VYPR

Products

by Duendesoftware

Source repositories

CVEs (13)

  • CVE-2023-5410HigMar 12, 2024
    risk 0.53cvss 8.2epss 0.00

    A potential security vulnerability has been reported in the system BIOS of certain HP PC products, which might allow memory tampering. HP is releasing mitigation for the potential vulnerability.

  • CVE-2021-3808HigFeb 1, 2023
    risk 0.51cvss 7.8epss 0.00

    Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities.

  • CVE-2024-47975HigOct 7, 2024
    risk 0.46cvss 7.0epss 0.00

    Improper access control validation in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access or an attacker with local access to potentially enable denial of service.

  • CVE-2024-47976MedOct 7, 2024
    risk 0.44cvss 6.7epss 0.00

    Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access.

  • CVE-2024-47969MedOct 7, 2024
    risk 0.40cvss 6.2epss 0.00

    Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially enable denial of service.

  • CVE-2025-12902MedNov 7, 2025
    risk 0.29cvss 4.4epss 0.00

    Improper resource management in firmware of some Solidigm DC Products may allow an attacker with local or physical access to gain un-authorized access to a locked Storage Device or create a Denial of Service.

  • CVE-2025-12896MedNov 7, 2025
    risk 0.29cvss 4.4epss 0.00

    Improper resource management in firmware of some Solidigm DC Products may allow an attacker with local or physical access to gain un-authorized access to a locked storage device.

  • CVE-2025-9195MedAug 28, 2025
    risk 0.29cvss 4.4epss 0.00

    Improper input validation in firmware of some Solidigm DC Products may allow an attacker with local access to cause a Denial of Service

  • CVE-2024-47974MedOct 7, 2024
    risk 0.29cvss 4.4epss 0.00

    Race condition during resource shutdown in some Solidigm DC Products may allow an attacker to potentially enable denial of service.

  • CVE-2024-47967MedOct 7, 2024
    risk 0.29cvss 4.4epss 0.00

    Improper resource initialization handling in firmware of some Solidigm DC Products may allow an attacker to potentially enable denial of service.

  • CVE-2024-47972MedOct 7, 2024
    risk 0.26cvss 4.0epss 0.00

    Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially control the performance of the resource.

  • CVE-2024-39694MedJul 31, 2024
    risk 0.24cvss 4.7epss 0.01

    Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ASP.NET Core. It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some…

  • CVE-2024-49755LowOct 28, 2024
    risk 0.13cvss 3.1epss 0.00

    Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ASP.NET Core. IdentityServer's local API authentication handler performs insufficient validation of the cnf claim in DPoP access tokens. This allows an attacker to use leaked DPoP access tokens at local api…