177 matches found
CVE-2024-53194
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot-bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since commit 0fc70886569c "thunderbolt: Reset USB4 v2 host router" and commit 59a54c5f3dbd "thunderbolt: Res...
CVE-2024-53194
CVE-2024-53194 is a Linux kernel use-after-free vulnerability in PCI hot‑remove handling. A pci_slot may reference the underlying pci_bus after the bus has been destroyed if pciehp is unbound in the wrong order, causing a use-after-free when slot->bus is accessed. The root cause is missing a r...
The vulnerability of the performance and status collection utility in HP One Agent, a microprogramming software for HP laptops, allows attackers to enhance their privileges.
The vulnerability of the HP One Agent performance and status monitoring tool for laptop HP microcomputer software involves the use of an unreliable search path. Exploiting this vulnerability can allow attackers to enhance their privileges...
UBUNTU-CVE-2024-46859
In the Linux kernel, the following vulnerability has been resolved: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses The panasonic laptop code in various places uses the SINF array with index values of 0 - SINFCURBRIGHT0x0d without checking that the SINF array is big enough...
The vulnerability of BIOS microprogramming software in Dell laptops, related to the use of default account information, allows attackers to circumvent existing security restrictions and execute arbitrary code.
The vulnerability of BIOS microprogramming systems in Dell laptops relates to the use of default login credentials. Exploiting this vulnerability can allow attackers to bypass existing security restrictions and execute arbitrary code...
The vulnerability of BIOS microprogramming software in HP laptops and workstations, related to the improper assignment of permissions for critical resources, allows attackers to increase their privileges and execute arbitrary code.
The vulnerability of BIOS microprogramming software in HP laptops and workstations is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...
The vulnerability of BIOS microprogramming software in HP laptops and workstations, related to the improper assignment of permissions for critical resources, allows attackers to increase their privileges and execute arbitrary code.
The vulnerability of BIOS microprogramming software in HP laptops and workstations is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...
USN-6818-2: Linux kernel (ARM laptop) vulnerabilities
Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...
The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.
The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...
The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.
The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...
The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.
The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...
USN-6707-2: Linux kernel (ARM laptop) vulnerabilities
Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...
PT-2024-2542 · Lenovo · Lenovo Laptops
Name of the Vulnerable Software and Affected Versions: Lenovo laptops affected versions not specified Description: The issue is related to the implementation of System Management Mode SMM in Lenovo laptop firmware, which is associated with insufficient input validation. This could allow an attack...
CVE-2023-38541
Insecure inherited permissions in some Intel HID Event Filter drivers for Windows 10 for some Intel NUC laptop software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access...
laptops-ausleihen.de Improper Access Control vulnerability OBB-3819242
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
laptops-miete.de Improper Access Control vulnerability OBB-3776757
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
laptops-mieten.de Improper Access Control vulnerability OBB-3776758
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
laptops-leihen.de Improper Access Control vulnerability OBB-3771255
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
AI Hacking Village at DEF CON This Year
At DEF CON this year, Anthropic, Google, Hugging Face, Microsoft, NVIDIA, OpenAI and Stability AI will all open up their models for attack. The DEF CON event will rely on an evaluation platform developed by Scale AI, a California company that produces training for AI applications. Participants wi...
HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path Vulnerability
Exploit Title: HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path Exploit Author : Wim Jaap van Vliet Vendor Homepage: www.clevo.com.tw Software Link: https://enstrong.blob.core.windows.net/en-driver/PDXXPNX1/Others/CC301006.zip Version: 2.1.0.6 Tested on: Windows 11 Pro...