CVE-2026-48101

A flaw was found in 7-Zip. This uninitialized memory disclosure vulnerability exists in the UEFI capsule .scap parser. A remote attacker could exploit this by crafting a malicious .scap file, leading to the exposure of sensitive uninitialized heap memory as extracted file content. This could resu...

PoC

Fabricked: Breaking AMD SEV-SNP via Infinity Fabric !CVE-20...

varstored: TOCTOU issues with mapped guest memory

ISSUE DESCRIPTION varstored is a component of the Xapi toolstack handling UEFI Variables for a VM. It has a communication path with OVMF inside the VM involving mapping a buffer prepared by OVMF. Within varstored, there were insufficient compiler barriers, creating TOCTOU issues with data in the...

microcode_ctl: Improper input validation in UEFI firmware

An improper input validation flaw was found in UEFI firmware. Some IntelR processors may allow a privileged user to enable privilege escalation via local access...

microcode_ctl: Improper input validation in UEFI firmware

An improper input validation flaw was found in UEFI firmware. Some IntelR Processors may allow a privileged user to enable privilege escalation via local access...

microcode_ctl: Improper input validation in XmlCli feature for UEFI firmware

An improper input validation flaw was found in the XmlCli feature for UEFI firmware. Some IntelR processors may allow a privileged user to enable privilege escalation via local access...

The vulnerability of UEFI (BIOS) microprogramming software in Huawei personal computers allows a hacker to execute arbitrary code.

The vulnerability of UEFI BIOS in Huawei personal computers is related to errors in processing input data length parameters in the SMRAM region. Exploiting this vulnerability can allow an attacker to execute arbitrary code in System Management Mode SMM...

Insyde InsydeH2O Security Breach

Insyde InsydeH2O is a C source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O. An attacker could exploit this vulnerability to...

SUSE CVE-2021-0071

Improper input validation in firmware for some IntelR PROSet/Wireless WiFi in UEFI may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access...

CVE-2022-43779

A potential Time-of-Check to Time-of-Use TOCTOU vulnerability has been identified in certain HP PC products using AMI UEFI Firmware system BIOS which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential vulnerabili...

Insyde InsydeH2O 缓冲区错误漏洞

Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the traditional BIOS Basic Input/Output System. Operating System H2O UEFI firmware suffers from a buffer overflow vulnerability that could be exploite...

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the traditional BIOS Basic Input/Output System. Operating System H2O UEFI firmware contains a security vulnerability that can be exploited by attacker...

KB5010794: Out-of-band update for Windows 8.1 and Windows Server 2012 R2: January 17, 2022

KB5010794: Out-of-band update for Windows 8.1 and Windows Server 2012 R2: January 17, 2022 Summary This update resolves the following issues: Virtual machines VMs located on a server that has Unified Extensible Firmware Interface UEFI enabled fail to start after installing the January 11, 2022...

CVE-2022-21899

Windows Extensible Firmware Interface Security Feature Bypass Vulnerability...

PT-2015-7636

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description The issue allows local users to bypass intended securelevel/secureboot restrictions. This is achieved by leveraging improper handling of the secure boot flag across kexec reboot when...