5 matches found
EUVD-2015-6041
Malware in sbrugna...
The vulnerability of the handle_image() function in the UEFI loader shim allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the handleimage function in the UEFI loader shim is related to the issue of writing data beyond the buffer boundaries when processing EFI files, taking into account the SizeOfRawData field. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause...
Insyde InsydeH2O 安全漏洞
Insyde InsydeH2O is a C source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification, designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O with kernel versions 5.0 through 5.5. An attacker...
GHSA-7GRF-83VW-6F5X OpenZeppelin Contracts ERC165Checker unbounded gas consumption
Impact The target contract of an EIP-165 supportsInterface query can cause unbounded gas consumption by returning a lot of data, while it is generally assumed that this operation has a bounded cost. Patches The issue has been fixed in v4.7.2. References...
CVE-2015-6098
CVE-2015-6098 is a local privilege-escalation flaw in the Windows Network Driver Interface Specification (NDIS) with a buffer-overflow in ndis.sys. A crafted local app can gain elevated privileges on Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, and Windows 7 SP1. Public exploit references e...