Astra Linux - уязвимость в edk2

EDK2 contains a vulnerability in the BIOS, where a user can cause an Integer Overflow or Wrap-around error through network means. Successful exploitation of this vulnerability may lead to a denial of service...

PT-2026-33341

Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, leading to unauthorized access...

CVE-2025-58770

APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient Permissions or Privileges” by local access. Successful exploitation of this vulnerability can lead to escalation of authorization and potentially impact Integrity and Availability...

Ring-Selector-Bios-Kernel-Smm-Exploit-

Ring-S...

Dell PowerEdge Platform 14G AMD BIOS Information Disclosure Vulnerability

Dell PowerEdge Platform 14G AMD BIOS is a BIOS system from Dell USA. The Dell PowerEdge Platform 14G AMD BIOS suffers from an information disclosure vulnerability that originates from end-of-buffer memory location access, which can be exploited by an attacker to gain access to internal system...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of the BIOS version in the lpfc driver, which could lead to a buffer overflow...

Intel BIOS PPAM 安全漏洞

Intel Bios is a basic input-output system used by Intel Corporation USA to perform hardware initialization during the power-on startup phase, as well as firmware that provides runtime services to the operating system. A security vulnerability exists in the Intel BIOS PPAM firmware that stems from...

Intel BIOS Guard firmware 安全漏洞

Intel Bios is a basic input-output system used by Intel Corporation USA to perform hardware initialization during the power-on boot phase, as well as firmware that provides runtime services to the operating system. A security vulnerability exists in the Intel BIOS Guard firmware that stems from t...

PT-2023-20279 · Intel · Intel Processors

Name of the Vulnerable Software and Affected Versions: IntelR Processors affected versions not specified Description: The issue is related to an out-of-bounds read in the BIOS firmware for some IntelR Processors. This may allow an authenticated user to potentially enable escalation of privilege v...

PT-2023-27005 · Ami · Ami Aptiov

Name of the Vulnerable Software and Affected Versions: AMI AptioV affected versions not specified Description: The issue is related to improper input validation in the BIOS of AMI AptioV, which can be exploited via the local network. A successful exploit may result in a loss of confidentiality,...

CVE-2023-25937

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable...

PT-2023-12910 · Hewlett Packard · Hp Bios

Name of the Vulnerable Software and Affected Versions: HP BIOS affected versions not specified Description: A potential Time-of-Check to Time-of-Use TOCTOU issue has been identified in the HP BIOS for certain HP PC products. This may allow for arbitrary code execution, denial of service, and...

Intel Bios 安全漏洞

Intel Bios is a basic input-output system from Intel Corporation USA used to perform hardware initialization during the power-on boot phase, as well as firmware that provides runtime services to the operating system. A security vulnerability exists in Intel Bios. An attacker could exploit the...

HP PC 安全漏洞

HP PC is a computer product of Hewlett-Packard HP Company, USA. The HP PC has a security vulnerability that stems from a potential flaw in the BIOS UEFI firmware that could allow arbitrary code execution...

CVE-2021-26343

Insufficient validation in ASP BIOS and DRTM commands may allow malicious supervisor x86 software to disclose the contents of sensitive memory which may result in information disclosure...

CVE-2021-26316

Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM System Management Mode arbitrary code execution...

PT-2022-23627 · Intel · Intel Nuc 10 Performance Mini Pcs +1

Name of the Vulnerable Software and Affected Versions: IntelR NUC 10 Performance Kits and IntelR NUC 10 Performance Mini PCs versions prior to FNCML357.0053 Description: The issue is related to improper access control in BIOS firmware, which may allow a privileged user to enable escalation of...

HP PC 安全漏洞

HP PC is a computer product of Hewlett-Packard HP Company, USA. A security vulnerability exists in the HP PC BIOS that allows privilege escalation, arbitrary code execution, unauthorized code execution, denial of service, and information disclosure...

Intel(R) Processors Elevation of Privilege Vulnerability

Intel Microprocessors are microprocessor CPU products from the American company Intel. Intel Processors suffers from an elevation of privilege vulnerability that stems from the fact that the use of potentially dangerous functionality in the Intel BIOS platform sample code could allow an...

reblog

Defeating a Laptop's BIOS Password We found a laptop laying a...