Lucene search
K

5587 matches found

Cvelist
Cvelist
added 2026/06/25 8:38 a.m.31 views

CVE-2026-53136 drm/amd/display: Clamp VBIOS HDMI retimer register count to array size

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp VBIOS HDMI retimer register count to array size Why & How The VBIOS integrated info tables v111 and v21 contain HdmiRegNum and Hdmi6GRegNum fields that are used as loop bounds when copying retimer I2C...

0.00129EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 8:38 a.m.2 views

CVE-2026-53136 drm/amd/display: Clamp VBIOS HDMI retimer register count to array size

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp VBIOS HDMI retimer register count to array size Why & How The VBIOS integrated info tables v111 and v21 contain HdmiRegNum and Hdmi6GRegNum fields that are used as loop bounds when copying retimer I2C...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52234

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel within the drm/amd/display component. Record-chain walk loops in bios parser.c and bios parser2.c utilize for;; loops that only terminate upon...

8.8CVSS6AI score0.00247EPSS
Exploits0References380
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: Platform/x86: hp-bioscfg: Fixed kernel panic in the GETINSTANCEID macro. The GETINSTANCEID macro caused a kernel panic when accessing sysfs attributes: 1. Off-by-one error: The loop condition used name without checking whether...

5.5CVSS6AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: dm: Clearing the clone request’s bio pointer when the last cloned bio is freed It was observed that stale values of rq-bio could lead to double initialization of cloned bios in request-based device-mapper targets, resulting in...

7.8CVSS5.8AI score0.00117EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Intel Microcode

Improper access control for some 3rd Generation IntelR XeonR Scalable Processors before the BIOS version MR7 may allow a local attacker to potentially enable information disclosure through local access...

5.5CVSS6.3AI score0.00306EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/17 2:30 a.m.16 views

SUSE CVE-2024-38798

EDK2 contains a vulnerability in BIOS where an attacker may cause “Exposure of Sensitive Information to an Unauthorized Actor” by local access. Successful exploitation of this vulnerability will lead to possible information disclosure or escalation of privilege and impact Confidentiality...

5.8CVSS5.3AI score0.00123EPSS
Exploits0References3
HPE Security Bulletins
HPE Security Bulletins
added 2026/06/17 12:0 a.m.5 views

HPESBHF05071 rev.1 - Certain HPE SimpliVity AMD Servers Using Certain AMD EPYC Processors, AMD-SB-3039: AMD Secure Processor (ASP) Non-Coherent Memory Access Vulnerability

Potential Security Impact: Local: Compromise of System Integrity SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SimpliVity 325 Gen11 - Prior to SimpliVity Gen11 Support Pack SVTSP - 2026-0605 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2025-54509...

4CVSS6.1AI score0.00127EPSS
Exploits0
HPE Security Bulletins
HPE Security Bulletins
added 2026/06/17 12:0 a.m.5 views

HPESBHF05055 rev.1 - Certain HPE SimpliVity Servers Using Certain Intel Processors, INTEL-SA-01413, UEFI Reference Firmware Advisory, Local Disclosure of Information Vulnerability

Potential Security Impact: Local: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SimpliVity 380 Gen11 - Prior to SimpliVity Gen11 Support Pack SVTSP 2026-0605 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2025-35991 |...

5.6CVSS6.1AI score0.00095EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.11 views

CVE-2025-10238

During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode SMM...

8.4CVSS5.7AI score0.00121EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/11 12:32 a.m.11 views

EUVD-2024-55617

Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to potentially overwrite guest memory resulting in loss of guest data integri...

5.3CVSS6.9AI score0.00222EPSS
Exploits0References2
NVD
NVD
added 2026/06/10 11:16 p.m.9 views

CVE-2024-21944

Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to potentially overwrite guest memory resulting in loss of guest data integri...

5.3CVSS0.00222EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 9:54 p.m.22 views

CVE-2024-21944

CVE-2024-21944 maps to an AMD SEV-SNP/ASP issue where SPD metadata can be improperly validated. Research show BadRAM-style exploits that can cause a memory module to misreport size, enabling a local attacker with ring0 or physical access to overwrite guest memory and compromise guest data integri...

5.3CVSS6.9AI score0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/10 9:54 p.m.28 views

CVE-2024-21944

Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to potentially overwrite guest memory resulting in loss of guest data integri...

5.3CVSS0.00222EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.14 views

CVE-2026-40639

Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges...

5.7CVSS5.4AI score0.00119EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 2:11 p.m.12 views

EUVD-2025-210108

During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode SMM...

8.4CVSS5.7AI score0.00121EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/10 2:11 p.m.10 views

CVE-2025-10238

During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode SMM...

8.4CVSS5.7AI score0.00121EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.17 views

Lenovo ThinkPad 缓冲区错误漏洞

The Lenovo ThinkPad is a portable computer by the company Lenovo. The Lenovo ThinkPad has a buffer error vulnerability, which stems from an out-of-bounds write issue in the BIOS. This vulnerability may allow privileged local users to execute code in the system management mode...

8.4CVSS5.9AI score0.00121EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 7:17 p.m.27 views

CVE-2026-40639

Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges...

5.7CVSS0.00119EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 6:4 p.m.37 views

CVE-2026-40639

Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges...

5.7CVSS0.00119EPSS
Exploits0References1
Rows per page
Query Builder