Lucene search
K

205 matches found

OSV
OSV
added 2023/11/14 7:15 p.m.2 views

CVE-2023-20521

TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service...

5.7CVSS5.8AI score0.00257EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.5 views

PT-2023-12738 · Unknown +1 · System Management Mode +1

Name of the Vulnerable Software and Affected Versions: System Management Mode SMM affected versions not specified Description: The issue is related to improper access control in System Management Mode SMM, which may allow an attacker to write to SPI ROM, potentially leading to arbitrary code...

9.8CVSS7.8AI score0.00989EPSS
Exploits0References9
CNNVD
CNNVD
added 2023/11/14 12:0 a.m.5 views

AMD System Management Mode Security Vulnerability

AMD System Management Mode is a system management mode from Ultraviolet Semiconductor AMD. A CPU execution mode. A security vulnerability exists in AMD System Management Mode that stems from improper access control in System Management Mode SMM that could allow an attacker to write to the SPI ROM...

9.8CVSS7.8AI score0.00989EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/11/10 12:0 a.m.7 views

PT-2024-14722

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Linux kernel where a synchronous transfer can be active during a system suspend, causing a null pointer dereference exception when the system resumes. This...

4.7CVSS5.9AI score0.00181EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/09/04 12:0 a.m.9 views

PT-2023-9478 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the SPI peripheral in the Linux kernel, where sometimes RX SPI transfers with DMA enabled return corrupted data due to single or multiple bytes lost during DMA...

7.8CVSS6.5AI score0.08555EPSS
Exploits7References1099
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: regmap: spi: Reserve space for register address/padding

In the Linux kernel, the following vulnerability has been resolved: regmap: spi: Reserve space for register address/padding Currently the maxrawread and maxrawwrite limits in regmapspi struct do not take into account the additional size of the transmitted register address and padding. This may...

5.5CVSS6.3AI score0.00194EPSS
Exploits0References5
OSV
OSV
added 2023/03/23 5:15 p.m.4 views

CVE-2023-20082

A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This...

6.8CVSS6.6AI score0.00375EPSS
Exploits0References1
OSV
OSV
added 2023/03/03 1:15 p.m.3 views

CVE-2022-45552

An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive information via SPI bus interface connected to pinout of the NAND flash memory...

7.5CVSS5.8AI score0.00846EPSS
Exploits1References3
OSV
OSV
added 2023/01/13 1:15 a.m.5 views

CVE-2022-42275

NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. This may lead to a loss of integrity and denial of service...

7.1CVSS5.8AI score0.00196EPSS
Exploits0References1
OSV
OSV
added 2022/11/21 5:15 p.m.3 views

CVE-2022-35897

An stack buffer overflow vulnerability leads to arbitrary code execution issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. If the attacker modifies specific UEFI variables, it can cause a stack overflow, leading to arbitrary code execution. The specific variables are normally...

6.8CVSS6.6AI score0.00357EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/06/30 12:0 a.m.2 views

Ampere Computing Ampere Altra 安全漏洞

The Ampere Computing Ampere Altra is an 80-core server processor from Ampere Computing, USA. A security vulnerability exists in the Ampere Computing Ampere Altra that stems from a UEFI-accessible Altra reference design that allows insecure access to the SPI-NOR by operating system/manager...

9.8CVSS8.3AI score0.0122EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/05/12 12:0 a.m.4 views

PT-2022-9724 · Amd · Athlon™ Series +53

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a failure to verify the protocol in SMM, which may allow an attacker to control the protocol and modify SPI flash, potentially...

7.8CVSS7.5AI score0.00268EPSS
Exploits0References4
OSV
OSV
added 2021/11/16 7:15 p.m.7 views

CVE-2020-12961

A potential vulnerability exists in AMD Platform Security Processor PSP that may allow an attacker to zero any privileged register on the System Management Network which may lead to bypassing SPI ROM protections...

7.8CVSS5.8AI score0.0024EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/05/24 12:0 a.m.5 views

PT-2021-9138 · Zephyr · Zephyr

Name of the Vulnerable Software and Affected Versions: Zephyr versions = v1.14.2, = v2.2.0 Description: The issue concerns Missing Size Checks in Bluetooth HCI over SPI, which involves Improper Handling of Length Parameter Inconsistency. Recommendations: For Zephyr versions = v1.14.2, = v2.2.0, a...

8.8CVSS8.6AI score0.00486EPSS
Exploits0References3
CNVD
CNVD
added 2020/05/11 12:0 a.m.2 views

Linux kernel denial of service vulnerability (CNVD-2020-28264)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the drivers/spi/spi-dw.c file in Linux kernel versions prior to 5.4.17. An attacker can exploit this vulnerability to cause a denial...

5.5CVSS6.1AI score0.00652EPSS
Exploits1References1
OSV
OSV
added 2020/05/09 9:15 p.m.3 views

UBUNTU-CVE-2020-12769

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dwspiirq and dwspitransferone, aka CID-19b61392c5a8...

5.5CVSS6.7AI score0.00652EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2019/12/22 12:0 a.m.7 views

Vulnerability of the spi_gpio_probe() function (drivers/spi/spi-gpio.c) in the Linux kernel, allowing a hacker to cause a service failure

The vulnerability of the spigpioprobe function drivers/spi/spi-gpio.c in the Linux kernel involves uncontrolled resource consumption. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

7.8CVSS7.3AI score0.02848EPSS
Exploits0References11Affected Software2
CNVD
CNVD
added 2017/10/11 12:0 a.m.3 views

Intel SPI Write Protection Local Security Bypass Vulnerability

Intel NUC7i3BNK, etc. are CPU Central Processing Unit products of Intel Corporation USA. A local security bypass vulnerability exists in Intel SPI Write Protection, which can be exploited by a local attacker to bypass certain security restrictions...

8.4CVSS6.8AI score0.00381EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/08/23 12:0 a.m.8 views

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Android operating system’s Serial Peripheral Interface driver is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges through a specially created application...

7.6CVSS7.2AI score0.00346EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2016/07/11 2:0 a.m.2 views

CVE-2016-3807

The serial peripheral interface driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 28402196...

7.8CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder