15 matches found
CVE-2025-36579
Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, leading to unauthorized access...
EUVD-2024-21085
Malicious code in bioql PyPI...
PT-2025-50082
Name of the Vulnerable Software and Affected Versions Qualcomm embedded platform firmware affected versions not specified Description An information disclosure issue exists when processing system calls with invalid parameters. The issue is related to an unreliable pointer dereference in the...
EDK2 安全漏洞
EDK2 is a set of cross-platform firmware development environments based on UEFI and PI specifications from the Tianocore community. A security vulnerability exists in EDK2 that stems from a failure of protection mechanisms in the BIOS, which could lead to the execution of arbitrary code by a loca...
Dell Client Platform BIOS 安全漏洞
The DELL Client Platform BIOS is a BIOS system developed by Dell for its client devices e.g., laptops, desktops, etc.. The DELL Client Platform BIOS has a weak authentication vulnerability that can be exploited by an attacker to elevate privileges...
PT-2025-36295
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained an issue in the ACPI pfr update functionality. The driver update version check used the runtime version number instead of the security-version-number, causing...
CVE-2023-20510
An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service...
PT-2024-24915 · Dell · Dell Client Platform Bios
Name of the Vulnerable Software and Affected Versions: Dell Client Platform BIOS affected versions not specified Description: The issue is related to an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially...
2024.1 IPU - Intel® Atom® Processor Advisory
Summary: A potential security vulnerability in some Intel® Atom® Processors may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-28746 Description: Information exposure through microarchitectural sta...
CVE-2024-23591
ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security...
CVE-2024-23591
ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security...
Code injection
ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security...
CVE-2024-23591
ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security...
Microarchitectural Data Sampling Advisory
Summary: A potential security vulnerability in CPUs may allow information disclosure. Intel is releasing Microcode Updates MCU updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2018-12126 Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some...
UEFI implementations do not properly secure the EFI S3 Resume Boot Path boot script
Overview Some UEFI systems fail to properly restrict access to the boot script used by the EFI S3 Resume Boot Path, allowing an authenticated, local attacker to bypass various firmware write protections. Description According to Rafal Wojtczuk of Bromium and Corey Kallenberg of The MITRE...