CVE-2021-33124

Out-of-bounds write in the BIOS authenticated code module for some IntelR Processors may allow a privileged user to potentially enable aescalation of privilege via local access...

CVE-2021-0159

Improper input validation in the BIOS authenticated code module for some IntelR Processors may allow a privileged user to potentially enable aescalation of privilege via local access...

EUVD-2021-19818

Malware in sbrugna...

EUVD-2022-39053

Malicious code in bioql PyPI...

CVE-2020-8739

Use of potentially dangerous function in Intel BIOS platform sample code for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-36337

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow vulnerability in the MebxConfiguration driver leads to arbitrary code execution. Control of a UEFI variable under the OS can cause this overflow when read by BIOS code...

Stack overflow

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow vulnerability in the MebxConfiguration driver leads to arbitrary code execution. Control of a UEFI variable under the OS can cause this overflow when read by BIOS code...

CVE-2022-36337

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow vulnerability in the MebxConfiguration driver leads to arbitrary code execution. Control of a UEFI variable under the OS can cause this overflow when read by BIOS code...

CVE-2022-36337

CVE-2022-36337 affects Insyde InsydeH2O, with kernel 5.0–5.5. A stack buffer overflow in the MebxConfiguration driver can cause arbitrary code execution when a UEFI variable is read by BIOS code, potentially enabling local compromise. Remediation guidance present in PT-2022-23314 suggests tempora...

CVE-2021-0159

Improper input validation in the BIOS authenticated code module for some IntelR Processors may allow a privileged user to potentially enable aescalation of privilege via local access...

CVE-2021-33124

Out-of-bounds write in the BIOS authenticated code module for some IntelR Processors may allow a privileged user to potentially enable aescalation of privilege via local access...

CVE-2018-3639 - Citrix XenServer Security Update

Description of Problem CVE-2018-3639 Speculative Store Bypass Disable is an issue that may affect third-party software that runs in guest VMs on Citrix XenServer. This is not an issue caused by Citrix XenServer and Citrix is unaware of any means of exploiting this issue against XenServer itself...

The vulnerability affects the implementation of the AMD Secure Processor technology in CPUs such as Ryzen, Ryzen Pro, Ryzen Mobile, and EPYC Server. This allows malicious code to be injected into a computer’s BIOS.

The vulnerability of AMD Secure Processor-based processors, such as Ryzen, Ryzen Pro, Ryzen Mobile, and EPYC Server, stems from the absence of a mechanism for detecting damage to flash memory contents. Exploiting this vulnerability allows an attacker who has access to the targeted computer and...

The vulnerability affects the implementation of the AMD Secure Processor technology in CPUs such as Ryzen, Ryzen Pro, Ryzen Mobile, and EPYC Server. This allows malicious code to be injected into a computer’s BIOS.

The vulnerability of AMD Secure Processor-based processors, such as Ryzen, Ryzen Pro, Ryzen Mobile, and EPYC Server, stems from the absence of a mechanism for detecting damage to flash memory contents. Exploiting this vulnerability allows an attacker who has access to the targeted computer and...

BIOS Code Execution Vulnerability in Multiple Lenovo Products

The Lenovo 320-17AST and others are computer products from the Chinese company Lenovo.BIOS is one of the basic output-input systems. A security vulnerability exists in the BIOS of several Lenovo products, which stems from the program's failure to properly configure write protection. The...