Lucene search
K

206 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-21142

Malicious code in bioql PyPI...

8.2CVSS9.2AI score0.00192EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/30 12:45 a.m.8 views

CVE-2025-4425 SetupAutomationSmm: Stack overflow vulnerability in SMI handler

The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/productsecurity/home...

8.2CVSS0.00182EPSS
Exploits0References2
CVE
CVE
added 2025/07/30 12:45 a.m.19 views

CVE-2025-4425

CVE-2025-4425 concerns InsydeH2O firmware used in Lenovo devices. Concrete details across connected documents indicate a stack overflow in the SMI handler, enabling a local attacker with privileges to potentially gain deep system control. Public sources do not specify affected Lenovo models/versi...

8.2CVSS6.6AI score0.00182EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/30 12:45 a.m.3 views

CVE-2025-4425 SetupAutomationSmm: Stack overflow vulnerability in SMI handler

The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/productsecurity/home...

8.2CVSS7.1AI score0.00182EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/30 12:43 a.m.1 views

CVE-2025-4424 SetupAutomationSmm : Arbitrary calls to SmmSetVariable with unsanitised arguments in SMI handler

The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/productsecurity/home...

6CVSS7.1AI score0.00164EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/13 4:6 p.m.7 views

CVE-2025-7028

A vulnerability in the Software SMI handler SwSmiInputValue 0x20 allows a local attacker to supply a crafted pointer FuncBlock through RBX and RCX register values. This pointer is passed unchecked into multiple flash management functions ReadFlash, WriteFlash, EraseFlash, and GetFlashInfo that...

7.8CVSS7.1AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/13 4:6 p.m.6 views

CVE-2025-7026

A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control the RBX register, which is used as an unchecked pointer in the CommandRcx0 function. If the contents at RBX match certain expected values e.g., '$DB$' or '2DB$', the function performs arbitrary...

8.2CVSS7.5AI score0.00199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/13 4:6 p.m.6 views

CVE-2025-7027

A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control both the read and write addresses used by the CommandRcx1 function. The write target is derived from an unvalidated UEFI NVRAM variable SetupXtuBufferAddress, while the write content is read from a...

8.2CVSS7.4AI score0.00199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/13 4:6 p.m.6 views

CVE-2025-7029

A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control the RBX register, which is used to derive pointers OcHeader, OcData passed into power and thermal configuration logic. These buffers are not validated before performing multiple structured memory...

8.2CVSS7.4AI score0.00192EPSS
Exploits0References1
NVD
NVD
added 2025/07/11 4:15 p.m.7 views

CVE-2025-7028

A vulnerability in the Software SMI handler SwSmiInputValue 0x20 allows a local attacker to supply a crafted pointer FuncBlock through RBX and RCX register values. This pointer is passed unchecked into multiple flash management functions ReadFlash, WriteFlash, EraseFlash, and GetFlashInfo that...

7.8CVSS0.0019EPSS
Exploits0References4
NVD
NVD
added 2025/07/11 4:15 p.m.8 views

CVE-2025-7027

A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control both the read and write addresses used by the CommandRcx1 function. The write target is derived from an unvalidated UEFI NVRAM variable SetupXtuBufferAddress, while the write content is read from a...

8.2CVSS0.00199EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/07/11 3:26 p.m.3 views

CVE-2025-7028 SMM Arbitrary Memory Access via Flash Handler with Unchecked FuncBlock Pointer

A vulnerability in the Software SMI handler SwSmiInputValue 0x20 allows a local attacker to supply a crafted pointer FuncBlock through RBX and RCX register values. This pointer is passed unchecked into multiple flash management functions ReadFlash, WriteFlash, EraseFlash, and GetFlashInfo that...

9AI score0.0019EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/11 3:26 p.m.11 views

CVE-2025-7028 SMM Arbitrary Memory Access via Flash Handler with Unchecked FuncBlock Pointer

A vulnerability in the Software SMI handler SwSmiInputValue 0x20 allows a local attacker to supply a crafted pointer FuncBlock through RBX and RCX register values. This pointer is passed unchecked into multiple flash management functions ReadFlash, WriteFlash, EraseFlash, and GetFlashInfo that...

0.0019EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 6:2 a.m.5 views

CVE-2023-28468

An issue was discovered in FvbServicesRuntimeDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. The FvbServicesRuntimeDxe SMM module exposes an SMI handler that allows an attacker to interact with the SPI flash at run-time from the OS...

6.5CVSS6.8AI score0.00154EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:10 a.m.8 views

CVE-2023-39284

An issue was discovered in IhisiServicesSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There are arbitrary calls to SetVariable with unsanitized arguments in the SMI handler...

5.5CVSS6.9AI score0.00178EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:57 a.m.12 views

CVE-2023-52547

Huawei Matebook D16Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM...

7.8CVSS7.2AI score0.00129EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 1:12 a.m.13 views

CVE-2022-32266

DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe could lead to a TOCTOU attack on the SMI handler and lead to corruption of other ACPI fields and adjacent memory fields. DMA attacks on the parameter buffer used by a software SMI handler used by the...

6.4CVSS6.8AI score0.00174EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:46 a.m.8 views

CVE-2022-4573

An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with local access and elevated privileges to execute arbitrary code...

6.7CVSS7.4AI score0.00189EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:46 a.m.6 views

CVE-2022-33982

DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. DMA attacks on the parameter buffer used by the software SMI handler used by the driver Int15ServiceSmm could lead to a TOCTOU...

6.4CVSS6.9AI score0.00151EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:18 a.m.6 views

CVE-2022-4574

An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code...

6.7CVSS7.4AI score0.00191EPSS
Exploits0References1
Rows per page
Query Builder