610 matches found
Security Advisory - Inappropriate Interface access Control Vulnerability in a Huawei PC Product
A Huawei PC product has a vulnerability in improper interface access control. Successful exploitation of this vulnerability may cause SMRAM leaks.Vulnerability ID:HWPSIRT-2023-98172 This vulnerability has been assigned a CVEID:CVE-2023-52712...
Security Advisory - Huawei PC Product Vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer
A Huawei PC product is vulnerable to improper restriction of operations within the bounds of a memory buffer. Successful exploitation of this vulnerability could compromise SMRAM memory, resulting in code execution in SMM.Vulnerability ID:HWPSIRT-2023-11450 This vulnerability has been assigned a...
CVE-2024-25942
Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability. A physical high privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM...
CVE-2024-25942
Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability. A physical high privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM...
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS Input Validation Error Vulnerability
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS are both products of Dell, Inc.Dell PowerEdge Server BIOS is a system update driver from Dell.Dell Precision Rack BIOS is a Dell Precision Rack BIOS is a BIOS utility for high-performance workstation products. An input validation error...
CVE-2024-0162
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to out-of-bound read/writes to SMRAM...
CVE-2024-0162
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to out-of-bound read/writes to SMRAM...
CVE-2024-0162
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to out-of-bound read/writes to SMRAM...
CVE-2024-0162
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS are affected by an Improper SMM communication buffer verification vulnerability that enables out-of-bounds reads/writes to SMRAM via a local, low-privilege attacker. Affected components are the BIOS implementations for Dell PowerEdge Server ...
CVE-2024-0161
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM...
Design/Logic Flaw
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM...
CVE-2024-0161
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM...
CVE-2024-0161
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS are affected by an improper SMM communication buffer verification vulnerability, enabling a local, low-privileged attacker to potentially perform arbitrary writes to SMRAM. The issue stems from a faulty SMM buffer validation in the BIOS/firm...
CVE-2024-0161
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM...
SUSE SLES15 Security Update : kernel-firmware (SUSE-SU-2023:4654-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4654-1 advisory. - Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds...
SUSE CVE-2022-23820
Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution...
CVE-2022-23820
Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution...
CVE-2022-23820
Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution...
CVE-2023-39283
An SMM memory corruption vulnerability in the SMM driver SMRAM write in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could lead to privilege escalation...
Memory corruption
An SMM memory corruption vulnerability in the SMM driver SMRAM write in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could lead to privilege escalation...