CVE-2025-10238

During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode SMM...

CVE-2025-58770 TCG2 TPM RT Not Locked Issue

APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient Permissions or Privileges” by local access. Successful exploitation of this vulnerability can lead to escalation of authorization and potentially impact Integrity and Availability...

AZL-72559 CVE-2025-2296 affecting package hvloader for versions less than 1.0.1-15

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

Linux Distros Unpatched Vulnerability : CVE-2025-3770

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2 contains a vulnerability in BIOS where an attacker may cause Protection Mechanism Failure by local access. Successful exploitation of this vulnerability wi...

AZL-66122 CVE-2025-3770 affecting package hvloader for versions less than 1.0.1-14

EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability...

CVE-2023-22444

Improper initialization in some IntelR NUC 13 Extreme Compute Element, IntelR NUC 13 Extreme Kit, IntelR NUC 11 Performance Kit, IntelR NUC 11 Performance Mini PC, IntelR NUC Compute Element, IntelR NUC Laptop Kit, IntelR NUC Pro Kit, IntelR NUC Pro Board and IntelR NUC Pro Mini PC BIOS firmware...

CVE-2023-0202

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...

CVE-2022-3742

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper buffer validation...

CVE-2022-34657

Improper input validation in firmware for some IntelR PCSD BIOS before version 02.01.0013 may allow a privileged user to potentially enable information disclosure via local access...

CVE-2023-28039

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable...

NVIDIA DGX 安全漏洞

NVIDIA DGX is a high-performance workstation for deep learning applications from NVIDIA. A security vulnerability exists in the NVIDIA DGX A100 SBIOS prior to version 1.18, which stems from an attacker being able to modify arbitrary memory in SMRAM by utilizing the NVME SMM API, which could resul...

CVE-2022-34376

Dell PowerEdge BIOS and Dell Precision BIOS contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM...

HP PC 安全漏洞

HP PC is a computer product of Hewlett-Packard HP Company, USA. The HP PC has a security vulnerability that originates from a potential flaw in the system BIOS, which could be exploited by an attacker to cause arbitrary code execution, privilege escalation, denial of service, and information...

CVE-2022-34399

Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected in order to leak certain sections of SMRAM...

CVE-2022-26862

Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM...

Intel Processors 缓冲区错误漏洞

Intel Processors are a family of processors from the U.S.-based Intel Corporation Intel. Intel Processors suffers from a buffer error vulnerability that stems from a potential security flaw in the BIOS firmware of Intel processors. An attacker could exploit the vulnerability to cause privilege...