R Security Vulnerabilities
A valid XCC user's local account permissions overrides their active directory permissions under specific configurations. This could lead to a privilege escalation. To be vulnerable, LDAP must be configured for authentication/authorization and logins configured as “Local First, then...
8.8CVSS
8.3AI Score
0.001EPSS
A valid, authenticated XCC user with read-only permissions can modify custom user roles on other user accounts and the user trespass message through the XCC CLI. There is no exposure if SSH is disabled or if there are no users assigned optional read-only...
6.5CVSS
6.4AI Score
0.0005EPSS
Improper Authentication vulnerability in B&R Industrial Automation B&R VC4 (VNC-Server modules). This vulnerability may allow an unauthenticated network-based attacker to bypass the authentication mechanism of the VC4 visualization on affected devices. The impact of this vulnerability depends on...
9.8CVSS
9.6AI Score
0.002EPSS
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ABB Flow-X firmware on Flow-X embedded hardware (web service modules) allows Footprinting.This issue affects Flow-X: before...
5.3CVSS
5.2AI Score
0.02EPSS
A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit...
7.8CVSS
7.8AI Score
0.0004EPSS
A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on.....
6.8CVSS
5.9AI Score
0.002EPSS
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker...
6.5CVSS
6.5AI Score
0.001EPSS
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP server or Web...
7.5CVSS
7.5AI Score
0.003EPSS
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An...
7.8CVSS
7.8AI Score
0.0004EPSS
Improper access control in some QATzip software maintained by Intel(R) before version 1.0.9 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.5AI Score
0.0004EPSS
Improper neutralization in the Intel(R) EMA software before version 1.8.1.0 may allow a privileged user to potentially enable escalation of privilege via network...
5.3CVSS
5.6AI Score
0.0004EPSS
Protection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.1 may allow an authenticated user to potentially enable denial of service via local...
5.5CVSS
5.3AI Score
0.0004EPSS
Uncontrolled search path in some Intel(R) QAT drivers for Windows before version 1.6 may allow an authenticated user to potentially enable escalation of privilege via local...
7.3CVSS
7.3AI Score
0.0004EPSS
Protection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable denial of service via local...
5.5CVSS
5.2AI Score
0.0004EPSS
Protection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.13 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
NULL pointer dereference in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable denial of service via local...
5.5CVSS
5.3AI Score
0.0004EPSS
Incorrect default permissions in the software installer for some Intel(R) QAT drivers for Linux before version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local...
6CVSS
4.2AI Score
0.0004EPSS
Out-of-bounds write in firmware for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 1.7.0.8 and some Intel(R) Ethernet 700 Series Controllers and Adapters before version 9.101 may allow a privileged user to potentially enable denial of service via local...
6CVSS
4.5AI Score
0.0004EPSS
Insufficiently protected credentials in the Intel(R) ON Event Series Android application before version 2.0 may allow an authenticated user to potentially enable information disclosure via local...
5.5CVSS
5AI Score
0.0004EPSS
Uncontrolled search path in some Intel(R) Network Adapter installer software may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.9AI Score
0.0004EPSS
Improper buffer restrictions in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.8AI Score
0.0004EPSS
Out-of-bounds write in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.8AI Score
0.0004EPSS
Out-of-bounds read in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.6AI Score
0.0004EPSS
Improper conditions check in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable denial of service via network...
7.5CVSS
7.4AI Score
0.001EPSS
Incorrect calculation in microcode keying mechanism for some 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable information disclosure via local...
6.1CVSS
4.3AI Score
0.0004EPSS
Out-of-bounds read in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local...
7.2CVSS
6.4AI Score
0.0004EPSS
Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable denial of service via local...
5.5CVSS
5.3AI Score
0.0004EPSS
Integer overflow in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.9AI Score
0.0004EPSS
Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow a privileged user to potentially enable escalation of privilege via network...
7.2CVSS
7.3AI Score
0.001EPSS
Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network...
9.8CVSS
9.6AI Score
0.002EPSS
Improper access control in the Crypto API Toolkit for Intel(R) SGX before version 2.0 commit ID 91ee496 may allow an authenticated user to potentially enable escalation of privilege via local...
8.4CVSS
7.8AI Score
0.0004EPSS
Server-side request forgery in the CVAT software maintained by Intel(R) before version 2.0.1 may allow an authenticated user to potentially enable information disclosure via network...
6.5CVSS
6.2AI Score
0.001EPSS
Improper access control in the Intel(R) OFU software before version 14.1.28 may allow an authenticated user to potentially enable denial of service via local...
6.5CVSS
5.3AI Score
0.0004EPSS
Improper conditions check in the Open CAS software maintained by Intel(R) before version 22.3.1 may allow an authenticated user to potentially enable denial of service via local...
5.5CVSS
5.3AI Score
0.0004EPSS
Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network...
9.8CVSS
9.6AI Score
0.002EPSS
Protection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
Insufficient control flow management in some Intel(R) Ethernet Controller Administrative Tools drivers for Windows before version 1.5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro and Standard Edition software may allow an authenticated user to potentially enable escalation of privilege via local...
7.3CVSS
7.3AI Score
0.0004EPSS
Improper access control in the Intel(R) FPGA SDK for OpenCL(TM) with Intel(R) Quartus(R) Prime Pro Edition software before version 22.1 may allow authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.8AI Score
0.0004EPSS
Description: Race condition in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local...
7.5CVSS
7AI Score
0.0004EPSS
Improper condition check in some Intel(R) SPS firmware before version SPS_E3_06.00.03.300.0 may allow a privileged user to potentially enable denial of service via local...
6CVSS
4.5AI Score
0.0004EPSS
Insufficient control flow management in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local...
8.2CVSS
7.7AI Score
0.0004EPSS
Path traversal in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...
7.5CVSS
6.5AI Score
0.0004EPSS
Uncaught exception in the Intel(R) Iris(R) Xe MAX drivers for Windows before version 100.0.5.1436(v2) may allow a privileged user to potentially enable denial of service via local...
4.4CVSS
4.5AI Score
0.0004EPSS