38 matches found
EUVD-2019-15739
Malware in sbrugna...
EUVD-2019-15737
Malware in sbrugna...
EUVD-2020-29188
Malware in sbrugna...
EUVD-2021-34069
Malicious code in bioql PyPI...
CVE-2021-3786
A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range...
CVE-2020-8354
A potential vulnerability in the SMI callback function used in the VariableServiceSmm driver in some Lenovo Notebook models may allow arbitrary code execution...
CVE-2019-6172
A potential vulnerability in the SMI callback function used in Legacy USB driver using passed parameter without sufficient checking in some Lenovo ThinkPad models may allow arbitrary code execution...
CVE-2019-6170
A potential vulnerability in the SMI callback function used in the Legacy USB driver using boot services structure in runtime phase in some Lenovo ThinkPad models may allow arbitrary code execution...
CVE-2023-43570
A potential vulnerability was reported in the SMI callback function of the OemSmi driver that may allow a local attacker with elevated permissions to execute arbitrary code...
CVE-2021-4212
A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code...
CVE-2021-4210
A potential vulnerability in the SMI callback function used in the NVME driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code...
Code injection
A potential vulnerability in the SMI callback function used in the SMBIOS event log driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code...
CVE-2021-4212
CVE-2021-4212 describes a local-privilege escalation vulnerability in the SMI callback function used by the Legacy BIOS mode driver on some Lenovo Notebook models. The issue could allow an attacker with local access and elevated privileges to execute arbitrary code. The affected component is the ...
CVE-2021-4211
A potential vulnerability in the SMI callback function used in the SMBIOS event log driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code...
CVE-2021-4210
CVE-2021-4210 is tied to a vulnerability in the SMI callback function of the NVMe driver on Lenovo Desktop, ThinkStation, and ThinkEdge models. The connected documents describe that a local attacker with elevated privileges could execute arbitrary code via this flaw. The exploitation details are ...
CVE-2021-3786
A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range...
Code injection
A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range...
CVE-2021-3786
CVE-2021-3786 concerns Lenovo notebook/ThinkPad systems with a vulnerable SMI callback in the CSME configuration. The issue is a potential flaw in the SMI callback function that could allow leaking data from the SMRAM range. Public records describe this as a data leakage risk affecting confidenti...
CVE-2021-3719
CVE-2021-3719 concerns a vulnerability in the SMI callback that handles boot script tables for resuming from sleep state on Lenovo ThinkCentre and ThinkStation desktops/workstations. The issue could let an attacker with local access and elevated privileges execute arbitrary code by exploiting the...
PT-2021-21565 · Lenovo · Lenovo Thinkstation +1
Name of the Vulnerable Software and Affected Versions: Lenovo ThinkCentre and ThinkStation models affected versions not specified Description: A potential issue in the SMI callback function that handles boot script tables for resuming from sleep state may allow an attacker with local access and...