Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-33448

Malicious code in bioql PyPI...

5.9CVSS6.1AI score0.00395EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/20 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-50370

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: i2c: designware: Fix handling of real but unexpected device interrupts Commit c7b79a752871...

5.5CVSS5.9AI score0.00189EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/07/24 8:17 p.m.3 views

Security update for ovmf

This update for ovmf fixes the following issues: CVE-2024-1298: Fixed potential UINT32 overflow in S3 ResumeCount bsc1225889. Other fixes: Fixed Kubevirt GPU passthrough failure bsc1245542 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

6CVSS7AI score0.00217EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2024/12/17 12:52 p.m.3 views

Security update for ovmf

This update for ovmf fixes the following issues: CVE-2024-1298: MdeModulePkg: Potential UINT32 overflow in S3 ResumeCount bsc1225889 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...

6CVSS6.9AI score0.00217EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2024/11/28 7:57 a.m.3 views

Security update for ovmf

This update for ovmf fixes the following issues: CVE-2024-1298: Fixed potential UINT32 overflow in S3 ResumeCount bsc1225889. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...

6CVSS6.9AI score0.00217EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/09/19 3:9 p.m.7 views

kernel: save/restore speculative MSRs during S3 suspend/resume

A flaw was found in the Linux kernel X86 CPU Power management when resuming CPU from suspend-to-RAM. This issue could allow a local user unauthorized access to memory from the CPU...

5.5CVSS6.6AI score0.00223EPSS
Exploits0References6
OSV
OSV
added 2023/05/09 8:15 p.m.5 views

CVE-2021-46792

Time-of-check Time-of-use TOCTOU in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service...

5.9CVSS5.8AI score0.00395EPSS
Exploits0References1
NVD
NVD
added 2023/05/09 8:15 p.m.38 views

CVE-2021-46792

Time-of-check Time-of-use TOCTOU in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service...

5.9CVSS6.6AI score0.00395EPSS
Exploits0References1
Prion
Prion
added 2023/05/09 8:15 p.m.27 views

Design/Logic Flaw

Time-of-check Time-of-use TOCTOU in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service...

2.6CVSS6.5AI score0.00395EPSS
Exploits0References1Affected Software55
Cvelist
Cvelist
added 2023/05/09 7:1 p.m.40 views

CVE-2021-46792

Time-of-check Time-of-use TOCTOU in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service...

6.8AI score0.00395EPSS
Exploits0References1
NVD
NVD
added 2022/09/20 6:15 p.m.33 views

CVE-2022-40246

A potential attacker can write one byte by arbitrary address at the time of the PEI phase only during S3 resume boot mode and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines V...

7.2CVSS0.00463EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/09/20 5:35 p.m.10 views

CVE-2022-40246 Arbitrary write vulnerability in SbPei module leads to arbitrary code execution during PEI phase.

A potential attacker can write one byte by arbitrary address at the time of the PEI phase only during S3 resume boot mode and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines V...

6.9AI score0.00463EPSS
Exploits1References2
CVE
CVE
added 2022/09/20 5:35 p.m.56 views

CVE-2022-40246

CVE-2022-40246 concerns the SbPei module and a byte-write during the PEI phase (specifically on S3 resume) that can influence subsequent boot stages. Affected component is SbPei; root cause is arbitrary one-byte write at an address during PEI, enabling mitigations bypass, disclosure of physical m...

7.2CVSS6.8AI score0.00463EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/09/20 5:35 p.m.29 views

CVE-2022-40246 Arbitrary write vulnerability in SbPei module leads to arbitrary code execution during PEI phase.

A potential attacker can write one byte by arbitrary address at the time of the PEI phase only during S3 resume boot mode and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines V...

7AI score0.00463EPSS
Exploits1References2
OSV
OSV
added 2020/09/01 10:15 p.m.5 views

CVE-2020-8341

In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers PRx. After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPa...

2.4CVSS6.3AI score0.00347EPSS
Exploits0References1
Hewlett-Packard
Hewlett-Packard
added 2019/03/14 12:0 a.m.33 views

HPSBHF03609 rev. 3 - TPM Platform Configuration Vulnerability After S3 Resume

Potential Security Impact Information Disclosure, Denial of Service, Escalation of Privilege Source: HP, HP Product Security Response Team PSRT Reported by: Seunghun Han, National Security Research Institute VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with the...

7.8CVSS1.2AI score0.00519EPSS
Exploits0
Intel
Intel
added 2015/08/13 12:0 a.m.13 views

Configuration Bypass During S3 Resume

Summary: System firmware of certain products does not completely protect platform configuration data. Description: During resume from sleep, system firmware needs to reinitialize hardware to a secured configuration. In order to protect against malware that has already compromised an OS, firmware...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/07/18 12:0 a.m.45 views

Mandrake Linux Security Advisory : kernel (MDKSA-2006:123)

A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel : The kernel did not clear sockaddrin.sinzero before returning IPv4 socket names for the getsockopt function, which could allow a local user to obtain portions of potentially sensitive memory if getsockopt is called...

10CVSS6.8AI score0.06797EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2006/05/19 12:0 a.m.53 views

Mandrake Linux Security Advisory : kernel (MDKSA-2006:086)

A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel : Prior to Linux kernel 2.6.16.5, the kernel does not properly handle uncanonical return addresses on Intel EM64T CPUs which causes the kernel exception handler to run on the user stack with the wrong GS...

7.8CVSS5.8AI score0.04342EPSS
Exploits0References9
Rows per page
Query Builder