Lucene search
+L

485 matches found

BDU FSTEC
BDU FSTEC
added 2022/07/20 12:0 a.m.8 views

The vulnerability of the UEFI loader of the Boot Manager of the Windows operating system allows a hacker to circumvent existing security restrictions.

The vulnerability of the UEFI loader of the Windows operating system’s Boot Manager is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to bypass existing security restrictions...

7.4CVSS7.2AI score0.01497EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/12 12:0 a.m.1 views

Siemens SIMATIC 安全漏洞

Siemens SIMATIC is a configuration software from Siemens. A security vulnerability exists in Siemens SIMATIC that stems from multiple vulnerabilities that allow an attacker to use Independent BIOS Developers via UEFI...

5.5AI score
Exploits0References1
CNNVD
CNNVD
added 2022/07/12 12:0 a.m.3 views

Siemens SIMATIC 安全漏洞

Siemens SIMATIC is a Siemens configuration software. A security vulnerability exists in Siemens SIMATIC that stems from multiple vulnerabilities that allow an attacker to use Independent BIOS Developers via UEFI...

5.5AI score
Exploits0References1
CNNVD
CNNVD
added 2022/07/12 12:0 a.m.4 views

Siemens SIMATIC 安全漏洞

Siemens SIMATIC is a Siemens configuration software. A security vulnerability exists in Siemens SIMATIC that stems from multiple vulnerabilities that allow an attacker to use Independent BIOS Developers via UEFI...

5.5AI score
Exploits0References1
OSV
OSV
added 2022/07/01 12:15 a.m.3 views

CVE-2022-32295

On Ampere Altra and AltraMax devices before SRP 1.09, the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component...

9.8CVSS5.8AI score0.0122EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/06/30 12:0 a.m.7 views

PT-2022-21213 · Ampere · Ampere Altra Max +1

Name of the Vulnerable Software and Affected Versions: Ampere Altra and AltraMax devices before SRP 1.09 Description: The Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component. Recommendations: For Ampere Altra and AltraMax devices before SRP 1.0...

9.8CVSS9.4AI score0.0122EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2022/06/16 3:49 p.m.6 views

shim: Buffer overflow when loading crafted EFI images

A flaw was found in shim during the handling of EFI executables. A crafted EFI image can lead to an overflow in shim. This flaw allows an attacker to perform an out-of-bounds write in memory. A successful attack can lead to data integrity, confidentiality issues, and arbitrary code execution...

7.8CVSS6AI score0.00332EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/06/16 2:57 p.m.5 views

shim: Buffer overflow when loading crafted EFI images

A flaw was found in shim during the handling of EFI executables. A crafted EFI image can lead to an overflow in shim. This flaw allows an attacker to perform an out-of-bounds write in memory. A successful attack can lead to data integrity, confidentiality issues, and arbitrary code execution...

7.8CVSS6AI score0.00332EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/06/07 12:0 a.m.3 views

shim 缓冲区错误漏洞

shim is a simple HTTP service for SciDB. A buffer error vulnerability exists in shim that stems from a buffer overflow when loading a specially crafted EFI image...

7.8CVSS7.3AI score0.00332EPSS
Exploits0References18
BDU FSTEC
BDU FSTEC
added 2022/03/01 12:0 a.m.9 views

The vulnerability of the SdHostDriver component in the InsydeH2O UEFI firmware creation framework allows a attacker to execute arbitrary code on the target system.

The vulnerability of the SdHostDriver component in the InsydeH2O UEFI firmware creation framework is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code on the target system...

8.2CVSS8.1AI score0.00279EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/01 12:0 a.m.10 views

The vulnerability of the FvbServicesRuntimeDxe component in the InsydeH2O UEFI firmware creation framework allows a attacker to escalate their privileges.

The vulnerability of the FvbServicesRuntimeDxe component in the InsydeH2O UEFI firmware creation framework is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

10CVSS7.9AI score0.00326EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/02/16 5:15 p.m.3 views

CVE-2021-39301

Potential vulnerabilities have been identified in UEFI firmware BIOS for some PC products which may allow escalation of privilege and arbitrary code execution...

8.8CVSS7.4AI score0.00441EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/02/16 5:15 p.m.4 views

CVE-2021-39297

Potential vulnerabilities have been identified in UEFI firmware BIOS for some PC products which may allow escalation of privilege and arbitrary code execution...

8.8CVSS7.4AI score0.00458EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/02/16 12:0 a.m.2 views

PT-2022-10894 · Amd · System Management Mode

Name of the Vulnerable Software and Affected Versions: AMD System Management Mode SMM affected versions not specified UEFI firmware BIOS for some PC products affected versions not specified Description: A potential issue in AMD System Management Mode SMM interrupt handler may allow an attacker wi...

8.8CVSS9.1AI score0.00445EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/02/16 12:0 a.m.4 views

Hp Uefi 安全漏洞

Hp Uefi is a Unified Extensible Firmware Interface from Hewlett-Packard Hp. It is a method of handling the computer before loading the operating system. Hp Uefi has a security vulnerability that stems from a problem in the UEFI firmware BIOS that could allow privileged escalation and arbitrary co...

8.8CVSS8.3AI score0.00423EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/02/16 12:0 a.m.6 views

Hp Uefi 安全漏洞

Hp Uefi is a Unified Extensible Firmware Interface from Hewlett-Packard Hp. It is a method of handling the computer before loading the operating system. Hp Uefi has a security vulnerability that stems from a problem in the UEFI firmware BIOS that could allow privileged escalation and arbitrary co...

8.8CVSS8.3AI score0.00441EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/02/10 12:0 a.m.7 views

The vulnerability of the Windows Extensible Firmware Interface in the Windows operating system allows a hacker to perform a system shutdown.

The vulnerability of the Windows Extensible Firmware Interface in the operating system Windows is related to authentication errors when accessing files in the EFI partition. Exploiting this vulnerability can allow an attacker to perform a denial-of-service attack...

5.5CVSS6.3AI score0.0143EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/02/08 12:0 a.m.8 views

Intel Processors 输入验证错误漏洞

Intel Processors are a family of processors from the U.S.-based Intel Corporation Intel. Intel Processors suffers from an input validation error vulnerability that stems from a potential security flaw in the BIOS firmware of Intel processors. An attacker could exploit the vulnerability to cause...

7.8CVSS7.3AI score0.00301EPSS
Exploits0References10
CNNVD
CNNVD
added 2022/02/02 12:0 a.m.7 views

Insyde InsydeH2O 缓冲区错误漏洞

Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System. Operating System H2O UEFI firmware has a buffer overflow vulnerability that can be exploited to write fixed...

7.5CVSS6AI score0.00264EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/02/02 12:0 a.m.7 views

Insyde InsydeH2O 权限许可和访问控制问题漏洞

Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System. Operating System H2O UEFI firmware is vulnerable to permission and access control issues, which can be...

8.2CVSS5.8AI score0.00351EPSS
Exploits0References7
Rows per page
Query Builder