Filtered by vendor
Subscriptions
Total
12496 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-1466 | 2024-11-18 | 5.4 Medium | ||
A vulnerability in the vDaemon service of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to cause a buffer overflow on an affected system, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete bounds checks for data that is provided to the vDaemon service of an affected system. An attacker could exploit this vulnerability by sending malicious data to the vDaemon listening service on the affected system. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected system, which could allow the attacker to cause the vDaemon listening service to reload and result in a DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. | ||||
CVE-2021-34752 | 1 Cisco | 1 Firepower Threat Defense Software | 2024-11-18 | 6.7 Medium |
A vulnerability in the CLI of Cisco FTD Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands with root privileges on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input to the affected commands. A successful exploit could allow the attacker to execute commands with root privileges on the underlying operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. | ||||
CVE-2024-0793 | 1 Redhat | 1 Openshift | 2024-11-18 | 7.7 High |
A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn. | ||||
CVE-2021-1465 | 2024-11-18 | 4.3 Medium | ||
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a directory traversal attack and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to write arbitrary files on the affected system. | ||||
CVE-2021-1462 | 2024-11-18 | N/A | ||
A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to elevate privileges on an affected system. To exploit this vulnerability, an attacker would need to have a valid Administrator account on an affected system. The vulnerability is due to incorrect privilege assignment. An attacker could exploit this vulnerability by logging in to an affected system with an Administrator account and creating a malicious file, which the system would parse at a later time. A successful exploit could allow the attacker to obtain root privileges on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. | ||||
CVE-2024-33031 | 1 Qualcomm | 32 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 29 more | 2024-11-16 | 6.7 Medium |
Memory corruption while processing the update SIM PB records request. | ||||
CVE-2024-23386 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2024-11-16 | 6.7 Medium |
memory corruption when WiFi display APIs are invoked with large random inputs. | ||||
CVE-2024-8755 | 1 Kemptechnologies | 1 Loadmaster | 2024-11-16 | 8.4 High |
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.This issue affects: Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 (inclusive) From 7.2.49.0 to 7.2.54.12 (inclusive) 7.2.48.12 and all prior versions Multi-Tenant Hypervisor 7.1.35.12 and all prior versions ECS All prior versions to 7.2.60.1 (inclusive) | ||||
CVE-2024-21949 | 1 Amd | 1 Ryzen Ai Software | 2024-11-15 | 5.5 Medium |
Improper validation of user input in the NPU driver could allow an attacker to provide a buffer with unexpected size, potentially leading to system crash. | ||||
CVE-2024-21974 | 1 Amd | 1 Ryzen Ai Software | 2024-11-15 | 8.8 High |
Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. | ||||
CVE-2024-21975 | 1 Amd | 1 Ryzen Ai Software | 2024-11-15 | 8.8 High |
Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. | ||||
CVE-2024-36282 | 1 Intel | 1 Server Board S2600st Firmware | 2024-11-15 | 8.2 High |
Improper input validation in the Intel(R) Server Board S2600ST Family BIOS and Firmware Update software all versions may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
CVE-2024-36284 | 1 Intel | 1 Neural Compressor Software | 2024-11-15 | 5.5 Medium |
Improper input validation in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. | ||||
CVE-2024-32048 | 2024-11-15 | 6.5 Medium | ||
Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Model Server software before version 2024.0 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||||
CVE-2024-32485 | 1 Intel | 1 Vroc Software | 2024-11-15 | 3.9 Low |
Improper Input Validation in some Intel(R) VROC software before version 8.6.0.2003 may allow an authenticated user to potentially enable denial of service via local access. | ||||
CVE-2024-28028 | 1 Intel | 1 Neural Compressor Software | 2024-11-15 | 7.5 High |
Improper input validation in some Intel(R) Neural Compressor software before version v3.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | ||||
CVE-2024-28049 | 2024-11-15 | 5.7 Medium | ||
Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi wireless products before version 23.40 may allow an unauthenticated user to enable denial of service via adjacent access. | ||||
CVE-2024-39811 | 1 Intel | 1 M20ntp Firmware | 2024-11-15 | 6.3 Medium |
Improper input validation in firmware for some Intel(R) Server M20NTP Family UEFI may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
CVE-2024-37027 | 2024-11-15 | 6.1 Medium | ||
Improper Input validation in some Intel(R) VTune(TM) Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable denial of service via local access. | ||||
CVE-2024-24984 | 2024-11-15 | 6.5 Medium | ||
Improper input validation for some Intel(R) Wireless Bluetooth(R) products for Windows before version 23.40 may allow an unauthenticated user to potentially enable denial of service via adjacent access. |