Lucene search
K

58 matches found

Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.20 views

Siemens InsydeH2O Time-of-check Time-of-use Race Condition (CVE-2022-32953)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the SdHostDriver buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU...

7CVSS7.5AI score0.00132EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/03/09 8:18 p.m.5 views

CVE-2023-27483 fieldpath's Paved.SetValue allows growing arrays up to arbitrary sizes in crossplane-runtime

crossplane-runtime is a set of go libraries used to build Kubernetes controllers in Crossplane and its related stacks. An out of memory panic vulnerability has been discovered in affected versions. Applications that use the Paved type's SetValue method with user provided input without proper...

5.9CVSS7.5AI score0.00798EPSS
Exploits0References2
OSV
OSV
added 2023/02/15 2:15 p.m.7 views

CVE-2022-32477

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated...

7CVSS6AI score0.00132EPSS
Exploits0References2
OSV
OSV
added 2023/02/15 2:15 p.m.5 views

CVE-2022-32469

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

7CVSS6AI score0.00132EPSS
Exploits0References2
NVD
NVD
added 2023/02/15 2:15 p.m.47 views

CVE-2022-32469

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

7CVSS8AI score0.00132EPSS
Exploits0References2
Prion
Prion
added 2023/02/15 2:15 p.m.26 views

Race condition

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

3.5CVSS7.7AI score0.00132EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/02/15 2:15 p.m.22 views

Race condition

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated...

3.5CVSS7.7AI score0.00132EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/02/15 3:15 a.m.43 views

CVE-2022-32473

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the HddPassword shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

7CVSS7.4AI score0.00132EPSS
Exploits0References2
NVD
NVD
added 2023/02/15 3:15 a.m.20 views

CVE-2022-32476

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the AhciBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

7CVSS7.4AI score0.00132EPSS
Exploits0References2
NVD
NVD
added 2023/02/15 3:15 a.m.34 views

CVE-2022-32470

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using...

7CVSS8AI score0.00132EPSS
Exploits0References2
Prion
Prion
added 2023/02/15 3:15 a.m.21 views

Race condition

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the AhciBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

3.5CVSS7.2AI score0.00132EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/02/15 3:15 a.m.21 views

Race condition

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the SdHostDriver buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU...

3.5CVSS7.7AI score0.00132EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/02/15 3:15 a.m.17 views

Race condition

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using...

3.5CVSS7.7AI score0.00132EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/02/15 3:15 a.m.21 views

Race condition

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the HddPassword shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

3.5CVSS7.2AI score0.00132EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/02/15 2:15 a.m.21 views

CVE-2022-32474

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigat...

7CVSS7.4AI score0.00132EPSS
Exploits0References2
NVD
NVD
added 2023/02/15 2:15 a.m.30 views

CVE-2022-32955

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the NvmExpressDxe buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU...

7CVSS7.4AI score0.00132EPSS
Exploits0References2
NVD
NVD
added 2023/02/15 2:15 a.m.25 views

CVE-2022-32954

An issue was discovered in Insyde InsydeH2O with kernel 5.1 through 5.5. DMA attacks on the SdMmcDevice buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU...

7CVSS8AI score0.00132EPSS
Exploits0References2
NVD
NVD
added 2023/02/15 2:15 a.m.27 views

CVE-2022-32478

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the IdeBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

7CVSS7.4AI score0.00132EPSS
Exploits0References2
Prion
Prion
added 2023/02/15 2:15 a.m.21 views

Race condition

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the IdeBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

3.5CVSS7.2AI score0.00132EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/02/15 2:15 a.m.27 views

Race condition

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigat...

3.5CVSS7.2AI score0.00132EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder