Lucene search
K

177 matches found

NVD
NVD
added 2024/12/27 2:15 p.m.29 views

CVE-2024-53194

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot-bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since commit 0fc70886569c "thunderbolt: Reset USB4 v2 host router" and commit 59a54c5f3dbd "thunderbolt: Res...

7.8CVSS0.0023EPSS
Exploits0References11
CVE
CVE
added 2024/12/27 1:49 p.m.202 views

CVE-2024-53194

CVE-2024-53194 is a Linux kernel use-after-free vulnerability in PCI hot‑remove handling. A pci_slot may reference the underlying pci_bus after the bus has been destroyed if pciehp is unbound in the wrong order, causing a use-after-free when slot->bus is accessed. The root cause is missing a r...

7.8CVSS6.9AI score0.0023EPSS
Exploits0References11Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/03 12:0 a.m.7 views

The vulnerability of the performance and status collection utility in HP One Agent, a microprogramming software for HP laptops, allows attackers to enhance their privileges.

The vulnerability of the HP One Agent performance and status monitoring tool for laptop HP microcomputer software involves the use of an unreliable search path. Exploiting this vulnerability can allow attackers to enhance their privileges...

8CVSS5.5AI score0.00166EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/09/27 1:15 p.m.7 views

UBUNTU-CVE-2024-46859

In the Linux kernel, the following vulnerability has been resolved: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses The panasonic laptop code in various places uses the SINF array with index values of 0 - SINFCURBRIGHT0x0d without checking that the SINF array is big enough...

7.8CVSS6.4AI score0.00217EPSS
Exploits0References19
BDU FSTEC
BDU FSTEC
added 2024/09/11 12:0 a.m.7 views

The vulnerability of BIOS microprogramming software in Dell laptops, related to the use of default account information, allows attackers to circumvent existing security restrictions and execute arbitrary code.

The vulnerability of BIOS microprogramming systems in Dell laptops relates to the use of default login credentials. Exploiting this vulnerability can allow attackers to bypass existing security restrictions and execute arbitrary code...

8.2CVSS5.8AI score0.00203EPSS
Exploits0References3Affected Software11
BDU FSTEC
BDU FSTEC
added 2024/06/28 12:0 a.m.10 views

The vulnerability of BIOS microprogramming software in HP laptops and workstations, related to the improper assignment of permissions for critical resources, allows attackers to increase their privileges and execute arbitrary code.

The vulnerability of BIOS microprogramming software in HP laptops and workstations is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

6.8CVSS5.8AI score0.00168EPSS
Exploits0References3Affected Software24
BDU FSTEC
BDU FSTEC
added 2024/06/28 12:0 a.m.7 views

The vulnerability of BIOS microprogramming software in HP laptops and workstations, related to the improper assignment of permissions for critical resources, allows attackers to increase their privileges and execute arbitrary code.

The vulnerability of BIOS microprogramming software in HP laptops and workstations is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2Affected Software24
Ubuntu
Ubuntu
added 2024/06/10 4:9 p.m.160 views

USN-6818-2: Linux kernel (ARM laptop) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...

7.8CVSS6.9AI score0.78388EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2024/05/20 12:0 a.m.7 views

The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.

The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...

9CVSS5.9AI score0.00665EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/05/20 12:0 a.m.8 views

The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.

The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...

9CVSS5.9AI score0.01131EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/05/20 12:0 a.m.7 views

The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.

The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...

9CVSS5.9AI score0.01131EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2024/03/21 1:12 p.m.68 views

USN-6707-2: Linux kernel (ARM laptop) vulnerabilities

Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.7AI score0.28058EPSS
Exploits16
Positive Technologies
Positive Technologies
added 2024/03/12 12:0 a.m.4 views

PT-2024-2542 · Lenovo · Lenovo Laptops

Name of the Vulnerable Software and Affected Versions: Lenovo laptops affected versions not specified Description: The issue is related to the implementation of System Management Mode SMM in Lenovo laptop firmware, which is associated with insufficient input validation. This could allow an attack...

5.3CVSS7.4AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/19 8:3 p.m.4 views

CVE-2023-38541

Insecure inherited permissions in some Intel HID Event Filter drivers for Windows 10 for some Intel NUC laptop software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS7.2AI score0.00131EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2023/12/20 5:35 p.m.7 views

laptops-ausleihen.de Improper Access Control vulnerability OBB-3819242

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/11/10 9:0 p.m.9 views

laptops-miete.de Improper Access Control vulnerability OBB-3776757

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/11/10 9:0 p.m.14 views

laptops-mieten.de Improper Access Control vulnerability OBB-3776758

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/11/01 7:1 p.m.7 views

laptops-leihen.de Improper Access Control vulnerability OBB-3771255

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2023/05/08 3:29 p.m.12 views

AI Hacking Village at DEF CON This Year

At DEF CON this year, Anthropic, Google, Hugging Face, Microsoft, NVIDIA, OpenAI and Stability AI will all open up their models for attack. The DEF CON event will rely on an evaluation platform developed by Scale AI, a California company that produces training for AI applications. Participants wi...

6.9AI score
Exploits0
0day.today
0day.today
added 2023/04/03 12:0 a.m.249 views

HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path Vulnerability

Exploit Title: HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path Exploit Author : Wim Jaap van Vliet Vendor Homepage: www.clevo.com.tw Software Link: https://enstrong.blob.core.windows.net/en-driver/PDXXPNX1/Others/CC301006.zip Version: 2.1.0.6 Tested on: Windows 11 Pro...

7.4AI score
Exploits0
Rows per page
Query Builder