Lucene search
K

61 matches found

Prion
Prion
added 2023/02/14 8:15 p.m.17 views

Privilege escalation

NT OS Kernel Elevation of Privilege Vulnerability...

4.3CVSS8AI score0.03603EPSS
Exploits0References1Affected Software10
Vulnrichment
Vulnrichment
added 2023/02/14 7:33 p.m.24 views

CVE-2023-21688 NT OS Kernel Elevation of Privilege Vulnerability

...

7.8CVSS7.2AI score0.03603EPSS
Exploits0References1
CVE
CVE
added 2023/02/14 7:33 p.m.131 views

CVE-2023-21688

Technical details about CVE-2023-21688 are not publicly provided in the supplied documents. No concrete information on affected products, root cause, or remediation is available here. Monitor for updates from official sources.

7.8CVSS7.7AI score0.03603EPSS
Exploits0References1Affected Software13
Microsoft CVE
Microsoft CVE
added 2023/02/14 8:0 a.m.41 views

NT OS Kernel Elevation of Privilege Vulnerability

...

7.8CVSS8.8AI score0.03603EPSS
Exploits0
Kaspersky
Kaspersky
added 2023/02/14 12:0 a.m.134 views

KLA20233 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...

9.8CVSS9.5AI score0.43172EPSS
Exploits0References52
OSV
OSV
added 2023/01/13 12:15 a.m.5 views

CVE-2023-22395

A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. In an MPLS scenario specific packets destined to an Integrated Routing and Bridging irb interface of the...

6.5CVSS6.8AI score0.00296EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/11/15 12:0 a.m.30 views

CVE-2022-30772

Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory. Function 0x52 of the PnpSmm driver is passed the address and size of data to write into the SMBIOS table, but manipulation of the address could be used by malware to overwrit...

7.9AI score0.00193EPSS
Exploits0References2
CVE
CVE
added 2022/11/15 12:0 a.m.76 views

CVE-2022-30772

Summary: CVE-2022-30772 describes a memory corruption vulnerability in InsydeH2O BIOS/SMM related to the PnpSmm function 0x52. The input address and size passed to the SMBIOS write operation can be manipulated, enabling a malware attacker with local access to potentially overwrite SMRAM or OS ker...

8.2CVSS7.6AI score0.00193EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/15 12:0 a.m.6 views

PT-2022-20306 · Insyde · Kernel

Name of the Vulnerable Software and Affected Versions: Kernel 5.0 versions prior to 05.09.41 Kernel 5.1 versions prior to 05.17.43 Kernel 5.2 versions prior to 05.27.30 Kernel 5.3 versions prior to 05.36.30 Kernel 5.4 versions prior to 05.44.30 Kernel 5.5 versions prior to 05.52.30 Description:...

8.2CVSS7.9AI score0.00193EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/11/15 12:0 a.m.7 views

CVE-2022-30772

Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory. Function 0x52 of the PnpSmm driver is passed the address and size of data to write into the SMBIOS table, but manipulation of the address could be used by malware to overwrit...

6.6AI score0.00193EPSS
Exploits0References2
NVD
NVD
added 2022/11/09 9:15 p.m.31 views

CVE-2021-26392

Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA...

7.8CVSS0.0026EPSS
Exploits0References2
Prion
Prion
added 2022/11/09 9:15 p.m.30 views

Out-of-bounds

Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA...

4.3CVSS8AI score0.0026EPSS
Exploits0References2Affected Software3
Prion
Prion
added 2022/11/09 9:15 p.m.29 views

Authorization

Insufficient verification of multiple header signatures while loading a Trusted Application TA may allow an attacker with privileges to gain code execution in that TA or the OS/kernel...

4.3CVSS7.9AI score0.00172EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2022/11/09 8:44 p.m.37 views

CVE-2021-26392

Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA...

8.4AI score0.0026EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/11/09 8:44 p.m.9 views

CVE-2021-26391

Insufficient verification of multiple header signatures while loading a Trusted Application TA may allow an attacker with privileges to gain code execution in that TA or the OS/kernel...

7.8AI score0.00172EPSS
Exploits0References1
OSV
OSV
added 2022/02/03 2:15 a.m.4 views

CVE-2021-33627

An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm. Software SMI services that use the Communicate function of the EFISMMCOMMUNICATIONPROTOC...

8.2CVSS7.7AI score0.00327EPSS
Exploits0References5
NVD
NVD
added 2022/02/03 2:15 a.m.33 views

CVE-2021-33625

An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate function of the EFISMMCOMMUNICATIONPROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses...

7.5CVSS0.00314EPSS
Exploits0References5
Prion
Prion
added 2022/02/03 2:15 a.m.22 views

Design/Logic Flaw

An issue was discovered in Insyde InsydeH2O 5.x, affecting FwBlockServiceSmm. Software SMI services that use the Communicate function of the EFISMMCOMMUNICATIONPROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses...

7.2CVSS8AI score0.00327EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2022/02/03 2:15 a.m.22 views

Design/Logic Flaw

An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate function of the EFISMMCOMMUNICATIONPROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses...

6.9CVSS7.6AI score0.00314EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2022/02/03 1:55 a.m.89 views

CVE-2021-33625

Mode C: Normal (concrete details present) Vulnerability: InsydeH2O firmware (Kernel 5.x) used by HddPassword suffers an SMM/SMI buffer validation flaw. Software SMI services that use the EFI_SMM_COMMUNICATION_PROTOCOL’s Communicate() do not verify the buffer address, enabling access to SMRAM, MMI...

7.5CVSS7.6AI score0.00314EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder