Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:29 p.m.5 views

CVE-2022-1108

A potential vulnerability due to improper buffer validation in the SMI handler LenovoFlashDeviceInterface in Thinkpad X1 Fold Gen 1 could be exploited by an attacker with local access and elevated privileges to execute arbitrary code...

7.2CVSS7.2AI score0.0024EPSS
Exploits0References1
OSV
OSV
added 2023/06/26 8:15 p.m.4 views

CVE-2023-2290

A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code...

6.7CVSS6AI score0.0016EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/04/22 9:15 p.m.5 views

CVE-2022-1108

A potential vulnerability due to improper buffer validation in the SMI handler LenovoFlashDeviceInterface in Thinkpad X1 Fold Gen 1 could be exploited by an attacker with local access and elevated privileges to execute arbitrary code...

7.2CVSS7.2AI score0.0024EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/06/05 12:0 a.m.9 views

The vulnerability of Thunderbolt devices’ microcontrollers, related to errors in the implementation of the SPI Flash interface, allows attackers to gain direct access to the memory of computing devices connected to Thunderbolt interfaces.

The vulnerability of Thunderbolt device microcontrollers is related to errors in the implementation of the SPI Flash interface. Exploiting this vulnerability can allow an attacker to gain direct access to the memory of computing devices, to which Thunderbolt-enabled devices are connected...

7.6CVSS5.5AI score
Exploits0References3Affected Software1
OSV
OSV
added 2019/06/05 7:29 p.m.3 views

CVE-2019-7672

Prima Systems FlexAir, Versions 2.3.38 and prior. The flash version of the web interface contains a hard-coded username and password, which may allow an authenticated attacker to escalate privileges...

8.8CVSS7.3AI score
Exploits0References4
OSV
OSV
added 2017/07/17 1:18 p.m.2 views

CVE-2017-3080

Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer. Successful exploitation could lead to information disclosure...

6.5CVSS5.8AI score
Exploits0References5
Rows per page
Query Builder