6 matches found
CVE-2022-1108
A potential vulnerability due to improper buffer validation in the SMI handler LenovoFlashDeviceInterface in Thinkpad X1 Fold Gen 1 could be exploited by an attacker with local access and elevated privileges to execute arbitrary code...
CVE-2023-2290
A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code...
CVE-2022-1108
A potential vulnerability due to improper buffer validation in the SMI handler LenovoFlashDeviceInterface in Thinkpad X1 Fold Gen 1 could be exploited by an attacker with local access and elevated privileges to execute arbitrary code...
The vulnerability of Thunderbolt devices’ microcontrollers, related to errors in the implementation of the SPI Flash interface, allows attackers to gain direct access to the memory of computing devices connected to Thunderbolt interfaces.
The vulnerability of Thunderbolt device microcontrollers is related to errors in the implementation of the SPI Flash interface. Exploiting this vulnerability can allow an attacker to gain direct access to the memory of computing devices, to which Thunderbolt-enabled devices are connected...
CVE-2019-7672
Prima Systems FlexAir, Versions 2.3.38 and prior. The flash version of the web interface contains a hard-coded username and password, which may allow an authenticated attacker to escalate privileges...
CVE-2017-3080
Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer. Successful exploitation could lead to information disclosure...