Lucene search
K

854 matches found

Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.6 views

PT-2024-11863 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A reference count leak in the Linux kernel has been identified and resolved. The issue occurs in the has external pci function, where a pci dev put call is missing, leading to a...

9.1CVSS6.6AI score0.03702EPSS
Exploits12References1811
OSV
OSV
added 2023/01/13 1:15 a.m.5 views

CVE-2022-42275

NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. This may lead to a loss of integrity and denial of service...

7.1CVSS5.8AI score0.00196EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/06 12:0 a.m.4 views

PT-2024-11822 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a missing sentinel in the struct soc device attribute array in the Linux kernel's PCI driver for mt7621. This causes an error when assessed by the soc device...

5.5CVSS6.4AI score0.00233EPSS
Exploits0References25
OSV
OSV
added 2022/11/21 5:15 p.m.3 views

CVE-2022-35897

An stack buffer overflow vulnerability leads to arbitrary code execution issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. If the attacker modifies specific UEFI variables, it can cause a stack overflow, leading to arbitrary code execution. The specific variables are normally...

6.8CVSS6.6AI score0.00357EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/10/12 12:0 a.m.7 views

The vulnerability of the Azure RTOS operating system’s USBX implementation allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the Azure RTOS operating system’s USBX implementation lies in reading data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service failures remotely...

8CVSS8.3AI score0.01516EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2022/06/30 12:0 a.m.2 views

Ampere Computing Ampere Altra 安全漏洞

The Ampere Computing Ampere Altra is an 80-core server processor from Ampere Computing, USA. A security vulnerability exists in the Ampere Computing Ampere Altra that stems from a UEFI-accessible Altra reference design that allows insecure access to the SPI-NOR by operating system/manager...

9.8CVSS8.3AI score0.0122EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/05/12 12:0 a.m.4 views

PT-2022-9724 · Amd · Athlon™ Series +53

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a failure to verify the protocol in SMM, which may allow an attacker to control the protocol and modify SPI flash, potentially...

7.8CVSS7.5AI score0.00268EPSS
Exploits0References4
OSV
OSV
added 2022/05/11 5:15 p.m.2 views

CVE-2021-26347

Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...

4.7CVSS6AI score0.00188EPSS
Exploits0References1
OSV
OSV
added 2022/03/11 2:15 p.m.4 views

CVE-2022-21819

NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker with physical access to the board direct read/write access to the entire system address space through the PCI bus. Such an attack could result in denial of...

7.6CVSS5.8AI score0.00385EPSS
Exploits0References2
NVD
NVD
added 2021/12/07 9:15 p.m.17 views

CVE-2021-36133

The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...

7.1CVSS0.0026EPSS
Exploits0References1
OSV
OSV
added 2021/12/07 9:15 p.m.7 views

CVE-2021-36133

The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...

7.1CVSS7.1AI score
Exploits0References1
OSV
OSV
added 2021/12/07 9:15 p.m.2 views

DEBIAN-CVE-2021-36133

The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...

7.1CVSS7.2AI score0.0026EPSS
Exploits0References1
OSV
OSV
added 2021/12/07 9:15 p.m.2 views

UBUNTU-CVE-2021-36133

The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...

7.1CVSS5.9AI score0.0026EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/12/06 12:0 a.m.3 views

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and are from time to time fabricated on the surface of semiconductor wafers. A buffer error vulnerability exists in multiple Qualcomm products...

7.8CVSS7.5AI score0.00144EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2021/11/24 1:34 a.m.138 views

Exploit for Out-of-bounds Read in Nxp Lpc55S69Jbd100_Firmware

CVE-2021-40154...

6.1CVSS5.9AI score0.0073EPSS
Exploits1
OSV
OSV
added 2021/11/16 7:15 p.m.6 views

CVE-2020-12961

A potential vulnerability exists in AMD Platform Security Processor PSP that may allow an attacker to zero any privileged register on the System Management Network which may lead to bypassing SPI ROM protections...

7.8CVSS5.8AI score0.0024EPSS
Exploits0References1
OSV
OSV
added 2021/10/06 2:15 p.m.1 views

DEBIAN-CVE-2021-28702

PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions specified via Reserved Memory Region Reporting, "RMRR". These are typically used for platform tasks such as legacy USB emulation. If such a device is passed through to a guest...

7.6CVSS7.4AI score0.00427EPSS
Exploits0References1
OSV
OSV
added 2021/09/21 10:11 p.m.5 views

CLSA-2021-1632262296 Fix of CVE: CVE-2021-38160, CVE-2021-3573, CVE-2021-38205, CVE-2021-3178, CVE-2021-20265, CVE-2021-3612, CVE-2021-32399, CVE-2021-37159, CVE-2014-4508, CVE-2021-28972, CVE-2021-34693, CVE-2021-20292

ELSCVE-666: CVE-2021-34693: can: bcm: fix infoleak in struct bcmmsghead - ELSCVE-705: CVE-2021-38160: virtioconsole: Assure used length from device is limited - ELSCVE-769: CVE-2014-4508: x8632, entry: Do syscall exit work on badsys CVE-2014-4508 - ELSCVE-844: CVE-2021-3573: Bluetooth: use...

7.8CVSS7AI score0.02417EPSS
Exploits3References1
NVD
NVD
added 2021/09/09 8:15 a.m.15 views

CVE-2021-1962

Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint pair and its size in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired...

6.7CVSS0.00147EPSS
Exploits0References1
Prion
Prion
added 2021/09/09 8:15 a.m.21 views

Buffer overflow

Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint pair and its size in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired...

4.6CVSS6.7AI score0.00147EPSS
Exploits0References1
Rows per page
Query Builder