5587 matches found
CVE-2026-40639
Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges...
CVE-2026-40639
Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability (CVE-2026-40639). Affected software: Dell Client Platform BIOS. Root cause: weak encoding for password storage/verification. Impact: unauthenticated attacker with physical access could achieve Elevation of Privileges, w...
Multi-Vendor BIOS Security Vulnerabilities (June 2026) - Lenovo Support US
No description provided...
Dell Client Platform BIOS 安全漏洞
Dell Client Platform BIOS is a client platform BIOS developed by the American company Dell. There is a security vulnerability in Dell Client Platform BIOS, which stems from weak password encoding. This vulnerability could allow unverified attackers with physical access to escalate their privilege...
PT-2026-48215
Name of the Vulnerable Software and Affected Versions Dell Client Platform BIOS affected versions not specified Latitude E7250 Latitude 7490 XPS 15 9560 Wyse 5070 Description An unauthenticated attacker with physical access to the SPI flash chip or an attacker-controlled OS boot can recover BIOS...
CVE-2026-10046
Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bioshandlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...
CVE-2026-10046
Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bioshandlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...
CVE-2026-10046 Out-of-bounds write in Napoca BIOS INT 0x15 E820 memory map handler (VA-13905)
Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bioshandlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...
CVE-2026-10046
Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write in the BIOS INT 0x15 / E820 memory map handler (napoca/guests/bios_handlers.c). The handler derives a destination offset into the guest RealModeMemory from guest-controlled ES and EDI without validating the address against t...
PT-2026-45766
Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bios handlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...
CVE-2026-24216
NVIDIA BioNemo for Linux contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: x86-android-tablets: Fixed a problem where the touchscreen function was not working properly on the Chuwi Hi8 when using the Windows BIOS. The handling of touchscreen operations for the Chuwi Hi8 is only necessary...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: APEI/GHES: ARM processor Error: Do not go past allocated memory If the BIOS generates a very small ARM Processor Error, or an incomplete one, the current logic will fail to deferrence err-sectionlength and ctxinfo-size. Add...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: hp-bioscfg: Fixed warnings regarding empty attribute names in kobjects. The hp-bioscfg driver attempts to register kobjects with empty names when the HP BIOS returns attributes with empty name strings. This causes...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: fixed a memory leak in generatelfpdataptrs When size != 0 || ptrs-lvdsentries != 3, the program attempts to use free on ptrs. However, ptrs is not created by calling kzmalloc; instead, it is obtained through a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: rtw89 – fw: scan offload prohibit all 6 GHz channels if no 6 GHz sband exists. We have certain policies via the BIOS that prevent the use of 6 GHz frequencies. In this case, the 6 GHz sband parameter will be set to NULL, ev...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: A memory leak has been fixed in the ipcpciereadbioscfg function. The ipcpciereadbioscfg function uses acpievaluatedsm to obtain the wwan power state configuration from the BIOS. However, it does not free the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the “block” layer, do not call “rqqosops-donebio” if the bio data structure is not being tracked. The “rqqos” framework is only applied on request-based drivers. Therefore: 1 The “rqqosdonebio” function is not necessary for...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amd: Fixed an out-of-bounds error in the BIOS parser. The array size is hardcoded to 8 in atomfirmware.h, but sometimes the firmware provides a larger array size. Deferencing the larger array causes an out-of-bounds error...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Add acpiputtable to prevent a memory leak. When the radeon driver reads BIOS information from the ACPI table in radeonacpivfctbios, it fails to call acpiputtable to release the ACPI memory after initialization...