38 matches found
EUVD-2025-93501
Incorrect default permissions for some IntelR One Boot Flash Update IntelR OFU software before version 14.1.31 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable...
CVE-2025-27711
Incorrect default permissions for some IntelR One Boot Flash Update IntelR OFU software before version 14.1.31 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable...
CVE-2025-27711
Incorrect default permissions for some IntelR One Boot Flash Update IntelR OFU software before version 14.1.31 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable...
CVE-2025-27711
CVE-2025-27711 documents a privilege-escalation issue in Intel® One Boot Flash Update (OFU) software before version 14.1.31. The root cause is incorrect default permissions in OFU running in Ring 3: User Applications, enabling an elevation of privilege by an unprivileged adversary who has an auth...
CVE-2025-27711
Incorrect default permissions for some IntelR One Boot Flash Update IntelR OFU software before version 14.1.31 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable...
CVE-2025-25059
Uncontrolled search path for some IntelR One Boot Flash Update IntelR OFU software before version 14.1.31 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation ...
CVE-2025-25059
Uncontrolled search path for some IntelR One Boot Flash Update IntelR OFU software before version 14.1.31 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation ...
CVE-2025-25059
Intel OFU (One Boot Flash Update) software prior to version 14.1.31 is affected by an Uncontrolled search path issue that could enable local privilege escalation for Ring 3 user applications. An unprivileged, authenticated user with high complexity and active user interaction may leverage this to...
Intel OFU 安全漏洞
Intel OFU is a flash update application from Intel Corporation USA. A security vulnerability exists in Intel OFU versions prior to 14.1.31, which stems from improperly set default permissions and could result in elevated privileges...
Intel® OFU Software Advisory
Summary: Potential security vulnerabilities for some Intel® One Boot Flash Update Intel® OFU software may allow escalation of privilege. Intel is not releasing updates to mitigate these potential vulnerabilities and has issued a product discontinuation notice for Intel® OFU software. Vulnerabilit...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988656)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988656 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix memory leak in pm8001chipfwflashupdatereq In pm8001chipfwflashupdatebuild, if...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986856)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986856 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix memory leak in pm8001chipfwflashupdatereq In pm8001chipfwflashupdatebuild, if...
SUSE CVE-2022-49119
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix memory leak in pm8001chipfwflashupdatereq In pm8001chipfwflashupdatebuild, if pm8001chipfwflashupdatebuild fails, the struct fwcontrolex allocated must be freed...
CVE-2022-49119
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix memory leak in pm8001chipfwflashupdatereq In pm8001chipfwflashupdatebuild, if pm8001chipfwflashupdatebuild fails, the struct fwcontrolex allocated must be freed...
DEBIAN-CVE-2022-49119
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix memory leak in pm8001chipfwflashupdatereq In pm8001chipfwflashupdatebuild, if pm8001chipfwflashupdatebuild fails, the struct fwcontrolex allocated must be freed...
CVE-2022-49119 scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req()
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix memory leak in pm8001chipfwflashupdatereq In pm8001chipfwflashupdatebuild, if pm8001chipfwflashupdatebuild fails, the struct fwcontrolex allocated must be freed...
PT-2024-2694 · Intel · Intel One Boot Flash Update
Name of the Vulnerable Software and Affected Versions: Intel One Boot Flash Update OFU versions prior to 14.1.31 Description: The issue is related to a protection mechanism failure in the Intel One Boot Flash Update OFU software, which may allow an authenticated user to potentially enable...
TangleBot Malware Reaches Deep into Android Device Functions
An Android malware called TangleBot has weaved its way onto the cyber-scene: One that researchers said can perform a bouquet of malicious actions, including stealing personal info and controlling apps and device functions. According to Cloudmark researchers, the newly discovered mobile malware is...
TAU Threat Analysis: Bundlore (macOS) mm-install-macos
The mm-install-macos variant of the Bundlore family of macOS adware has been around for many years in many variations and delivery methods. Recently, a variant with a novel installation method was discovered. Although most of the installation details were the same or similar to the samples analyz...
March 2019 Adobe Flash Security Update
This security update addresses minor security fixes, which are described in Adobe Security Bulletin APSB19-12...