e5-1660_v4_firmwarecore_i9-7980xexeon_e5-2637_v3core_i7-9800x_firmwarexeon_e5-1620_v3xeon_e5-2680_v3_firmwarecore_i9-10980xexeon_e5-1660_v3xeon_e5-4640_v4xeon_e5-2667_v3core_i9-7940x_firmwarecore_i9-9980xe_firmwarexeon_e5-2630_v3_firmwarexeon_e5-2650l_v3xeon_e5-2628l_v3_firmwarecore_i7-3940xmcore_i9-9980xexeon_e5-2608l_v4_firmwarexeon_e5-2697_v3xeon_e5-4640_v4_firmwarecore_i7-4940mx_firmwarexeon_e5-2643_v4_firmwarexeon_e5-2667_v4_firmwarexeon_e5-2697_v4_firmwarexeon_e5-2428l_v3_firmwarexeon_e5-2643_v3_firmwarexeon_e5-2697_v3_firmwarexeon_e5-2640_v3xeon_e5-2418l_v3_firmwarexeon_e5-2648l_v4_firmwarexeon_e5-2695_v4xeon_e5-2683_v3xeon_e5-2609_v3core_i7-5820k_firmwarexeon_e5-2690_v3_firmwarecore_i7-5930kxeon_e5-2603_v3_firmwarexeon_e5-2630_v4core_i9-10900xcore_i7-7740x_firmwarecore_i7-6900kcore_i7-7820x_firmwarexeon_e5-4667_v4_firmwarecore_i9-9960x_firmwarecore_i9-7900x_firmwarexeon_e5-2408l_v3xeon_e5-4660_v3xeon_e5-2699r_v4core_i7-5820kxeon_e5-2628l_v4core_i7-5960x_firmwarexeon_e5-4610_v4_firmwarecore_i7-3970xcore_i7-6950xxeon_e5-2630_v3xeon_e5-4650_v3xeon_e5-2620_v4xeon_e5-1630_v3xeon_e5-2690_v4xeon_e5-2608l_v4xeon_e5-2609_v4_firmwarecore_i9-10940xxeon_e5-2695_v4_firmwarexeon_e5-1680_v4xeon_e5-2658a_v3xeon_e5-2620_v3_firmwarexeon_e5-2630_v4_firmwarexeon_e5-4669_v3xeon_e5-2438l_v3_firmwarexeon_e5-4627_v4_firmwarexeon_e5-2643_v3core_i9-7900xxeon_e5-2658_v4xeon_e5-2628l_v4_firmwarexeon_e5-4655_v4xeon_e5-2660_v4xeon_e5-4648_v3_firmwarecore_i7-6850kcore_i7-4930mxcore_i7-4940mxxeon_e5-4627_v3_firmwarexeon_e5-4669_v3_firmwarecore_i9-7960x_firmwarecore_i9-7920xxeon_e5-2670_v3xeon_e5-2697a_v4xeon_e5-2658_v4_firmwarexeon_e5-2623_v3core_i9-9960xxeon_e5-4610_v4xeon_e5-2697a_v4_firmwarexeon_e5-2623_v3_firmwarecore_i9-10920xcore_i9-9920xxeon_e5-2648l_v3xeon_e5-2637_v3_firmwarexeon_e5-2637_v4_firmwarexeon_e5-2690_v4_firmwarecore_i5-7640xcore_i7-3930k_firmwarexeon_e5-4640_v3_firmwarexeon_e5-4660_v3_firmwarexeon_e5-2687w_v3_firmwarecore_i9-7940xxeon_e5-2660_v4_firmwarexeon_e5-2618l_v4_firmwarecore_i7-3970x_firmwarecore_i7-4930k_firmwarecore_i9-7960xcore_i9-9820xxeon_e5-2699a_v4_firmwarecore_i7-3820_firmwarexeon_e5-2608l_v3_firmwarexeon_e5-1650_v3_firmwarexeon_e5-2640_v4_firmwarecore_i7-4960x_firmwarexeon_e5-1650_v4xeon_e5-2609_v3_firmwarexeon_e5-2648l_v3_firmwarecore_i7-7820xcore_i7-3930kcore_i9-9900xxeon_e5-2603_v4_firmwarexeon_e5-4627_v4xeon_e5-1680_v3core_i9-10900x_firmwarecore_i7-4930mx_firmwarexeon_e5-4648_v3xeon_e5-2418l_v3core_i7-3820xeon_e5-4669_v4_firmwarecore_i7-3920xm_firmwarexeon_e5-2683_v4_firmwarexeon_e5-1680_v4_firmwarexeon_e5-1620_v3_firmwarexeon_e5-2698_v3xeon_e5-2630l_v3xeon_e5-4620_v3_firmwarexeon_e5-4655_v3core_i9-9920x_firmwarexeon_e5-2608l_v3xeon_e5-4669_v4xeon_e5-1630_v4_firmwarecore_i7-5960xxeon_e5-2699_v4core_i7-7800xxeon_e5-4627_v3xeon_e5-4610_v3xeon_e5-2650_v4xeon_e5-2660_v3xeon_e5-2698_v4core_i9-9820x_firmwarexeon_e5-4628l_v4core_i7-4960xxeon_e5-4667_v3xeon_e5-4620_v3xeon_e5-2408l_v3_firmwarecore_i9-9900x_firmwarexeon_e5-1428l_v3xeon_e5-2658_v3xeon_e5-2687w_v4xeon_e5-2643_v4xeon_e5-4650_v4core_i9-9940x_firmwarecore_i9-10920x_firmwarexeon_e5-2637_v4core_i7-6800k_firmwarecore_i7-4820kcore_i9-10940x_firmwarexeon_e5-2620_v3xeon_e5-2697_v4xeon_e5-2618l_v4xeon_e5-2660_v3_firmwarexeon_e5-4650_v4_firmwarexeon_e5-2680_v4_firmwarexeon_e5-1660_v4xeon_e5-2650l_v4_firmwarexeon_e5-2603_v4xeon_e5-1650_v4_firmwarexeon_e5-2650l_v3_firmwarecore_i7-7740xxeon_e5-4650_v3_firmwarexeon_e5-4667_v4Intel(R) Processors
CWE ID-CWE-20
Improper Input Validation
CVE-2022-24818
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.2||HIGH
EPSS-8.24% / 92.41%
||
7 Day CHG~0.00%
Published-13 Apr, 2022 | 20:55
Updated-23 Apr, 2025 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unchecked JNDI lookups in GeoTools

GeoTools is an open source Java library that provides tools for geospatial data. The GeoTools library has a number of data sources that can perform unchecked JNDI lookups, which in turn can be used to perform class deserialization and result in arbitrary code execution. Similar to the Log4J case, the vulnerability can be triggered if the JNDI names are user-provided, but requires admin-level login to be triggered. The lookups are now restricted in GeoTools 26.4, GeoTools 25.6, and GeoTools 24.6. Users unable to upgrade should ensure that any downstream application should not allow usage of remotely provided JNDI strings.

Action-Not Available
Vendor-geotoolsgeotools
Product-geotoolsgeotools
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2020-8721
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.06% / 17.65%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:30
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-20
Improper Input Validation
CVE-2020-2908
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-8.2||HIGH
EPSS-0.16% / 37.07%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 13:29
Updated-27 Sep, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

Action-Not Available
Vendor-openSUSEOracle Corporation
Product-vm_virtualboxleapVM VirtualBox
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2020-12299
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.06% / 19.78%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 03:26
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-s2600wftr_firmwares2600bpbr_firmwares2600wfqrs2600stbrs2600stqr_firmwares2600wftrs2600wf0r_firmwares2600stbr_firmwares2600bpqr_firmwares2600wfqr_firmwares2600stqrs2600wf0rs2600bpsr_firmwares2600bpqrs2600bpbrs2600bpsrIntel(R) Server Board Families Advisory
CWE ID-CWE-20
Improper Input Validation
CVE-2023-34086
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.04% / 12.78%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-09 Oct, 2024 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc7i5bnknuc_board_nuc7i3bnhx1nuc_kit_nuc7i5bnkp_firmwarenuc_kit_nuc7i3bnhx1_firmwarenuc_rugged_kit_nuc8cchbnnuc_board_nuc7i5bnk_firmwarenuc_mini_pc_nuc7i5bnkpnuc_rugged_kit_nuc8cchkrnuc_mini_pc_nuc7i5bnh_firmwarenuc_enthusiast_nuc7i3bnhx1nuc_kit_nuc7i5bnbnuc_kit_nuc7i3bnhxfnuc_kit_nuc7i5bnhnuc_board_nuc7i3bnk_firmwarenuc_mini_pc_nuc7i7bnh_firmwarenuc_enthusiast_nuc7i5bnhxf_firmwarenuc_board_nuc7i5bnbnuc_kit_nuc7i3bnknuc_board_nuc7i3bnb_firmwarenuc_enthusiast_nuc7i5bnkpnuc_board_nuc7i5bnhnuc_enthusiast_nuc7i5bnkp_firmwarenuc_board_nuc7i7bnkq_firmwarenuc_enthusiast_nuc7i7bnh_firmwarenuc_kit_nuc7i7bnhnuc_board_nuc7i5bnh_firmwarenuc_kit_nuc7i3bnh_firmwarenuc_kit_nuc7i3bnhx1nuc_board_nuc7i5bnhx1_firmwarenuc_board_nuc7i7bnhx1nuc_rugged_kit_nuc8cchbn_firmwarenuc_board_nuc7i7bnb_firmwarenuc_board_nuc7i7bnhxg_firmwarenuc_mini_pc_nuc7i7bnkq_firmwarenuc_kit_nuc7i5bnh_firmwarenuc_enthusiast_nuc7i5bnh_firmwarenuc_board_nuc7i7bnhx1_firmwarenuc_mini_pc_nuc7i5bnbnuc_mini_pc_nuc7i7bnbnuc_enthusiast_nuc7i3bnhxf_firmwarenuc_kit_nuc7i5bnhxfnuc_rugged_kit_nuc8cchkr_firmwarenuc_enthusiast_nuc7i3bnh_firmwarenuc_mini_pc_nuc7i5bnhcompute_element_stk2mv64ccnuc_kit_nuc6cayh_firmwarenuc_kit_nuc7i7bnhxgnuc_board_nuc7i3bnhxfnuc_kit_nuc7i5bnhx1_firmwarenuc_board_nuc7i5bnhxfnuc_kit_nuc7i3bnk_firmwarenuc_kit_nuc7i7bnhx1nuc_enthusiast_nuc7i3bnhnuc_mini_pc_nuc7i3bnhnuc_enthusiast_nuc7i7bnbnuc_board_nuc7i5bnkp_firmwarenuc_enthusiast_nuc7i7bnhx1nuc_kit_nuc6cays_firmwarenuc_kit_nuc7i7bnkqnuc_mini_pc_nuc7i3bnk_firmwarenuc_kit_nuc7i7bnbnuc_kit_nuc7i5bnkpnuc_board_nuc7i7bnhnuc_kit_nuc7i3bnbnuc_mini_pc_nuc7i3bnbnuc_enthusiast_nuc7i3bnb_firmwarenuc_mini_pc_nuc7i7bnkqnuc_enthusiast_nuc7i7bnb_firmwarenuc_enthusiast_nuc7i7bnkqnuc_mini_pc_nuc7i5bnhxfnuc_kit_nuc7i3bnhxf_firmwarenuc_rugged_kit_nuc8cchkrnnuc_enthusiast_nuc7i5bnk_firmwarenuc_board_nuc7i3bnhnuc_enthusiast_nuc7i3bnbnuc_enthusiast_nuc7i7bnhxgnuc_enthusiast_nuc7i5bnhxfnuc_board_nuc7i3bnhx1_firmwarenuc_enthusiast_nuc7i7bnhxg_firmwarenuc_mini_pc_nuc7i3bnhxf_firmwarenuc_enthusiast_nuc7i5bnhx1nuc_mini_pc_nuc7i7bnhxgnuc_kit_nuc7i5bnhx1nuc_mini_pc_nuc7i3bnh_firmwarenuc_enthusiast_nuc7i5bnbnuc_board_nuc7i5bnkpnuc_enthusiast_nuc7i5bnb_firmwarecompute_element_stk2mv64cc_firmwarenuc_mini_pc_nuc7i3bnhx1nuc_board_nuc7i3bnh_firmwarenuc_kit_nuc7i3bnb_firmwarenuc_kit_nuc7i7bnb_firmwarenuc_board_nuc7i3bnhxf_firmwarenuc_mini_pc_nuc7i7bnhxg_firmwarenuc_mini_pc_nuc7i3bnhx1_firmwarenuc_enthusiast_nuc7i3bnk_firmwarenuc_mini_pc_nuc7i5bnhxf_firmwarenuc_enthusiast_nuc7i5bnhx1_firmwarenuc_kit_nuc6caysnuc_mini_pc_nuc7i5bnknuc_enthusiast_nuc7i5bnknuc_kit_nuc7i7bnh_firmwarenuc_mini_pc_nuc7i5bnhx1_firmwarenuc_mini_pc_nuc7i7bnb_firmwarenuc_mini_pc_nuc7i5bnkp_firmwarenuc_rugged_kit_nuc8cchbnuc_kit_nuc6cayhnuc_enthusiast_nuc7i3bnknuc_board_nuc7i3bnbnuc_board_nuc7i7bnhxgnuc_kit_nuc7i7bnhxg_firmwarenuc_board_nuc7i3bnknuc_kit_nuc7i5bnhxf_firmwarenuc_mini_pc_nuc7i7bnhx1nuc_kit_nuc7i5bnk_firmwarenuc_mini_pc_nuc7i5bnhx1nuc_mini_pc_nuc7i7bnhnuc_enthusiast_nuc7i5bnhnuc_enthusiast_nuc7i3bnhxfnuc_enthusiast_nuc7i7bnhx1_firmwarenuc_kit_nuc7i7bnhx1_firmwarenuc_enthusiast_nuc7i7bnkq_firmwarenuc_enthusiast_nuc7i3bnhx1_firmwarenuc_rugged_kit_nuc8cchb_firmwarenuc_board_nuc7i7bnkqnuc_board_nuc7i7bnh_firmwarenuc_mini_pc_nuc7i3bnb_firmwarenuc_board_nuc7i5bnhx1nuc_kit_nuc7i7bnkq_firmwarenuc_mini_pc_nuc7i7bnhx1_firmwarenuc_board_nuc7i5bnhxf_firmwarenuc_board_nuc7i5bnb_firmwarenuc_mini_pc_nuc7i3bnhxfnuc_enthusiast_nuc7i7bnhnuc_rugged_kit_nuc8cchkrn_firmwarenuc_mini_pc_nuc7i5bnb_firmwarenuc_mini_pc_nuc7i5bnk_firmwarenuc_mini_pc_nuc7i3bnknuc_board_nuc7i5bnknuc_kit_nuc7i5bnb_firmwarenuc_kit_nuc7i3bnhnuc_board_nuc7i7bnbIntel(R) NUC BIOS firmwarebios
CWE ID-CWE-20
Improper Input Validation
CVE-2024-32859
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.04% / 14.04%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 12:39
Updated-19 Sep, 2024 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_x15_r2_firmwarealienware_aurora_r13_firmwarealienware_x17_r2alienware_x17_r1alienware_m17_r4_firmwarealienware_x15_r2alienware_m17_r3alienware_aurora_r15_amd_firmwarealienware_area_51m_r2_firmwarealienware_aurora_ryzen_edition_r14_firmwarexps_8960xps_8950alienware_x15_r1_firmwarealienware_x15_r1xps_8960_firmwarealienware_aurora_ryzen_edition_r14inspiron_3502_firmwarealienware_aurora_r13inspiron_15_3521_firmwareinspiron_15_3510alienware_m17_r4alienware_aurora_r12_firmwarealienware_area_51m_r2xps_8950_firmwarealienware_x17_r1_firmwarealienware_aurora_r10alienware_x14_firmwarealienware_m15_r3_firmwarealienware_aurora_r10_firmwarealienware_m17_r3_firmwarealienware_x17_r2_firmwarealienware_m15_r4alienware_x14inspiron_3502inspiron_15_3521alienware_m15_r3alienware_aurora_r15_amdalienware_aurora_r11_firmwarealienware_aurora_r11alienware_aurora_r15aurora_r16alienware_aurora_r12inspiron_15_3510_firmwarealienware_aurora_r15_firmwareaurora_r16_firmwareCPG BIOSalienware_aurora_r11_firmwarealienware_aurora_r13_firmwarealienware_aurora_r12_firmwarexps_8950_firmwarexps_8960_firmwarealienware_aurora_r15_amd_firmwareinspiron_3502_firmwarealienware_aurora_r15_firmwarealienware_aurora_r14_ryzen_edition_firmwarealienware_aurora_r16_firmwarealienware_aurora_r10_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2025-27493
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.3||CRITICAL
EPSS-0.09% / 25.00%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 09:48
Updated-22 Aug, 2025 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize user input for specific commands on the telnet command line interface. This could allow an authenticated local administrator to escalate privileges by injecting arbitrary commands that are executed with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-sipass_integrated_ac5102_\(acc-g2\)_firmwaresipass_integrated_acc-ap_firmwaresipass_integrated_acc-apsipass_integrated_ac5102_\(acc-g2\)SiPass integrated ACC-APSiPass integrated AC5102 (ACC-G2)
CWE ID-CWE-20
Improper Input Validation
CVE-2025-25210
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.1||HIGH
EPSS-0.03% / 7.90%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:25
Updated-11 Feb, 2026 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Server Firmware Update Utility(SysFwUpdt) before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Server Firmware Update Utility(SysFwUpdt)
CWE ID-CWE-20
Improper Input Validation
CVE-2024-0126
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-8.2||HIGH
EPSS-0.06% / 20.03%
||
7 Day CHG~0.00%
Published-26 Oct, 2024 | 08:01
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability which could allow a privileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Action-Not Available
Vendor-NVIDIA Corporation
Product-GPU, vGPU, and Cloud Gamingcloud_gaming_virtual_gpuvirtual_gpu_managergpu_display_driver
CWE ID-CWE-20
Improper Input Validation
CVE-2023-43758
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.7||HIGH
EPSS-0.02% / 6.38%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 21:19
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in UEFI firmware for some Intel(R) processors may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/a
Product-Intel(R) processors
CWE ID-CWE-20
Improper Input Validation
CVE-2023-39191
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.2||HIGH
EPSS-0.02% / 3.62%
||
7 Day CHG~0.00%
Published-04 Oct, 2023 | 18:03
Updated-06 Nov, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: ebpf: insufficient stack type checks in dynptr

An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the context of the kernel.

Action-Not Available
Vendor-Linux Kernel Organization, IncFedora ProjectRed Hat, Inc.
Product-fedoralinux_kernelenterprise_linuxRed Hat Enterprise Linux 9Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 7
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • Next
Details not found