Security Vulnerabilities - CVEs Published In 2019
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-11-14
Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.
CVSS Score
6.0
EPSS Score
0.001
Published
2019-11-14
eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the Script Parser AddOn through 1.8 installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi script, which executes TCL script content from an HTTP POST request.
CVSS Score
9.8
EPSS Score
0.301
Published
2019-11-14
eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the E-Mail AddOn through 1.6.8.c installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the save.cgi script for payload upload and the testtcl.cgi script for its execution.
CVSS Score
9.8
EPSS Score
0.301
Published
2019-11-14
eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the HM-Print AddOn through 1.2a installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi and exec1.cgi scripts, which execute TCL script content from an HTTP POST request.
CVSS Score
9.8
EPSS Score
0.301
Published
2019-11-14
Unhandled exception in Kernel-mode drivers for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-11-14
Unhandled exception in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an authenticated user to potentially enable a denial of service via local access.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-11-14
Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.0
Published
2019-11-14
Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-14
Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-14