2441 matches found
HPE System Management - Cross-Site Scripting
HPE System Management contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other...
HP System Management Homepage (SMH) v2.x.x.x - Open Redirect
Open redirect vulnerability in red2301.html in HP System Management Homepage SMH 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter. id: CVE-2010-1586 info: name: HP System Management Homepage SMH v2.x.x.x - Open...
CVE-2026-10590
CVE-2026-10590 describes a potential local privilege escalation where an attacker could abuse WMI commands to trigger a System Management Interrupt (SMI) handler due to missing authentication. The CVSS data indicates a LOCAL attack with HIGH privileges required, no user interaction, and potential...
EUVD-2026-44982
A potential missing authentication vulnerability could allow a local privileged attacker to use WMI commands to arbitrarily trigger a System Management Interrupt handler...
EUVD-2026-44981
A potential out of bounds write vulnerability could allow a local privileged attacker to execute code in System Management Mode...
CVE-2026-10589
Technical details (affected product, component, versions, exploitability) are not publicly available in the provided documents. Monitor for updates.
CVE-2026-10589
A potential out of bounds write vulnerability could allow a local privileged attacker to execute code in System Management Mode...
CVE-2026-10588
A potential vulnerability could allow a local privileged attacker to disclose the address of protected System Management Mode memory...
CVE-2026-10588
Technical details (affected products/components/root cause/fix) are not provided in the supplied documents. Monitor Lenovo advisories and CVE records for updates.
EUVD-2026-44980
A potential vulnerability could allow a local privileged attacker to disclose the address of protected System Management Mode memory...
EUVD-2026-44979
A potential out-of-bounds write vulnerability could allow a local privileged attacker to modify power management settings in System Management Mode...
CVE-2026-10587
A potential out-of-bounds write vulnerability could allow a local privileged attacker to modify power management settings in System Management Mode...
CVE-2026-10587
CVE-2026-10587 is described in connected documents as a potential out-of-bounds write vulnerability that could allow a local privileged attacker to modify power management settings in System Management Mode. The root cause is an out-of-bounds write; impact is indicated as high on integrity and av...
CVE-2026-52948
A flaw was found in the Linux kernel's I2C Inter-Integrated Circuit subsystem. A malicious local user can exploit an integer overflow vulnerability in the I2CTIMEOUT ioctl. By providing a large timeout value, the multiplication by 10 causes an overflow, leading to a truncated value. This results ...
SUSE CVE-2026-52948
In the Linux kernel, the following vulnerability has been resolved: i2c: dev: prevent integer overflow in I2CTIMEOUT ioctl While fuzzing with Syzkaller, a persistent scheduletimeout: wrong timeout value warning was observed, accompanied by SMBus controller state machine corruption. The I2CTIMEOUT...
SUSE CVE-2026-0438
A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially...
Linux Distros Unpatched Vulnerability : CVE-2026-0438
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user...
CVE-2025-10238
During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode SMM...
CVE-2025-10238
During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode SMM...
CVE-2025-10238
During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode SMM...