62 matches found
EUVD-2025-14562
Malicious code in bioql PyPI...
EUVD-2023-26952
Malicious code in bioql PyPI...
CVE-2025-20629
Insecure inherited permissions in the NVM Update Utility for some IntelR Ethernet Network Adapter E810 Series before version 4.60 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2025-20629
CVE-2025-20629 affects Intel® NVM Update Utility for the Ethernet Network Adapter E810 Series (prior to v4.60). Root cause: insecure inherited permissions that could allow an authenticated, low-privilege user with local access to escalate privileges. Impact: potential elevation of privilege via l...
CVE-2025-20629
Insecure inherited permissions in the NVM Update Utility for some IntelR Ethernet Network Adapter E810 Series before version 4.60 may allow an authenticated user to potentially enable escalation of privilege via local access...
Intel® Ethernet Network Adapter E810 Series Advisory
Summary: A potential security vulnerability in some Non-Volatile Memory NVM Update Utility for Intel® Ethernet Network Adapter E810 Series may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-20629...
PT-2025-21104 · Intel · Intel Ethernet Network Adapter E810 Series
Name of the Vulnerable Software and Affected Versions: IntelR Ethernet Network Adapter E810 Series versions prior to 4.60 Description: Insecure inherited permissions in the NVM Update Utility may allow an authenticated user to potentially enable escalation of privilege via local access...
The vulnerability of the update utility for microprogrammed printing systems from HP DeskJet allows a hacker to execute arbitrary code.
The vulnerability of the printer software update utility for HP DeskJet is related to an uncontrolled search path element. Exploiting this vulnerability could allow a hacker to execute arbitrary code using a specially crafted DLL file...
CVE-2024-2209
A user with administrative privileges can create a compromised dll file of the same name as the original dll within the HP printer’s Firmware Update Utility FUU bundle and place it in the Microsoft Windows default downloads directory which can lead to potential arbitrary code execution...
CVE-2024-2209
HP DeskJet printers are affected by CVE-2024-2209 in the Printer Firmware Update Utility (FUU) bundle. A user with administrative privileges can replace the original DLL in the FUU bundle with a malicious DLL of the same name and place it in the Windows default downloads directory, potentially ca...
HP DeskJet 安全漏洞
HP DeskJet is a family of printers from Hewlett-Packard HP in the United States. A security vulnerability exists in HP DeskJet that originates from a user with administrative privileges being able to create a corrupted dll file with the same name as the original dll in the HP Printer Firmware...
PT-2024-2665 · Microsoft +1 · Windows +1
Name of the Vulnerable Software and Affected Versions: HP Printer's Firmware Update Utility FUU bundle affected versions not specified Description: The issue is related to an uncontrolled search path element in the HP printer's Firmware Update Utility FUU bundle. A user with administrative...
The vulnerability of the BIOS loading, update, backup, and recovery utility from the Phoenix WinPhlash flash device (previously known as Phoenix SecureCore Tiano WinFlash) is related to deficiencies in access control mechanisms, allowing attackers to escalate their privileges.
The vulnerability of the BIOS loading, backup, and recovery utility for the Phoenix WinPhlash flash device previously known as Phoenix SecureCore Tiano WinFlash is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges...
CVE-2020-24088
An issue was discovered in MmMapIoSpace routine in Foxconn Live Update Utility 2.1.6.26, allows local attackers to escalate privileges...
CVE-2020-24088
An issue was discovered in MmMapIoSpace routine in Foxconn Live Update Utility 2.1.6.26, allows local attackers to escalate privileges...
CVE-2020-24088
CVE-2020-24088 concerns Foxconn Live Update Utility version 2.1.6.26, where a vulnerability in the MmMapIoSpace routine enables local privilege escalation. The description across Red Hat, NVD, and related feeds consistently cites the same local-privilege-elevation issue. No remediation or patch d...
PT-2023-11660 · Foxconn · Foxconn Live Update Utility
Name of the Vulnerable Software and Affected Versions: Foxconn Live Update Utility version 2.1.6.26 Description: An issue was discovered in the MmMapIoSpace routine, allowing local attackers to escalate privileges. Recommendations: For Foxconn Live Update Utility version 2.1.6.26, at the moment,...
CVE-2023-22841
Unquoted search path in the software installer for the System Firmware Update Utility SysFwUpdt for some IntelR Server Boards and IntelR Server Systems Based on IntelR 621A Chipset before version 16.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access...
PT-2023-18720 · Intel · System Firmware Update Utility
Name of the Vulnerable Software and Affected Versions: System Firmware Update Utility SysFwUpdt for some IntelR Server Boards and IntelR Server Systems Based on IntelR 621A Chipset versions prior to 16.0.7 Description: The issue is related to an unquoted search path in the software installer, whi...
Intel® Network Adapter Software Advisory
Summary: A potential security vulnerability in some Intel® Network Adapter installer software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-41314 Description: Uncontrolled search path in some...