3590 matches found
CVE-2016-3287
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Secure Boot protection mechanism by leveraging administrative access to install a crafted policy, aka "Secure Boot Security Feature Bypass."...
Security feature bypass
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Secure Boot protection mechanism by leveraging administrative access to install a crafted policy, aka "Secure Boot Security Feature Bypass."...
CVE-2016-3287
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Secure Boot protection mechanism by leveraging administrative access to install a crafted policy, aka "Secure Boot Security Feature Bypass."...
CVE-2016-3287
The CVE-2016-3287 vulnerability impacts Microsoft Windows platforms (Windows 8.1, Windows Server 2012/R2, Windows RT 8.1, and Windows 10 TH/1511) where an attacker with local access and administrative privileges can bypass Secure Boot by installing a crafted policy. Root cause: insecure handling ...
Microsoft Windows Secure Boot Security Feature Bypass Vulnerability (3177404)
This host is missing an important security update according to Microsoft Bulletin MS16-094 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
MS16-094: Description of the security update for Secure Boot: July 12, 2016
MS16-094: Description of the security update for Secure Boot: July 12, 2016 Summary This security update resolves a vulnerability in Microsoft Windows that could allow Secure Boot security features to be bypassed if an attacker installs an affected policy on a target device. An attacker must have...
Secure Boot Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists when Windows Secure Boot improperly applies an affected policy. An attacker who successfully exploited this vulnerability could disable code integrity checks, allowing test-signed executables and drivers to be loaded on a target device. In addition, ...
MS16-094: Security update for Secure Boot: July 12, 2016
Resolves a vulnerability in Windows that could allow Secure Boot security features to be bypassed if an attacker installs an affected policy on a target device. An attacker must have either administrative privileges or physical access to install a policy and bypass Secure Boot.SummaryThis securit...
MS16-094: Security Update for Secure Boot (3177404)
The remote Windows host is missing a security update. It is, therefore, affected by a security bypass vulnerability in the Secure Boot component due to improperly applying an affected policy. An attacker who has either administrative privileges or access to the host can exploit this issue, via...
Lenovo ThinkPad BIOS System Management Mode Arbitrary Code Execution Vulnerability
BIOS Basic Input/Output System i.e. Basic Output Input System is the most basic software code loaded on the computer hardware system. The Lenovo ThinkPad BIOS has a security vulnerability that can be exploited by an attacker with local administrative access to execute arbitrary code, disable flas...
Lenovo ThinkPad - System Management Mode Arbitrary Code Execution
Lenovo ThinkPad - System Management Mode Arbitrary Code Execution Source: https://github.com/Cr4sh/ThinkPwn Lenovo ThinkPad System Management Mode arbitrary code execution exploit For more information about this project please read the following article:...
Lenovo ThinkPad - System Management Mode Arbitrary Code Execution
Source: https://github.com/Cr4sh/ThinkPwn Lenovo ThinkPad System Management Mode arbitrary code execution exploit For more information about this project please read the following article: http://blog.cr4.sh/2016/06/exploring-and-exploiting-lenovo.html This code exploits 0day privileges escalatio...
Lenovo ThinkPad - System Management Mode Arbitrary Code Execution
Exploit for windows platform in category local exploits Source: https://github.com/Cr4sh/ThinkPwn Lenovo ThinkPad System Management Mode arbitrary code execution exploit For more information about this project please read the following article:...
SUSE-SU-2015:2399-1 Security update for grub2
This update for grub2 provides the following fixes and enhancements: Security issue fixed: - Fix buffer overflows when reading username and password. bsc956631, CVE-2015-8370 Non security issues fixed: - Expand list of grub.cfg search path in PV Xen guests for systems installed on btrfs snapshots...
Scientific Linux Security Update : grub2 on SL7.x x86_64 (20151119)
It was discovered that grub2 builds for EFI systems contained modules that were not suitable to be loaded in a Secure Boot environment. An attacker could use this flaw to circumvent the Secure Boot mechanisms and load non- verified code. Attacks could use the boot menu if no password was set, or...
CentOS 7 : grub2 (CESA-2015:2401)
Updated grub2 packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
grub2 security update
CentOS Errata and Security Advisory CESA-2015:2401 Updated grub2 packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scori...
Red Hat Enterprise Linux grub2 Package Code Execution Vulnerability
Red Hat Enterprise Linux RHEL is a set of Linux operating systems maintained and distributed by Red Hat for business users. A security vulnerability exists in the RHEL 7 version of the grub2 program package prior to version 2.02-0.29. When the program is used on a UEFI system, a local attacker ca...
CVE-2015-5281
The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux RHEL 7, when used on UEFI systems, allows local users to bypass intended Secure Boot restrictions and execute non-verified code via a crafted 1 multiboot or 2 multiboot2 module in the configuration file or physically proximate attacke...
CVE-2015-5281
The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux RHEL 7, when used on UEFI systems, allows local users to bypass intended Secure Boot restrictions and execute non-verified code via a crafted 1 multiboot or 2 multiboot2 module in the configuration file or physically proximate attacke...