libexpat 安全漏洞

libexpat is a streaming XML parser written in C by the libexpat team. A security vulnerability exists in libexpat that stems from a potential stack overflow when processing recursive entity extensions in XML documents, which could result in a denial of service or memory corruption...

CVE-2024-56182

A vulnerability has been identified in SIMATIC Field PG M5 All versions, SIMATIC Field PG M6 All versions V26.01.12, SIMATIC IPC BX-21A All versions V31.01.07, SIMATIC IPC BX-32A All versions V29.01.07, SIMATIC IPC BX-39A All versions V29.01.07, SIMATIC IPC BX-59A All versions V32.01.04, SIMATIC...

Siemens SCALANCE LPE9403 操作系统命令注入漏洞

Siemens SCALANCE LPE9403 is a native processing engine for industrial field data processing from Siemens, Germany. It is used to capture, collect and pre-process industrial field data. Siemens SCALANCE LPE9403 6GK5998-3GS00-2AC2 V4.0 and prior versions suffer from an operating system command...

Siemens SIMATIC 缓冲区错误漏洞

Siemens SIMATIC is a configuration software from Siemens Germany. A buffer error vulnerability exists in Siemens SIMATIC, which arises from an inadequate protection mechanism for EFI variables, and could allow an authenticated attacker to modify the secure boot configuration. The following produc...

libxml2: Use-After-Free in libxml2

A flaw was found in libxml2. This vulnerability allows a use-after-free via a crafted XML document validated against an XML schema with certain identity constraints or a crafted XML schema...

microcode_ctl: Improper input validation in UEFI firmware

An improper input validation flaw was found in UEFI firmware. Some IntelR processors may allow a privileged user to enable privilege escalation via local access...

microcode_ctl: Improper input validation in UEFI firmware

An improper input validation flaw was found in UEFI firmware. Some IntelR processors may allow a privileged user to enable privilege escalation via local access...

microcode_ctl: Improper input validation in XmlCli feature for UEFI firmware

An improper input validation flaw was found in the XmlCli feature for UEFI firmware. Some IntelR processors may allow a privileged user to enable privilege escalation via local access...

microcode_ctl: Improper input validation in UEFI firmware

An improper input validation flaw was found in UEFI firmware. Some IntelR Processors may allow a privileged user to enable privilege escalation via local access...

microcode_ctl: Improper input validation in UEFI firmware

An improper input validation flaw was found in UEFI firmware. Some IntelR processors may allow a privileged user to enable privilege escalation via local access...

microcode_ctl: Improper input validation in UEFI firmware

An improper input validation flaw was found in UEFI firmware. Some IntelR Processors may allow a privileged user to enable privilege escalation via local access...

microcode_ctl: Improper input validation in UEFI firmware

An improper input validation flaw was found in UEFI firmware. Some IntelR Processors may allow a privileged user to enable privilege escalation via local access...

microcode_ctl: Improper input validation in XmlCli feature for UEFI firmware

An improper input validation flaw was found in the XmlCli feature for UEFI firmware. Some IntelR processors may allow a privileged user to enable privilege escalation via local access...

PublicCMS 代码问题漏洞

PublicCMS is an open source content management system CMS written in Java language by PublicCMS China. A security vulnerability exists in PublicCMS version v4.0.202406, which originates from the /cms/CmsWebFileAdminController.java component that allows the upload of specially crafted svg or xml...

kernel: efi: runtime: Fix potential overflow of soft-reserved region size

A flaw was found in the Linux kernel. Due to an integer overflow, certain EFI-related memory reservations might receive a size other than expected, leading to a denial of service...

Moderate: Red Hat Security Advisory: Red Hat Developer Hub 1.4.2 release.

Red Hat Developer Hub 1.4.2 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

The vulnerability of UEFI microprogramming systems in Intel processors allows attackers to enhance their privileges.

The vulnerability of Intel UEFI microprogramming system processors is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges...

The vulnerability of UEFI microprogramming systems of Intel processors allows a hacker to gain unauthorized access to protected information.

The vulnerability of Intel UEFI microprogramming systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of UEFI microprogramming systems of Intel processors allows a hacker to gain unauthorized access to protected information.

The vulnerability of Intel UEFI microprogramming systems lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

UBUNTU-CVE-2022-49357

In the Linux kernel, the following vulnerability has been resolved: efi: Do not import certificates from UEFI Secure Boot for T2 Macs On Apple T2 Macs, when Linux attempts to read the db and dbx efi variables at early boot to load UEFI Secure Boot certificates, a page fault occurs in Apple firmwa...