485 matches found
The vulnerability of the UEFI loader of the Boot Manager of the Windows operating system allows a hacker to circumvent existing security restrictions.
The vulnerability of the UEFI loader of the Windows operating system’s Boot Manager is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to bypass existing security restrictions...
Siemens SIMATIC 安全漏洞
Siemens SIMATIC is a configuration software from Siemens. A security vulnerability exists in Siemens SIMATIC that stems from multiple vulnerabilities that allow an attacker to use Independent BIOS Developers via UEFI...
Siemens SIMATIC 安全漏洞
Siemens SIMATIC is a Siemens configuration software. A security vulnerability exists in Siemens SIMATIC that stems from multiple vulnerabilities that allow an attacker to use Independent BIOS Developers via UEFI...
Siemens SIMATIC 安全漏洞
Siemens SIMATIC is a Siemens configuration software. A security vulnerability exists in Siemens SIMATIC that stems from multiple vulnerabilities that allow an attacker to use Independent BIOS Developers via UEFI...
CVE-2022-32295
On Ampere Altra and AltraMax devices before SRP 1.09, the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component...
PT-2022-21213 · Ampere · Ampere Altra Max +1
Name of the Vulnerable Software and Affected Versions: Ampere Altra and AltraMax devices before SRP 1.09 Description: The Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component. Recommendations: For Ampere Altra and AltraMax devices before SRP 1.0...
shim: Buffer overflow when loading crafted EFI images
A flaw was found in shim during the handling of EFI executables. A crafted EFI image can lead to an overflow in shim. This flaw allows an attacker to perform an out-of-bounds write in memory. A successful attack can lead to data integrity, confidentiality issues, and arbitrary code execution...
shim: Buffer overflow when loading crafted EFI images
A flaw was found in shim during the handling of EFI executables. A crafted EFI image can lead to an overflow in shim. This flaw allows an attacker to perform an out-of-bounds write in memory. A successful attack can lead to data integrity, confidentiality issues, and arbitrary code execution...
shim 缓冲区错误漏洞
shim is a simple HTTP service for SciDB. A buffer error vulnerability exists in shim that stems from a buffer overflow when loading a specially crafted EFI image...
The vulnerability of the SdHostDriver component in the InsydeH2O UEFI firmware creation framework allows a attacker to execute arbitrary code on the target system.
The vulnerability of the SdHostDriver component in the InsydeH2O UEFI firmware creation framework is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code on the target system...
The vulnerability of the FvbServicesRuntimeDxe component in the InsydeH2O UEFI firmware creation framework allows a attacker to escalate their privileges.
The vulnerability of the FvbServicesRuntimeDxe component in the InsydeH2O UEFI firmware creation framework is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...
CVE-2021-39301
Potential vulnerabilities have been identified in UEFI firmware BIOS for some PC products which may allow escalation of privilege and arbitrary code execution...
CVE-2021-39297
Potential vulnerabilities have been identified in UEFI firmware BIOS for some PC products which may allow escalation of privilege and arbitrary code execution...
PT-2022-10894 · Amd · System Management Mode
Name of the Vulnerable Software and Affected Versions: AMD System Management Mode SMM affected versions not specified UEFI firmware BIOS for some PC products affected versions not specified Description: A potential issue in AMD System Management Mode SMM interrupt handler may allow an attacker wi...
Hp Uefi 安全漏洞
Hp Uefi is a Unified Extensible Firmware Interface from Hewlett-Packard Hp. It is a method of handling the computer before loading the operating system. Hp Uefi has a security vulnerability that stems from a problem in the UEFI firmware BIOS that could allow privileged escalation and arbitrary co...
Hp Uefi 安全漏洞
Hp Uefi is a Unified Extensible Firmware Interface from Hewlett-Packard Hp. It is a method of handling the computer before loading the operating system. Hp Uefi has a security vulnerability that stems from a problem in the UEFI firmware BIOS that could allow privileged escalation and arbitrary co...
The vulnerability of the Windows Extensible Firmware Interface in the Windows operating system allows a hacker to perform a system shutdown.
The vulnerability of the Windows Extensible Firmware Interface in the operating system Windows is related to authentication errors when accessing files in the EFI partition. Exploiting this vulnerability can allow an attacker to perform a denial-of-service attack...
Intel Processors 输入验证错误漏洞
Intel Processors are a family of processors from the U.S.-based Intel Corporation Intel. Intel Processors suffers from an input validation error vulnerability that stems from a potential security flaw in the BIOS firmware of Intel processors. An attacker could exploit the vulnerability to cause...
Insyde InsydeH2O 缓冲区错误漏洞
Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System. Operating System H2O UEFI firmware has a buffer overflow vulnerability that can be exploited to write fixed...
Insyde InsydeH2O 权限许可和访问控制问题漏洞
Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System. Operating System H2O UEFI firmware is vulnerable to permission and access control issues, which can be...