CVE-2016-8224

MEDIUM Year: 2016
CVSS v3 Score
4.4
Medium
CVSS v2 Score
4.6
Medium
Weakness Type
CWE-310
View all →

Vulnerability Description

A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Management Engine (ME) protections. This could result in a denial of service or privilege escalation attack on the system.

Related Vulnerabilities

CVE-2020-3389

MEDIUM
CVSS:4.4(Medium)

A vulnerability in the installation component of Cisco Hyperflex HX-Series Software could allow an authenticated, local attacker to retrieve the password that was configured at installation on an affe...

CWE-3102020

CVE-2016-10376

MEDIUM
CVSS:4.5(Medium)

Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted...

CWE-3102016

CVE-2016-2053

MEDIUM
CVSS:4.7(Medium)

The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to misha...

CWE-3102016

CVE-2020-8150

MEDIUM
CVSS:4.1(Medium)

A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files.

CWE-3102020

CVE-2021-41993

MEDIUM
CVSS:4.8(Medium)

A misconfiguration of RSA in PingID Android app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login.

CWE-3102021

CVE-2021-41994

MEDIUM
CVSS:4.8(Medium)

A misconfiguration of RSA in PingID iOS app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login.

CWE-3102021