CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added last week•6 views

CVE-2025-10238

During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode SMM...

NVD•added 2026/06/10 3:16 p.m.•6 views

CVE-2025-10238

8.4CVSS0.00121EPSS

Vulnrichment•added 2026/06/10 2:11 p.m.•6 views

CVE-2025-10238

Cvelist•added 2026/06/10 2:11 p.m.•30 views

CVE-2025-10238

8.4CVSS0.00121EPSS

EUVD•added 2026/06/10 2:11 p.m.•7 views

EUVD-2025-210108

CVE•added 2026/06/10 2:11 p.m.•7 views

CVE-2025-10238

The CVE-2025-10238 entry documents a potential out-of-bounds write in the BIOS of some ThinkPad products that could allow a privileged local user to execute code in System Management Mode (SMM). Affected software/hardware is ThinkPad BIOS; the underlying cause is described as an out-of-bounds wri...

CNNVD•added 2026/06/10 12:0 a.m.•4 views

Lenovo ThinkPad 缓冲区错误漏洞

The Lenovo ThinkPad is a portable computer by the company Lenovo. The Lenovo ThinkPad has a buffer error vulnerability, which stems from an out-of-bounds write issue in the BIOS. This vulnerability may allow privileged local users to execute code in the system management mode...

8.4CVSS5.9AI score0.00121EPSS

Positive Technologies•added 2026/06/10 12:0 a.m.•7 views

PT-2026-48431

RedhatCVE•added 2026/06/05 7:25 p.m.•6 views

CVE-2026-0438

A flaw was found in microcodectl. A System Management Mode SMM handler, a special CPU operating mode, could allow a callout to untrusted memory. A highly privileged attacker, with active user interaction and specific preconditions, could exploit this to execute arbitrary code within SMM. This cou...

6.8CVSS5.8AI score0.00139EPSS

Exploits0References5

RedhatCVE•added 2026/06/05 6:48 p.m.•6 views

CVE-2024-36343

Improper input validation in the System Management Mode SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to a limited section of the Top of Memory Segment TSEG memory region, potentially resulting in loss of confidentiality or integrity...

4.6CVSS5.7AI score0.00186EPSS

RedhatCVE•added 2026/06/05 6:48 p.m.•8 views

CVE-2024-36345

Improper input validation in the AMD OverDrive AOD System Management Mode SMM module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality...

4.6CVSS5.4AI score0.00108EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Immediately reset the MMU context when the SMM flag is cleared The MMU context should be immediately reset when the SMM flag of the vCPU is cleared, so that the SMM flag in the MMU context is always synchronized with th...

6.6CVSS6AI score0.00232EPSS

EUVD•added 2026/05/20 12:31 a.m.•8 views

EUVD-2024-55591

NVD•added 2026/05/19 10:16 p.m.•8 views

Exploits0References3

CVE-2024-36343

4.6CVSS0.00186EPSS

ATTACKERKB•added 2026/05/19 9:3 p.m.•8 views

CVE-2024-36343

Vulnrichment•added 2026/05/19 9:3 p.m.•12 views

Exploits0References3

CVE-2024-36343

Cvelist•added 2026/05/19 9:3 p.m.•26 views

CVE-2024-36343

4.6CVSS0.00186EPSS

CVE•added 2026/05/19 9:3 p.m.•10 views

CVE-2024-36343

CVE-2024-36343 describes improper input validation in the System Management Mode (SMM) communications buffer, enabling a privileged attacker to perform an out-of-bounds read or write in a limited portion of the Top of Memory Segment (TSEG) on AMD platforms. The issue can impact confidentiality an...