CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2022/11/15 12:0 a.m.•1 views

Insyde InsydeH2O 代码问题漏洞

Insyde InsydeH2O is a C-language source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O 5.1 to 5.5, which stems from incorrect...

8.2CVSS7.8AI score0.00051EPSS

Exploits0References3

CVE•added 2022/11/15 12:0 a.m.•69 views

CVE-2022-29278

The CVE-2022-29278 entry involves the NvmExpressDxe driver with incorrect pointer checks that can allow tampering with SMRAM and OS memory. This vulnerability is documented across multiple security trackers (e.g., Insyde InsydeH2O BIOS context) and is tied to specific fixed kernel versions: 5.1 -...

8.2CVSS8.1AI score0.00051EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2022/11/15 12:0 a.m.•7 views

CVE-2022-29278

Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory. This issue was discovered by Insyde during security review. Fixed in: Kernel 5.1: Version...

7.3AI score0.00051EPSS

Vulnrichment•added 2022/11/15 12:0 a.m.•9 views

CVE-2022-29277

7.3AI score0.00049EPSS

Cvelist•added 2022/11/15 12:0 a.m.•15 views

CVE-2022-29277

8.9AI score0.00049EPSS

CNNVD•added 2022/08/12 12:0 a.m.•0 views

Google Android 代码问题漏洞

Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in Google Android 13, which stems from a lack of null pointer checking. The vulnerability is exploited by an attacker to remotely deny service without requiring additiona...

6.5CVSS6.6AI score0.00159EPSS

BDU FSTEC•added 2022/06/17 12:0 a.m.•2 views

The vulnerability of the Microsoft Silverlight software platform, related to insufficient checking of pointers for access to elements, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Microsoft Silverlight software platform lies in the insufficient checking of pointers used to access elements in memory when processing objects. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information by opening a specially...

5.3CVSS0.84714EPSS

Exploits5References11Affected Software1

BDU FSTEC•added 2022/06/09 12:0 a.m.•2 views

The vulnerability of the Microsoft Silverlight software platform, related to insufficient checking of pointers, allows a perpetrator to execute arbitrary code or gain access to read, modify, or delete data.

The vulnerability of the Microsoft Silverlight software platform lies in the insufficient checking of pointers used to access elements when processing HTML objects. Exploiting this vulnerability allows an attacker to execute arbitrary code or gain access to read, modify, or delete data by running...

9.3CVSS0.93187EPSS

Exploits8References6Affected Software1

OSV•added 2021/06/04 7:48 p.m.•7 views

UVI-2021-1000618 gve: Add NULL pointer checks when freeing irqs.

gve: Add NULL pointer checks when freeing irqs. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.124 by commit...

OSV•added 2021/06/04 7:41 p.m.•9 views

UVI-2021-1000579 gve: Add NULL pointer checks when freeing irqs.

OSV•added 2021/06/04 7:34 p.m.•7 views

UVI-2021-1000533 gve: Add NULL pointer checks when freeing irqs.

OSV•added 2021/06/04 7:34 p.m.•12 views

GSD-2021-1000533 gve: Add NULL pointer checks when freeing irqs.

OSV•added 2021/05/31 11:48 p.m.•10 views

GSD-2021-1000511 scsi: qedf: Add pointer checks in qedf_update_link_speed()

scsi: qedf: Add pointer checks in qedfupdatelinkspeed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.40 by commit...

OSV•added 2021/05/31 11:48 p.m.•6 views

UVI-2021-1000511 scsi: qedf: Add pointer checks in qedf_update_link_speed()

OSV•added 2021/05/31 11:46 p.m.•13 views

GSD-2021-1000500 scsi: qedf: Add pointer checks in qedf_update_link_speed()