Export limit exceeded: 361070 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361070 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-11098 | 1 Tianocore | 1 Edk Ii | 2024-11-21 | 6.8 Medium |
| Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access. | ||||
| CVE-2019-11097 | 1 Intel | 1 Trusted Execution Engine Firmware | 2024-11-21 | 7.8 High |
| Improper directory permissions in the installer for Intel(R) Management Engine Consumer Driver for Windows before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45,13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-11096 | 2 Intel, Microsoft | 2 Ethernet I218 Adapter Driver, Windows 10 | 2024-11-21 | 5.5 Medium |
| Insufficient memory protection for Intel(R) Ethernet I218 Adapter driver for Windows* 10 before version 24.1 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2019-11095 | 1 Intel | 1 Driver \& Support Assistant | 2024-11-21 | N/A |
| Insufficient access control in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2019-11094 | 1 Intel | 20 Nuc Kit D33217gke, Nuc Kit D53427rke, Nuc Kit D54250wyb and 17 more | 2024-11-21 | N/A |
| Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access. | ||||
| CVE-2019-11093 | 1 Intel | 1 Scs Discovery Utility | 2024-11-21 | N/A |
| Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-11092 | 1 Intel | 2 Open Cloud Integrity Tehnology, Openattestation | 2024-11-21 | 4.4 Medium |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2019-11090 | 1 Intel | 3 Platform Trust Technology Firmware, Server Platform Services Firmware, Trusted Execution Engine Firmware | 2024-11-21 | 5.9 Medium |
| Cryptographic timing conditions in the subsystem for Intel(R) PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; Intel(R) TXE 3.1.70 and 4.0.20; Intel(R) SPS before versions SPS_E5_04.01.04.305.0, SPS_SoC-X_04.00.04.108.0, SPS_SoC-A_04.00.04.191.0, SPS_E3_04.01.04.086.0, SPS_E3_04.08.04.047.0 may allow an unauthenticated user to potentially enable information disclosure via network access. | ||||
| CVE-2019-11089 | 2 Intel, Netapp | 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more | 2024-11-21 | 5.5 Medium |
| Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2019-11088 | 1 Intel | 1 Active Management Technology Firmware | 2024-11-21 | 8.8 High |
| Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | ||||
| CVE-2019-11087 | 1 Intel | 2 Converged Security Management Engine Firmware, Trusted Execution Engine Firmware | 2024-11-21 | 6.7 Medium |
| Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access. | ||||
| CVE-2019-11086 | 1 Intel | 1 Active Management Technology Firmware | 2024-11-21 | 6.8 Medium |
| Insufficient input validation in subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | ||||
| CVE-2019-11085 | 2 Intel, Redhat | 9 I915, I915 Firmware, Enterprise Linux and 6 more | 2024-11-21 | N/A |
| Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-11084 | 1 Gbraad | 1 Gauth | 2024-11-21 | N/A |
| GAuth 0.9.9 beta has stored XSS that shows a popup repeatedly and discloses cookies. | ||||
| CVE-2019-11082 | 1 Dkpro-core Project | 1 Dkpro-core | 2024-11-21 | N/A |
| core/api/datasets/internal/actions/Explode.java in the Dataset API in DKPro Core through 1.10.0 allows Directory Traversal, resulting in the overwrite of local files with the contents of an archive. | ||||
| CVE-2019-11081 | 1 Dentsplysirona | 1 Sidexis | 2024-11-21 | N/A |
| A default username and password in Dentsply Sirona Sidexis 4.3.1 and earlier allows an attacker to gain administrative access to the application server. | ||||
| CVE-2019-11080 | 1 Sitecore | 1 Experience Platform | 2024-11-21 | N/A |
| Sitecore Experience Platform (XP) prior to 9.1.1 is vulnerable to remote code execution via deserialization, aka TFS # 293863. An authenticated user with necessary permissions is able to remotely execute OS commands by sending a crafted serialized object. | ||||
| CVE-2019-11078 | 1 Mkcms Project | 1 Mkcms | 2024-11-21 | N/A |
| MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI. | ||||
| CVE-2019-11077 | 1 Fastadmin | 1 Fastadmin | 2024-11-21 | 8.8 High |
| FastAdmin V1.0.0.20190111_beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI. | ||||
| CVE-2019-11076 | 1 Cribl | 1 Cribl | 2024-11-21 | N/A |
| Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request. | ||||