219 matches found
CVE-2019-11125
Insufficient input validation in system firmware for IntelR NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access...
Input validation
Insufficient input validation in system firmware for IntelR NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access...
CVE-2019-11128
The CVE-2019-11128 entry affects Intel® NUC firmware. Root cause: insufficient input validation in system firmware for Intel NUC Kit. Impact: escalation of privilege, denial of service, and/or information disclosure via local access (local attack vector). Intel advisory lists CVSS v3.0 base score...
CVE-2019-11124
Out of bound read/write in system firmware for IntelR NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access...
CVE-2019-11129
Out of bound read/write in system firmware for IntelR NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access...
CVE-2019-11126
Pointer corruption in system firmware for IntelR NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access...
Intel NUC Kit Buffer Overflow Vulnerability (CNVD-2019-25502)
The Intel NUC Kit is a small desktop computer from Intel Corporation USA. A buffer overflow vulnerability exists in the system firmware in the Intel NUC Kit, which can be exploited by a local attacker to elevate privileges, cause a denial of service and/or disclose information...
CVE-2019-6321
HP has identified a security vulnerability with some versions of Workstation BIOS UEFI Firmware where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default...
Debian DSA-4444-1 : linux - security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures buffers. This flaw could allow an attacker controlling an unprivileged process to read sensitive...
Input validation
Insufficient input validation in system firmware for IntelR Broadwell U i5 vPro before version MYBDWi5v.86A may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access...
CVE-2019-0163
Insufficient input validation in system firmware for IntelR Broadwell U i5 vPro before version MYBDWi5v.86A may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access...
EDK2 Buffer Overflow Vulnerability
EDK2 is a set of cross-platform firmware development environment based on UEFI and PI specifications. A buffer overflow vulnerability exists in the system firmware of EDK2. An attacker could exploit this vulnerability to elevate privileges and cause a denial of service...
CVE-2018-12179
Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access...
DEBIAN-CVE-2018-12179
Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access...
CVE-2019-0160
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access...
Buffer overflow
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access...
Design/Logic Flaw
Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access...
CVE-2019-0160
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access...
CVE-2019-0160
CVE-2019-0160 is a buffer overflow in EDK II system firmware (OVMF) that could allow an unauthenticated user to escalate privileges and/or cause a denial of service via network access. The issue is cited across multiple advisories (e.g., Ubuntu USN-6920-1, Oracle Linux ELSA-2019-2125, CentOS/CESA...
CVE-2019-0160
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access...