Lucene search
+L

90 matches found

OSV
OSV
added 2023/02/15 2:15 a.m.6 views

CVE-2022-32478

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the IdeBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

7CVSS6AI score0.00132EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/02/15 12:0 a.m.5 views

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a C source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification, designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O with kernel versions 5.1 through 5.5. An attacker...

7CVSS7.5AI score0.00132EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/02/15 12:0 a.m.4 views

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a C source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification, designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O with kernel versions 5.0 through 5.5. An attacker...

7CVSS7.5AI score0.00132EPSS
Exploits0References3
OSV
OSV
added 2023/02/01 6:15 a.m.6 views

CVE-2022-34403

Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM...

8.8CVSS6.5AI score0.00166EPSS
Exploits0References1
OSV
OSV
added 2023/02/01 5:15 a.m.3 views

CVE-2022-34400

Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM...

7.1CVSS6.2AI score0.00208EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/02/01 12:0 a.m.5 views

Dell BIOS 缓冲区错误漏洞

The Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell USA. A security vulnerability exists in Dell BIOS that stems from the presence of a heap buffer overflow vulnerability that could be exploited by a local attacker with administrator privileges to perform...

7.1CVSS7.5AI score0.00208EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.4 views

Dell BIOS 输入验证错误漏洞

Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell USA. The Dell BIOS has a security vulnerability that originates from incorrect input validation. An attacker could exploit this vulnerability to execute arbitrary code in SMRAM using the SMI Serial Interface...

7.8CVSS7.9AI score0.00175EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.6 views

Dell BIOS 输入验证错误漏洞

Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, U.S.A. An input validation error vulnerability exists in Dell BIOS, which stems from incorrect input validation. An attacker could use the SMI Serial Interface to execute arbitrary code in SMRAM...

7.5CVSS7.5AI score0.00205EPSS
Exploits0References2
OSV
OSV
added 2022/11/15 12:15 a.m.7 views

CVE-2022-33984

DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the SdMmcDevice driver could cause SMRAM corrupti...

7CVSS5.8AI score0.00151EPSS
Exploits0References3
OSV
OSV
added 2022/11/15 12:15 a.m.6 views

CVE-2022-33908

DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the SdHostDriver driver could cause SMRAM...

7CVSS5.8AI score0.00132EPSS
Exploits0References2
OSV
OSV
added 2022/11/15 12:15 a.m.4 views

CVE-2022-31243

Update description and links DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption through a TOCTOU attack.. "DMA transactions which are targeted at input buffers used for the software SMI handl...

6.4CVSS5.8AI score0.00151EPSS
Exploits0References3
OSV
OSV
added 2022/11/14 11:15 p.m.6 views

CVE-2022-33907

DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack... DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cau...

6.4CVSS5.8AI score0.00151EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/11/14 12:0 a.m.4 views

Insyde InsydeH2O 安全漏洞

The RUGGEDCOM APE1808 is a utility-level application hosting platform that allows you to deploy a range of commercial applications for edge computing and network security in harsh industrial environments. a competitive condition vulnerability exists in the Siemens RUGGEDCOM APE1808 product family...

6.4CVSS6.7AI score0.00151EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/11/14 12:0 a.m.4 views

Insyde InsydeH2O 安全漏洞

The RUGGEDCOM APE1808 is a utility-level application hosting platform that allows you to deploy a range of commercial applications for edge computing and network security in harsh industrial environments. a competitive condition vulnerability exists in the Siemens RUGGEDCOM APE1808 product family...

6.4CVSS6.7AI score0.00151EPSS
Exploits0References7
OSV
OSV
added 2022/10/12 8:15 p.m.3 views

CVE-2022-32489

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM...

7.8CVSS6.3AI score0.00229EPSS
Exploits0References1
OSV
OSV
added 2022/10/12 8:15 p.m.4 views

CVE-2022-32488

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM...

7.8CVSS6.3AI score0.00229EPSS
Exploits0References1
OSV
OSV
added 2022/10/12 8:15 p.m.2 views

CVE-2022-32485

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM...

7.8CVSS6.3AI score
Exploits0References1
OSV
OSV
added 2022/10/12 8:15 p.m.4 views

CVE-2022-32493

Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM...

7.8CVSS6.3AI score0.00181EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/10/12 12:0 a.m.6 views

Dell BIOS 输入验证错误漏洞

Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, U.S.A. An input validation error vulnerability exists in Dell BIOS, which could be exploited by a locally authenticated attacker to obtain arbitrary code execution in SMRAM using SMI...

7.8CVSS7.5AI score0.00204EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/12 12:0 a.m.8 views

Dell BIOS 输入验证错误漏洞

Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, U.S.A. An input validation error vulnerability exists in Dell BIOS, which could be exploited by a locally authenticated attacker to obtain arbitrary code execution in SMRAM using SMI...

7.8CVSS7.5AI score0.00204EPSS
Exploits0References2
Rows per page
Query Builder