Lucene search
K

112 matches found

OSV
OSV
added 2023/02/16 9:15 p.m.5 views

CVE-2022-29493

Uncaught exception in webserver for the Integrated BMC in some IntelR platforms before versions 2.86, 2.09 and 2.78 may allow a privileged user to potentially enable denial of service via network access...

4.9CVSS5.8AI score0.00514EPSS
Exploits0References1
OSV
OSV
added 2023/02/16 9:15 p.m.5 views

CVE-2022-29494

Improper input validation in firmware for OpenBMC in some IntelR platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access...

6.5CVSS5.8AI score0.00642EPSS
Exploits0References1
NVD
NVD
added 2023/02/16 9:15 p.m.20 views

CVE-2022-29494

Improper input validation in firmware for OpenBMC in some IntelR platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access...

6.5CVSS6.3AI score0.00642EPSS
Exploits0References1
Prion
Prion
added 2023/02/16 9:15 p.m.15 views

Input validation

Improper input validation in firmware for OpenBMC in some IntelR platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access...

4CVSS6.3AI score0.00642EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/02/16 9:15 p.m.19 views

Design/Logic Flaw

Uncaught exception in webserver for the Integrated BMC in some IntelR platforms before versions 2.86, 2.09 and 2.78 may allow a privileged user to potentially enable denial of service via network access...

3.3CVSS4.9AI score0.00514EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/02/16 8:0 p.m.44 views

CVE-2022-29493

Uncaught exception in webserver for the Integrated BMC in some IntelR platforms before versions 2.86, 2.09 and 2.78 may allow a privileged user to potentially enable denial of service via network access...

4.5CVSS5.3AI score0.00514EPSS
Exploits0References1
CVE
CVE
added 2023/02/16 8:0 p.m.47 views

CVE-2022-29494

CVE-2022-29494 affects OpenBMC firmware on some Intel platforms. The issue is an improper input validation in the firmware before versions egs-0.91-179 and bhs-04-45, which may allow an authenticated user to cause a denial of service over the network. Affected products include OpenBMC on Intel pl...

6.5CVSS6.8AI score0.00642EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/16 8:0 p.m.9 views

CVE-2022-29494

Improper input validation in firmware for OpenBMC in some IntelR platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access...

6.5CVSS6.4AI score0.00642EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/16 8:0 p.m.28 views

CVE-2022-35729

Out of bounds read in firmware for OpenBMC in some IntelR platforms before version 0.72 may allow unauthenticated user to potentially enable denial of service via network access...

7.5CVSS7.6AI score0.00694EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/16 12:0 a.m.2 views

PT-2023-12972 · Intel · Openbmc

Name of the Vulnerable Software and Affected Versions: OpenBMC versions prior to egs-0.91-179 OpenBMC versions prior to bhs-04-45 Description: The issue is related to improper input validation in the firmware for OpenBMC in some Intel platforms, which may allow an authenticated user to potentiall...

6.5CVSS6.2AI score0.00642EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/02/16 12:0 a.m.7 views

PT-2023-13447 · Openbmc · Openbmc

Name of the Vulnerable Software and Affected Versions: OpenBMC versions prior to 0.72 Description: The issue is an out of bounds read in the firmware for OpenBMC in some Intel platforms, which may allow an unauthenticated user to potentially enable denial of service via network access...

7.5CVSS7.3AI score0.00694EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.5 views

SUSE CVE-2011-1476

Integer underflow in the Open Sound System OSS subsystem in the Linux kernel before 2.6.39 on unspecified non-x86 platforms allows local users to cause a denial of service memory corruption by leveraging write access to /dev/sequencer...

4CVSS6.2AI score0.00425EPSS
Exploits1References12
NVD
NVD
added 2022/11/22 2:15 a.m.29 views

CVE-2022-35407

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable exceeds the size of the...

7.8CVSS0.0023EPSS
Exploits0References2
Prion
Prion
added 2022/11/22 2:15 a.m.18 views

Stack overflow

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable exceeds the size of the...

4.3CVSS7.9AI score0.0023EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/22 12:0 a.m.6 views

PT-2022-22808 · Insyde · Insydeh2O

Name of the Vulnerable Software and Affected Versions: Insyde InsydeH2O versions 5.0 through 5.5 Description: A stack buffer overflow issue in the SetupUtility driver on Intel platforms leads to arbitrary code execution. This allows an attacker to change the values of certain UEFI variables by...

7.8CVSS7.8AI score0.0023EPSS
Exploits0References5
CVE
CVE
added 2022/11/22 12:0 a.m.67 views

CVE-2022-35407

The CVE concerns InsydeH2O’s SetupUtility driver on Intel platforms, affected versions 5.0–5.5. A stack buffer overflow from handling two UEFI variables allows arbitrary code execution when the second variable exceeds the first, enabling modification of certain UEFI variables. Impact is local, wi...

7.8CVSS7.9AI score0.0023EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/22 12:0 a.m.6 views

CVE-2022-35407

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable exceeds the size of the...

7.9AI score0.0023EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/11/22 12:0 a.m.28 views

CVE-2022-35407

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable exceeds the size of the...

8.1AI score0.0023EPSS
Exploits0References2
OSV
OSV
added 2022/11/15 10:15 p.m.6 views

CVE-2022-29277

Incorrect pointer checks within the the FwBlockServiceSmm driver can allow arbitrary RAM modifications During review of the FwBlockServiceSmm driver, certain instances of SpiAccessLib could be tricked into writing 0xff to arbitrary system and SMRAM addresses. Fixed in: INTEL Purley-R: 05.21.51.00...

8.8CVSS5.9AI score0.00194EPSS
Exploits0References2
Intel
Intel
added 2020/09/08 12:0 a.m.34 views

Intel BIOS Advisory

Summary: Potential security vulnerabilities in BIOS firmware for multiple Intel Platforms may allow escalation of privilege, denial of service and/or information disclosure. Intel is releasing BIOS updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2020-24457...

7.6CVSS7AI score0.0039EPSS
Exploits0
Rows per page
Query Builder