CVE-2025-33182

NVIDIA Jetson Linux contains a vulnerability in UEFI, where improper authentication may allow a privileged user to cause corruption of the Linux Device Tree. A successful exploitation of this vulnerability might lead to data tampering, denial of service...

SMM Memory Corruption Vulnerability in the AMI Aptio's SMM Module Across Multiple Devices

Overview System Management Mode SMM memory corruption vulnerabilities have been identified in UEFI modules present in AMI Aptio UEFI firmware. An attacker could exploit this vulnerability to elevate privileges and execute arbitrary code in the highly privileged SMM environment. Users should apply...

CVE-2024-37976

CVE-2024-37976 is described as a Windows EFI Partition vulnerability: a security feature bypass (Circumvention of security measure) with CVSS 3.1 base score 6.7 (LOCAL, LOW attack complexity, HIGH privileges required, no user interaction). The connected data specifies affected component as Window...

edk2: Predictable TCP Initial Sequence Numbers

A security flaw has been identified in EDK2, the open-source reference implementation of the UEFI specification. This vulnerability enables an unauthorized attacker to potentially disclose sensitive information...