Lucene search
+L

485 matches found

Microsoft CVE
Microsoft CVE
added 2025/07/11 7:0 a.m.6 views

acpi: nfit: fix narrowing conversion in acpi_nfit_ctl

...

5.5CVSS6.8AI score0.00199EPSS
Exploits0
OSV
OSV
added 2025/07/10 8:15 a.m.1 views

DEBIAN-CVE-2025-38315

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Check dsbr size from EFI variable Since the size of struct btinteldsbr is already known, we can just start there instead of querying the EFI variable size. If the final result doesn't match what we expect also...

5.5CVSS5.8AI score0.00135EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/02 12:0 a.m.5 views

The vulnerability of the drivers/firmware/EFI/libstub components of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the drivers/firmware/EFI/libstub components of the Linux operating system is related to the allocation of unlimited memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00225EPSS
Exploits0References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.10 views

The vulnerability of the IhisiServiceSmm component in the InsydeH2O UEFI firmware creation framework allows a attacker to escalate their privileges.

The vulnerability of the IhisiServiceSmm component in the InsydeH2O UEFI firmware creation framework is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

6.1CVSS5.7AI score0.00132EPSS
Exploits0References3Affected Software5
SUSE CVE
SUSE CVE
added 2025/06/19 3:45 a.m.5 views

SUSE CVE-2022-49955

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Fix RTAS MSRHV handling for Cell The semi-recent changes to MSR handling when entering RTAS firmware cause crashes on IBM Cell machines. An example trace: kernel tried to execute user page 2fff01a8 - exploit attempt...

5.5CVSS6.5AI score0.00179EPSS
Exploits0References3
OSV
OSV
added 2025/06/18 11:15 a.m.5 views

UBUNTU-CVE-2022-49955

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Fix RTAS MSRHV handling for Cell The semi-recent changes to MSR handling when entering RTAS firmware cause crashes on IBM Cell machines. An example trace: kernel tried to execute user page 2fff01a8 - exploit attempt...

5.5CVSS6AI score0.00179EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.10 views

Astra Linux – Vulnerability in Intel Microcode

Improper input validation in the UEFI firmware CseVariableStorageSmm for some Intel processors may allow a privileged user to potentially enable privilege escalation through local access...

8.7CVSS7.2AI score0.00247EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.5 views

Astra Linux – Vulnerability in Intel Microcode

Improper input validation in the XmlCli feature for UEFI firmware on some Intel processors may allow a privileged user to potentially enable privilege escalation through local access...

8.7CVSS7.2AI score0.00249EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.6 views

Astra Linux – Vulnerability in Intel Microcode

Improper initialization in UEFI firmware. The OutOfBandXML module in some Intel processors may allow a privileged user to potentially enable information disclosure through local access...

6.8CVSS5.8AI score0.00232EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Check the dsbr size from the EFI variable Since the size of the struct btinteldsbr is already known, we can simply start checking there instead of querying the size of the EFI variable. If the final result doe...

5.5CVSS6.4AI score0.00135EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.5 views

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a new EFI/UEFI specification from Insyde China. It is intended to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O, which can be exploited to alter certificates and execute .efi files...

7.8CVSS9.2AI score0.00404EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/05/31 1:31 a.m.2 views

SUSE CVE-2024-28047

Improper input validation in UEFI firmware for some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access...

6.8CVSS5.9AI score0.00247EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 3:15 a.m.5 views

CVE-2023-22662

Improper input validation of EpsdSrMgmtConfig in UEFI firmware for some IntelR Server Board S2600BP products may allow a privileged user to potentially enable denial of service via local access...

5.8CVSS6.2AI score0.00196EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.11 views

The vulnerability of the UEFI RCM loader on NVIDIA’s industrial-class artificial intelligence software platforms, IGX Orin and Jetson AGX Orin, allows a hacker to execute arbitrary code, cause system failures, disclose sensitive information, or gain increased privileges.

The vulnerability of the UEFI RCM software platform for industrial-class artificial intelligence systems, such as NVIDIA IGX Orin and Jetson AGX Orin, is related to the incorrect implementation of security functions for the user interface. Exploiting this vulnerability can allow attackers to...

7.6CVSS5.6AI score0.00282EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.3 views

Intel Server M50FCP和Intel Server D50DNP 输入验证错误漏洞

Intel Server M50FCP and Intel Server D50DNP are both servers from Intel Corporation USA. An input validation error vulnerability exists in Intel Server M50FCP and Intel Server D50DNP, which stems from improper input validation in the UEFI firmware DXE module, which could lead to elevation of...

8.7CVSS6.7AI score0.00143EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.5 views

Intel Server M50FCP和Intel Server D50DNP 安全漏洞

Intel Server M50FCP and Intel Server D50DNP are both servers from Intel Corporation USA. A security vulnerability exists in Intel Server M50FCP and Intel Server D50DNP that stems from improper initialization of the UEFI firmware, which could lead to information disclosure...

5.6CVSS6.4AI score0.00134EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/07 12:0 a.m.8 views

PT-2025-15273

Name of the Vulnerable Software and Affected Versions EDK2 affected versions not specified Description The issue is related to a vulnerability in the HashPeImageByType function, where a user can cause a read out of bounds by sending corrupted data via the network. This could lead to a loss of...

9.1CVSS6.4AI score0.75116EPSS
Exploits3References147
Microsoft Secure
Microsoft Secure
added 2025/03/31 4:0 p.m.23 views

Analyzing open-source bootloaders: Finding vulnerabilities faster with AI

By leveraging Microsoft Security Copilot to expedite the vulnerability discovery process, Microsoft Threat Intelligence uncovered several vulnerabilities in multiple open-source bootloaders, impacting all operating systems relying on Unified Extensible Firmware Interface UEFI Secure Boot as well ...

8.8CVSS8.7AI score0.01284EPSS
Exploits3
SUSE CVE
SUSE CVE
added 2025/03/28 3:1 a.m.4 views

SUSE CVE-2025-21872

In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when validating the mokvar table, we remap the entire table on each iteration of the loop, adding space as we discover new entries. If the table grows over a...

5.5CVSS7.6AI score0.00189EPSS
Exploits0References16
OSV
OSV
added 2025/03/27 3:15 p.m.8 views

UBUNTU-CVE-2025-21872

In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when validating the mokvar table, we remap the entire table on each iteration of the loop, adding space as we discover new entries. If the table grows over a...

5.5CVSS6.2AI score0.00189EPSS
Exploits0References25
Rows per page
Query Builder