Lucene search
+L

2441 matches found

Nuclei
Nuclei
added yesterday40 views

HPE System Management - Cross-Site Scripting

HPE System Management contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other...

5.4CVSS6.3AI score0.04601EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday122 views

HP System Management Homepage (SMH) v2.x.x.x - Open Redirect

Open redirect vulnerability in red2301.html in HP System Management Homepage SMH 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter. id: CVE-2010-1586 info: name: HP System Management Homepage SMH v2.x.x.x - Open...

4.3CVSS5.5AI score0.10296EPSS
Exploits1References3
CVE
CVE
added 2 days ago9 views

CVE-2026-10590

CVE-2026-10590 describes a potential local privilege escalation where an attacker could abuse WMI commands to trigger a System Management Interrupt (SMI) handler due to missing authentication. The CVSS data indicates a LOCAL attack with HIGH privileges required, no user interaction, and potential...

6.7CVSS6.1AI score0.00166EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-44982

A potential missing authentication vulnerability could allow a local privileged attacker to use WMI commands to arbitrarily trigger a System Management Interrupt handler...

6.7CVSS6.1AI score0.00166EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-44981

A potential out of bounds write vulnerability could allow a local privileged attacker to execute code in System Management Mode...

6.8CVSS6.2AI score0.00161EPSS
Exploits0References1
CVE
CVE
added 2 days ago7 views

CVE-2026-10589

Technical details (affected product, component, versions, exploitability) are not publicly available in the provided documents. Monitor for updates.

6.8CVSS6.2AI score0.00161EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-10589

A potential out of bounds write vulnerability could allow a local privileged attacker to execute code in System Management Mode...

6.8CVSS6.2AI score0.00161EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-10588

A potential vulnerability could allow a local privileged attacker to disclose the address of protected System Management Mode memory...

6.7CVSS6.1AI score0.00154EPSS
Exploits0References2
CVE
CVE
added 2 days ago11 views

CVE-2026-10588

Technical details (affected products/components/root cause/fix) are not provided in the supplied documents. Monitor Lenovo advisories and CVE records for updates.

6.7CVSS6.1AI score0.00154EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-44980

A potential vulnerability could allow a local privileged attacker to disclose the address of protected System Management Mode memory...

6.7CVSS6.1AI score0.00154EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-44979

A potential out-of-bounds write vulnerability could allow a local privileged attacker to modify power management settings in System Management Mode...

6.8CVSS6.1AI score0.00147EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-10587

A potential out-of-bounds write vulnerability could allow a local privileged attacker to modify power management settings in System Management Mode...

6.8CVSS6.1AI score0.00147EPSS
Exploits0References2
CVE
CVE
added 2 days ago8 views

CVE-2026-10587

CVE-2026-10587 is described in connected documents as a potential out-of-bounds write vulnerability that could allow a local privileged attacker to modify power management settings in System Management Mode. The root cause is an out-of-bounds write; impact is indicated as high on integrity and av...

6.8CVSS6.1AI score0.00147EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/26 3:1 p.m.9 views

CVE-2026-52948

A flaw was found in the Linux kernel's I2C Inter-Integrated Circuit subsystem. A malicious local user can exploit an integer overflow vulnerability in the I2CTIMEOUT ioctl. By providing a large timeout value, the multiplication by 10 causes an overflow, leading to a truncated value. This results ...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/26 2:15 a.m.6 views

SUSE CVE-2026-52948

In the Linux kernel, the following vulnerability has been resolved: i2c: dev: prevent integer overflow in I2CTIMEOUT ioctl While fuzzing with Syzkaller, a persistent scheduletimeout: wrong timeout value warning was observed, accompanied by SMBus controller state machine corruption. The I2CTIMEOUT...

5.5CVSS5.9AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/16 2:24 a.m.10 views

SUSE CVE-2026-0438

A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially...

5.4CVSS5.5AI score0.00139EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-0438

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user...

5.4CVSS5.7AI score0.00139EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.11 views

CVE-2025-10238

During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode SMM...

8.4CVSS5.7AI score0.00121EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 3:16 p.m.15 views

CVE-2025-10238

During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode SMM...

8.4CVSS0.00121EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/10 2:11 p.m.10 views

CVE-2025-10238

During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode SMM...

8.4CVSS5.7AI score0.00121EPSS
Exploits0References1
Rows per page
Query Builder