Show filters
133 Total Results
Displaying 41-50 of 133
Sort by:
Attacker Value
Unknown

CVE-2023-0811

Disclosure Date: March 16, 2023 (last updated November 08, 2023)
Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. If an adversary issues a PROGRAM AREA WRITE command to a specific memory region, they could overwrite the password. This may lead to disabling UM protections or setting a non-ASCII password (non-keyboard characters) and preventing an engineer from viewing or modifying the user program.
Attacker Value
Unknown

CVE-2022-40137

Disclosure Date: January 30, 2023 (last updated October 08, 2023)
A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code.
Attacker Value
Unknown

CVE-2022-40136

Disclosure Date: January 30, 2023 (last updated October 08, 2023)
An information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.
Attacker Value
Unknown

CVE-2022-40135

Disclosure Date: January 30, 2023 (last updated October 08, 2023)
An information leak vulnerability in the Smart USB Protection SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.
Attacker Value
Unknown

CVE-2022-40134

Disclosure Date: January 30, 2023 (last updated October 08, 2023)
An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.
Attacker Value
Unknown

CVE-2022-41783

Disclosure Date: December 07, 2022 (last updated February 24, 2025)
tdpServer of TP-Link RE300 V1 improperly processes its input, which may allow an attacker to cause a denial-of-service (DoS) condition of the product's OneMesh function.
Attacker Value
Unknown

CVE-2021-4211

Disclosure Date: April 22, 2022 (last updated February 23, 2025)
A potential vulnerability in the SMI callback function used in the SMBIOS event log driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code.
Attacker Value
Unknown

CVE-2021-4210

Disclosure Date: April 22, 2022 (last updated February 23, 2025)
A potential vulnerability in the SMI callback function used in the NVME driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code.
Attacker Value
Unknown

CVE-2021-44262

Disclosure Date: March 17, 2022 (last updated February 23, 2025)
A vulnerability is in the 'MNU_top.htm' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information for the device.
Attacker Value
Unknown

CVE-2019-19415

Disclosure Date: July 08, 2020 (last updated February 21, 2025)
The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.