15 matches found
EUVD-2021-25020
Malware in sbrugna...
Integer overflow
StreamReader::ReadFromExternal in RenderDoc before 1.27 allows an Integer Overflow with a resultant Buffer Overflow. It uses uint32tmBufferSize-mInputSize even though mInputSize can exceed mBufferSize...
EulerOS Virtualization 2.10.0 : edk2 (EulerOS-SA-2023-1945)
According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. CVE-2021-38578 Note that Tenable...
EulerOS Virtualization 3.0.2.0 : edk2 (EulerOS-SA-2023-1689)
According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An unlimited recursion in DxeCore in EDK II. CVE-2021-28210 - NetworkPkg/IScsiDxe has remotely exploitable buffer overflows...
SUSE SLES15 Security Update : ovmf (SUSE-SU-2023:1958-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1958-1 advisory. - Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. CVE-2021-38578 Note that Nessus has not...
ASB-A-221255869
In XMLGetBuffer of xmlparse.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2021-38578
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize...
CVE-2021-38578
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize...
DEBIAN-CVE-2021-38578
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize...
CVE-2021-38578
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize...
CVE-2021-38578
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize...
Design/Logic Flaw
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize...
CVE-2021-38578
CVE-2021-38578 affects the EDK II (edk2) firmware development environment. The vulnerability arises in existing CommBuffer checks in SmmEntryPoint, where underflow can occur when computing BufferSize. This underflow can lead to a SMM privilege escalation as described in multiple advisories refere...
CVE-2021-38578
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize...
CVE-2021-38578
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize...