Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-9195

Summary
Assigner-Solidigm
Assigner Org ID-f946a70c-00eb-42ce-8e9b-634d1f7b5a6f
Published At-28 Aug, 2025 | 18:01
Updated At-28 Aug, 2025 | 18:32
Rejected At-
Credits

Improper input validation in firmware of some Solidigm DC Products may allow an attacker with local access to cause a Denial of Service

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Solidigm
Assigner Org ID:f946a70c-00eb-42ce-8e9b-634d1f7b5a6f
Published At:28 Aug, 2025 | 18:01
Updated At:28 Aug, 2025 | 18:32
Rejected At:
▼CVE Numbering Authority (CNA)

Improper input validation in firmware of some Solidigm DC Products may allow an attacker with local access to cause a Denial of Service

Affected Products
Vendor
Solidigm
Product
D7-PS1010/D7-PS1030
Default Status
unaffected
Versions
Affected
  • G75YG100 / G75YG150 (PRQ3 CPC)
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20 Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.14.4MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 4.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-113CAPEC-113 Interface Manipulation
CAPEC ID: CAPEC-113
Description: CAPEC-113 Interface Manipulation
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.solidigm.com/support-page/support-security.html
N/A
Hyperlink: https://www.solidigm.com/support-page/support-security.html
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:f946a70c-00eb-42ce-8e9b-634d1f7b5a6f
Published At:28 Aug, 2025 | 18:15
Updated At:28 Aug, 2025 | 18:15

Improper input validation in firmware of some Solidigm DC Products may allow an attacker with local access to cause a Denial of Service

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.14.4MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 4.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-20Secondaryf946a70c-00eb-42ce-8e9b-634d1f7b5a6f
CWE ID: CWE-20
Type: Secondary
Source: f946a70c-00eb-42ce-8e9b-634d1f7b5a6f
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.solidigm.com/support-page/support-security.htmlf946a70c-00eb-42ce-8e9b-634d1f7b5a6f
N/A
Hyperlink: https://www.solidigm.com/support-page/support-security.html
Source: f946a70c-00eb-42ce-8e9b-634d1f7b5a6f
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

24Records found
CVE-2024-47974
Matching Score-8
Assigner-Solidigm
ShareView Details
Matching Score-8
Assigner-Solidigm
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 5.00%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 20:50
Updated-11 Dec, 2024 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition during resource shutdown in some Solidigm DC Products may allow an attacker to potentially enable denial of service.

Action-Not Available
Vendor-Solidigm
Product-D7-P5620D7-P5500D7-P5520D7-P5600D7-P5510
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2024-47967
Matching Score-8
Assigner-Solidigm
ShareView Details
Matching Score-8
Assigner-Solidigm
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 9.49%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 21:06
Updated-11 Dec, 2024 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper resource initialization handling in firmware of some Solidigm DC Products may allow an attacker to potentially enable denial of service.

Action-Not Available
Vendor-Solidigm
Product-D7-P5620D7-P5500D7-P5520D7-P5600D7-P5510
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2020-24496
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.06% / 17.09%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:42
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the firmware for Intel(R) 722 Ethernet Controllers before version 1.4.3 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_adapter_x722-da2_firmwareethernet_network_adapter_x722-da4_firmwareethernet_network_adapter_x722-da2ethernet_network_adapter_x722-da4Intel(R) 722 Ethernet Controllers
CWE ID-CWE-20
Improper Input Validation
CVE-2020-24505
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.06% / 17.09%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:42
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the firmware for the Intel(R) 700-series of Ethernet Controllers before version 7.3 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_adapter_x710-da2_for_ocp_3.0ethernet_network_adapter_x710-t4ethernet_network_adapter_xl710-qda1ethernet_network_adapter_xxv710-da2tethernet_network_adapter_xl710-qda2_for_open_compute_projectethernet_network_adapter_xl710-bm1ethernet_network_adapter_x710-am2ethernet_network_adapter_x710-t2lethernet_network_adapter_xxv710-da1_for_ocpethernet_network_adapter_x722-da2ethernet_network_adapter_xxv710-am2ethernet_network_adapter_v710-at2ethernet_network_adapter_x710-tm4ethernet_network_adapter_xxv710-dax_for_ocpethernet_network_adapter_x722-da4ethernet_network_adapter_x710-da4_for_ocp_3.0ethernet_network_adapter_x710-da2ethernet_network_adapter_x710-da2_for_ocpethernet_network_adapter_x710-da4ethernet_network_adapter_x710-bm2ethernet_network_adapter_xl710-am1ethernet_network_adapter_xxv710-da1ethernet_network_adapter_x710-t2l_for_ocp_3.0ethernet_network_adapter_xl710-am2ethernet_network_adapter_xl710-qda1_for_open_compute_projectethernet_network_adapter_xxv710-da2ethernet_network_adapter_x710-t4lethernet_network_adapter_700_firmwareethernet_network_adapter_x710-at2ethernet_network_adapter_xlk710-qda2ethernet_network_adapter_xxv710-am1ethernet_network_adapter_xl710-bm2ethernet_network_adapter_x710-t4l_for_ocp_3.0Intel(R) 700-series of Ethernet Controllers
CWE ID-CWE-20
Improper Input Validation
CVE-2023-25520
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 3.99%
||
7 Day CHG~0.00%
Published-23 Jun, 2023 | 17:23
Updated-07 Nov, 2024 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service.

Action-Not Available
Vendor-NVIDIA Corporation
Product-jetson_agx_xavierjetson_tx2_nxjetson_tx2jetson_linuxjetson_xavier_nxJetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX
CWE ID-CWE-20
Improper Input Validation
CVE-2023-20560
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 3.72%
||
7 Day CHG~0.00%
Published-15 Aug, 2023 | 21:08
Updated-08 Oct, 2024 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.Microsoft Corporation
Product-ryzen_master_monitoring_sdkwindows_11ryzen_masterwindows_10Ryzen™ Master
CWE ID-CWE-20
Improper Input Validation
CVE-2022-47353
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.61%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 01:16
Updated-27 Oct, 2024 | 22:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vdsp device, there is a possible system crash due to improper input validation.This could lead to local denial of service with System execution privileges needed

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t820t770t610androids8000t760t618T610/T618/T760/T770/T820/S8000
CWE ID-CWE-20
Improper Input Validation
CVE-2016-7907
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.11% / 30.33%
||
7 Day CHG~0.00%
Published-05 Oct, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-22390
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-01 Aug, 2024 | 22:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) FPGA products before version 2.9.1 may allow denial of service.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) FPGA productsagilex_7_fpga_f-series_023_firmwareagilex_7_fpga_f-series_006_firmwareagilex_7_fpga_f-series_008_firmwareagilex_7_fpga_f-series_019_firmwareagilex_7_fpga_i-series_023_firmwareagilex_7_fpga_i-series_022_firmwareagilex_7_fpga_i-series_019_firmwareagilex_7_fpga_i-series_035_firmwareagilex_7_fpga_i-series_040_firmwareagilex_7_fpga_f-series_022_firmwareagilex_7_fpga_i-series_041_firmwareagilex_7_fpga_f-series_012_firmwareagilex_7_fpga_f-series_027_firmwareagilex_7_fpga_i-series_027_firmwareagilex_7_fpga_f-series_014_firmwareagilex_7_fpga_m-series_039_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2021-3786
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.11% / 29.52%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 22:05
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkpad_t14sthinkpad_x13_yoga_gen_1thinkpad_l460_firmwarethinkpad_p17_gen_1thinkpad_11e_4th_gen_firmwarethinkpad_e490thinkpad_x1_fold_gen_1thinkpad_p51sthinkpad_p53thinkpad_x1_carbon_3rd_genthinkpad_p72_firmwarethinkpad_x12_detachable_gen_1_firmwarethinkpad_l590thinkpad_l460thinkpad_p52thinkpad_l13_yoga_gen_2_firmwarethinkpad_p70thinkpad_13_gen_2thinkpad_e470_firmwarethinkpad_x1_carbon_gen_8thinkpad_t460pthinkpad_p1thinkpad_e15_firmwarethinkpad_x1_tablet_firmwarethinkpad_t14s_firmwarethinkpad_l380_yoga_firmwarethinkpad_x280thinkpad_x390thinkpad_s540thinkpad_t15g_gen_1thinkpad_l470_firmwareideapad_yoga_s940-14iwlthinkpad_x1_carbon_3rd_gen_firmwarethinkpad_t490_firmwarethinkpad_l380_firmwarethinkpad_t15_firmwarethinkpad_t560_firmwarethinkpad_t580thinkpad_l390_yogathinkpad_t15p_gen_1_firmwarethinkpad_s5_2nd_gen_firmwarethinkpad_x1_carbon_gen_6_firmwarethinkpad_t570_firmwarethinkpad_yoga_11e_5th_genthinkpad_x1_carbon_5th_gen_kabylakethinkpad_t15p_gen_1thinkpad_x1_extreme_gen_3thinkpad_l570_firmwarethinkpad_x380_yoga_firmwarev330-15iskthinkpad_l13_yogathinkpad_11e_yoga_gen_6_firmwarethinkpad_s540_firmwarethinkpad_x1_yoga_4th_genthinkpad_t15g_gen_1_firmwarethinkpad_p52_firmwarethinkpad_x1_carbon_gen_6thinkpad_t580_firmwarethinkpad_e15v130-15igm_firmwarethinkpad_e15_gen_3_firmwarethinkpad_e14_gen_3_firmwarethinkpad_t460sthinkpad_11e_3rd_genthinkpad_x390_yogathinkpad_e570thinkpad_x1_carbon_gen_8_firmwarethinkpad_s5_2nd_genthinkpad_p14s_gen_1thinkpad_x1_yoga_3rd_gen_firmwarethinkpad_x1_extreme_firmwarethinkpad_11e_4th_genthinkpad_x13_gen_1_firmwarethinkpad_25_firmwarethinkpad_yoga_11e_5th_gen_firmwarethinkpad_e580thinkpad_p1_gen_3thinkpad_l13_gen_2thinkpad_x1_tablet_gen_3_firmwarethinkpad_p71thinkpad_x1_titanium_firmwarethinkpad_10_firmwarethinkpad_t14s_gen_2_firmwarethinkpad_e480_firmwarethinkpad_p51s_firmwarethinkpad_x250thinkpad_x1_carbon_gen_7ideapad_s940-14iwlthinkpad_t460_firmwarethinkpad_t460s_firmwarethinkpad_p15s_gen_2_firmwarethinkpad_x270_firmwarethinkpad_x1_carbon_5th_gen_skylake_firmwarethinkpad_s2_yoga_gen_6_firmwarethinkpad_x12_detachable_gen_1thinkpad_p1_gen_3_firmwarethinkpad_helix_firmwarethinkpad_l490thinkpad_t480s_firmwarethinkpad_p71_firmwarethinkpad_x1_carbon_5th_gen_skylakethinkpad_x1_tablet_gen_3thinkpad_l590_firmwarethinkpad_e15_gen_2_firmwarethinkpad_e15_gen_2thinkpad_l15thinkpad_t15_gen_2thinkpad_x1_titaniumthinkpad_l560_firmwarethinkpad_x260thinkpad_x1_nano_gen_1_firmwarethinkpad_11e_3rd_gen_firmwarethinkpad_p14s_gen_2thinkpad_e15_gen_3thinkpad_x250_firmwarethinkpad_p15v_gen_1_firmwarethinkpad_p53s_firmwarethinkpad_p15_gen_1v130-15igmthinkpad_x1_extreme_2ndthinkpad_t470_firmwarethinkpad_p52sthinkpad_13_gen_2_firmwarethinkpad_l13_yoga_firmwarethinkpad_t480_firmwarethinkpad_p50_firmwarethinkpad_25thinkpad_e580_firmwarethinkpad_x260_firmwarethinkpad_e590_firmwarethinkpad_t570thinkpad_l560thinkpad_t490thinkpad_x280_firmwarethinkpad_x1_yoga_1st_gen_firmwarethinkpad_t590thinkpad_t550thinkpad_p73_firmwarethinkpad_x1_tabletthinkpad_x1_carbon_5th_gen_kabylake_firmwarethinkpad_w550sthinkpad_l480thinkpad_x1_carbon_gen_7_firmwarethinkpad_t460thinkpad_x390_firmwarethinkpad_l390_yoga_firmwarethinkpad_s2_yoga_gen_6thinkpad_x270thinkpad_x1_yoga_gen_5_firmwarethinkpad_l580_firmwarethinkpad_t14_gen_2_firmwarethinkpad_e14_gen_2thinkpad_10ideapad_s940-14iwl_firmwarethinkpad_p50s_firmwarethinkpad_yoga_370thinkpad_p15s_gen_1_firmwarethinkpad_x13_yoga_gen_1_firmwarethinkpad_t440p_firmwarethinkpad_l470thinkpad_e570_firmwarethinkpad_t440pthinkpad_yoga_15thinkpad_l15_gen_2thinkpad_x390_yoga_firmwarethinkpad_p15v_gen_1thinkpad_l380thinkpad_t590_firmwarethinkpad_yoga_11e_4th_gen_firmwarethinkpad_x1_extremethinkpad_l490_firmwarethinkpad_yoga_11e_3rd_gen_firmwarethinkpad_x1_tablet_gen_2_firmwarethinkpad_p1_gen_2_firmwarethinkpad_t460p_firmwarethinkpad_l13_firmwarethinkpad_p52s_firmwarethinkpad_x13_gen_2thinkpad_l15_gen_2_firmwarethinkpad_x1_carbon_4th_gen_firmwarethinkpad_t550_firmwarethinkpad_l13_gen_2_firmwarethinkpad_e590thinkpad_x1_yoga_3rd_genthinkpad_e14_gen_3thinkpad_x13_gen_1thinkpad_s2_gen_6thinkpad_x1_nano_gen_1thinkpad_p1_firmwarethinkpad_t15thinkpad_p15_gen_1_firmwarethinkpad_p14s_gen_2_firmwarethinkpad_p15s_gen_1v330-15ikb_firmwarethinkpad_t14s_gen_2thinkpad_x1_yoga_gen_5thinkpad_x380_yogathinkpad_l480_firmwarethinkpad_p53sthinkpad_t480sthinkpad_x13_yoga_gen_2thinkpad_x1_extreme_2nd_firmwarethinkpad_p51_firmwarethinkpad_e14ideapad_yoga_s940-14iwl_firmwarethinkpad_l13_yoga_gen_2thinkpad_l570thinkpad_x1_yoga_4th_gen_firmwarethinkpad_p43sthinkpad_l390_firmwarethinkpad_t490s_firmwarethinkpad_l14_firmwarethinkpad_t14_gen_2thinkpad_x1_extreme_gen_3_firmwarethinkpad_t470s_firmwarethinkpad_p14s_gen_1_firmwarethinkpad_l580thinkpad_p50thinkpad_x1_tablet_gen_2v330-15ikbthinkpad_s2_gen_6_firmwarethinkpad_x13_yoga_gen_2_firmwarethinkpad_p1_gen_2thinkpad_t470p_firmwarethinkpad_11e_yoga_gen_6thinkpad_x13_gen_2_firmwarethinkpad_e490_firmwarethinkpad_p70_firmwarethinkpad_t560thinkpad_e14_gen_2_firmwarethinkpad_t470thinkpad_x1_carbon_4th_genthinkpad_p17_gen_1_firmwarethinkpad_yoga_11e_3rd_genthinkpad_l390thinkpad_t15_gen_2_firmwarethinkpad_p53_firmwarethinkpad_p50sthinkpad_x1_yoga_1st_genv330-15isk_firmwarethinkpad_l15_firmwarethinkpad_e480thinkpad_yoga_260thinkpad_p51thinkpad_l380_yogathinkpad_x1_fold_gen_1_firmwarethinkpad_l14thinkpad_l13thinkpad_t490sthinkpad_p73thinkpad_e470thinkpad_yoga_11e_4th_genthinkpad_yoga_15_firmwarethinkpad_t470sthinkpad_p72thinkpad_t14_gen_1thinkpad_yoga_260_firmwarethinkpad_t470pthinkpad_helixthinkpad_t14_gen_1_firmwarethinkpad_w550s_firmwarethinkpad_e14_firmwarethinkpad_yoga_370_firmwarethinkpad_p15s_gen_2thinkpad_t480thinkpad_p43s_firmwareNotebook and ThinkPad BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0176
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.13% / 33.80%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset_ac_3165amt_wi-fi_6_ax201proset_ac_9462amt_ac_9560_firmwareproset_ac_8265killer_wi-fi_6_ax1650amt_wi-fi_6_ax201_firmwareproset_ac_3165_firmwareamt_ac_8265_firmwareproset_ac_8260proset_ac_9461_firmwareproset_wi-fi_6_ax201_firmwareproset_wi-fi_6e_ax210proset_wireless_7265_\(rev_d\)_firmwareamt_wi-fi_6_ax210_firmwareproset_wi-fi_6_ax200_firmwarekiller_wi-fi_6_ax1650_firmwareproset_wi-fi_6_ax200proset_ac_9461proset_ac_8260_firmwareamt_wi-fi_6_ax200amt_wi-fi_6_ax210amt_ac_8260_firmwareamt_ac_8260killer_ac_1550_firmwareamt_ac_9260_firmwareproset_ac_8265_firmwareproset_wireless_7265_\(rev_d\)proset_ac_9462_firmwareproset_wi-fi_6_ax201killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwareproset_ac_9260killer_wi-fi_6e_ax1675proset_ac_9560amt_wi-fi_6_ax200_firmwareamt_ac_9260proset_ac_9260_firmwareamt_ac_8265amt_ac_9560proset_ac_9560_firmwarekiller_ac_1550proset_ac_3168proset_ac_3168_firmwareIntel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0051
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 14.51%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:02
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) SPS versions before SPS_E5_04.04.04.023.0, SPS_E5_04.04.03.228.0 or SPS_SoC-A_05.00.03.098.0 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-c629c624ac621c627atom_p5931bserver_platform_servicesatom_p5962bc626c624atom_p5942bc627ac629ac622c625atom_p5921bc628Intel(R) SPS versions
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0165
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.13% / 33.80%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwareIntel(R) CSME
CWE ID-CWE-20
Improper Input Validation
CVE-2022-24925
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 14.46%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 17:40
Updated-03 Aug, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation vulnerability in SettingsProvider prior to Android S(12) allows privileged attackers to trigger a permanent denial of service attack on a victim's devices.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2025-54636
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.68%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 02:32
Updated-11 Aug, 2025 | 15:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Issue of buffer overflow caused by insufficient data verification in the kernel drop detection module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosEMUIHarmonyOS
CWE ID-CWE-20
Improper Input Validation
CVE-2023-39411
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-5||MEDIUM
EPSS-0.05% / 14.59%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validationation for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel CorporationApple Inc.Google LLCMicrosoft Corporation
Product-androidwindowsunison_softwareiphone_osIntel Unison software
CWE ID-CWE-20
Improper Input Validation
CVE-2023-38719
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.01% / 0.42%
||
7 Day CHG~0.00%
Published-16 Oct, 2023 | 23:05
Updated-13 Feb, 2025 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Db2 denial of service

IBM Db2 11.5 could allow a local user with special privileges to cause a denial of service during database deactivation on DPF. IBM X-Force ID: 261607.

Action-Not Available
Vendor-opengroupLinux Kernel Organization, IncMicrosoft CorporationIBM Corporation
Product-windowsunixdb2linux_kernelDb2 for Linux, UNIX and Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2023-34424
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 24.13%
||
7 Day CHG-0.02%
Published-14 Aug, 2024 | 13:45
Updated-14 Aug, 2024 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) CSME may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/a
Product-Intel(R) CSME
CWE ID-CWE-20
Improper Input Validation
CVE-2024-51741
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.07% / 22.39%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 21:20
Updated-06 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Redis allows denial-of-service due to malformed ACL selectors

Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem is fixed in Redis 7.2.7 and 7.4.2.

Action-Not Available
Vendor-Redis Inc.
Product-redis
CWE ID-CWE-20
Improper Input Validation
CVE-2022-38102
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.2||HIGH
EPSS-0.01% / 1.63%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:36
Updated-13 Feb, 2025 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-celeron_n3010atom_x6212receleron_j1750atom_x6211eceleron_n2840atom_x6214repentium_j6426celeron_n2808pentium_j2850celeron_j4025celeron_n2910pentium_j4205celeron_n2930h570pentium_n3510celeron_j6413c256celeron_n3350hm570celeron_n3050celeron_j1850celeron_n6210pentium_n3700w680celeron_n2920atom_x6413eceleron_n3000celeron_n2807pentium_n3520atom_x6425eceleron_n2815pentium_j3710pentium_j2900q570qm580celeron_j3060h510c252q670eceleron_n3160celeron_n6211converged_security_management_engine_firmwareceleron_n2940h670rm590eceleron_n5105pentium_n3530celeron_j3455pentium_n3540z690celeron_n4000celeron_j3455eceleron_n2830pentium_n4200eceleron_n4500atom_x6425receleron_n2820wm690pentium_n6415atom_x6427feceleron_n3450qm580eceleron_n5100h610celeron_n4020celeron_j4105pentium_n3710celeron_j3160celeron_j6412celeron_n3150b560celeron_n2810celeron_n4100celeron_j1800atom_x6200feceleron_n2805atom_x6416receleron_n2806celeron_j1900celeron_n3060z590r680eq670celeron_n4505h610ewm590celeron_j4005b660hm670celeron_j3355pentium_n4200celeron_n4120celeron_n3350ew580celeron_j3355eatom_x6414receleron_j4125hm570eIntel(R) Converged Security and Management Engine
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0350
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.67%
||
7 Day CHG~0.00%
Published-04 Feb, 2021 | 17:10
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ged, there is a possible system crash due to an improper input validation. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID: ALPS05342338.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0199
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 12.16%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:17
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the firmware for the Intel(R) Ethernet Network Controller E810 before version 1.6.0.6 may allow a privileged user to potentially enable a denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_controller_e810-cam1_firmwareethernet_network_controller_e810-cam1ethernet_network_controller_e810-cam2_firmwareethernet_network_controller_e810-xxvam2ethernet_network_controller_e810-cam2ethernet_network_controller_e810-xxvam2_firmwareIntel(R) Ethernet Network Controller E810
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0083
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 14.51%
||
7 Day CHG~0.00%
Published-11 Aug, 2021 | 12:47
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) Optane(TM) PMem versions before versions 1.2.0.5446 or 2.2.0.1547 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_gold_6246rxeon_platinum_8276lxeon_platinum_8358xeon_w-2223xeon_platinum_9222xeon_gold_5315yxeon_w-11865mrexeon_w-3245mxeon_gold_5217xeon_gold_6230txeon_platinum_8362xeon_gold_6230nxeon_w-3225xeon_platinum_8354hxeon_w-3265xeon_gold_5218nxeon_w-3245xeon_gold_6338xeon_w-1370xeon_w-2125xeon_silver_4309yxeon_platinum_8352yxeon_platinum_8368xeon_gold_5220xeon_gold_6246xeon_w-2295xeon_silver_4214rxeon_gold_6326xeon_gold_6254xeon_silver_4310txeon_gold_6240yxeon_gold_6234optane_persistent_memory_firmwarexeon_platinum_8380xeon_gold_6238rxeon_silver_4316xeon_platinum_8351nxeon_w-1250xeon_w-1250texeon_w-2255xeon_gold_6208uxeon_w-11555mlexeon_platinum_8268xeon_gold_5215xeon_platinum_8352vxeon_gold_6336yxeon_w-1290exeon_gold_6262vxeon_gold_5222xeon_w-3275xeon_w-1390txeon_gold_5218xeon_w-1270xeon_silver_4209txeon_w-1270exeon_platinum_8380hxeon_gold_5215lxeon_platinum_8360hlxeon_silver_4215rxeon_gold_6252nxeon_platinum_9221xeon_w-2245xeon_platinum_8376hxeon_gold_6244xeon_gold_6330xeon_silver_4210txeon_gold_6248xeon_gold_6212uxeon_w-1270texeon_w-1370pxeon_gold_6314uxeon_platinum_8280xeon_gold_6248rxeon_w-11155mrexeon_w-3335xeon_gold_6354xeon_gold_6258rxeon_w-1290txeon_gold_6240xeon_gold_6238lxeon_platinum_8352mxeon_gold_6240lxeon_gold_6250xeon_platinum_8353hxeon_w-11865mlexeon_platinum_8256xeon_gold_6348hxeon_w-2155xeon_w-11855mxeon_gold_6330hxeon_w-1290pxeon_w-3265mxeon_w-2135xeon_gold_6222vxeon_gold_5318hxeon_w-11155mlexeon_platinum_8376hlxeon_gold_6242xeon_w-2265xeon_gold_5320hxeon_w-2145xeon_gold_5320xeon_platinum_8360yxeon_platinum_8274xeon_w-10855mxeon_platinum_8260yxeon_platinum_8270xeon_gold_6242rxeon_gold_6338txeon_gold_6346xeon_gold_5218txeon_silver_4215xeon_w-2235xeon_w-11555mrexeon_gold_5220rxeon_w-11955mxeon_gold_5318sxeon_gold_6338nxeon_silver_4214xeon_platinum_8276xeon_platinum_8360hxeon_w-1390pxeon_gold_6238txeon_w-1270pxeon_silver_4210rxeon_gold_6250lxeon_silver_4214yxeon_gold_6210uxeon_gold_6348xeon_gold_6330nxeon_gold_5218bxeon_w-1350xeon_platinum_8380hlxeon_gold_5318nxeon_platinum_8358pxeon_w-1250exeon_w-1290xeon_w-3345xeon_w-3375xeon_platinum_8368qxeon_silver_4216xeon_gold_6230xeon_platinum_8253xeon_gold_6240rxeon_w-10885mxeon_w-2195xeon_silver_4310xeon_w-1390xeon_w-3365xeon_gold_5317xeon_gold_6334xeon_w-2275xeon_w-1290texeon_platinum_8356hxeon_gold_6209uxeon_w-3223xeon_gold_6226xeon_gold_6256xeon_w-1350pxeon_gold_6342xeon_w-3323xeon_gold_6230rxeon_w-3175xxeon_gold_6238xeon_gold_6252xeon_w-1250pxeon_w-3235xeon_gold_5320txeon_silver_4208xeon_platinum_8260xeon_platinum_8352sxeon_gold_5318yxeon_gold_5218rxeon_bronze_3206rxeon_gold_6226rxeon_w-2225xeon_gold_6312uxeon_gold_6328hxeon_w-2123xeon_gold_5220sxeon_w-2133xeon_w-3275mxeon_platinum_9242xeon_platinum_9282xeon_platinum_8260lxeon_platinum_8280lxeon_bronze_3204xeon_gold_6328hlxeon_silver_4314xeon_w-2175xeon_gold_5220txeon_silver_4210Intel(R) Optane(TM) PMem versions
CWE ID-CWE-20
Improper Input Validation
CVE-2024-31227
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 14.08%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 19:51
Updated-26 Aug, 2025 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial-of-service due to malformed ACL selectors in Redis

Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem exists in Redis 7 prior to versions 7.2.6 and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Action-Not Available
Vendor-Redis Inc.
Product-redisredis
CWE ID-CWE-20
Improper Input Validation
Details not found