‼ CVE-2021-43615 ‼
📖 Read
via "National Vulnerability Database".
SMM callout vulnerability allowing a possible attacker to hijack execution flow of a code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42060 ‼
📖 Read
via "National Vulnerability Database".
SMM callout vulnerability allowing a possible attacker to hijack execution flow of a code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42554 ‼
📖 Read
via "National Vulnerability Database".
SMM memory corruption vulnerability allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41838 ‼
📖 Read
via "National Vulnerability Database".
An unsafe pointer vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler. An attacker can use this unsafe pointer "ptr" to read or write or manipulate data in the SMRAM. Exploitation of this vulnerability can lead to escalation of privileges reserved only for SMM using the SwSMI handler.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23833 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24030 ‼
📖 Read
via "National Vulnerability Database".
SMM memory corruption vulnerability allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41839 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated table variable EFI_BOOT_SERVICES. This can be used by an attacker to overwrite address location of any of the functions (FreePool,LocateHandleBuffer,HandleProtocol) to the address location of arbitrary code controlled by the attacker. On system call to SWSMI handler, the arbitrary code can be triggered to execute.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23873 ‼
📖 Read
via "National Vulnerability Database".
Victor CMS v1.0 was discovered to contain a SQL injection vulnerability that allows attackers to inject arbitrary commands via 'user_firstname' parameter.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23357 ‼
📖 Read
via "National Vulnerability Database".
mozilo2.0 was discovered to be vulnerable to directory traversal attacks via the parameter curent_dir.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-5953 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. This can result in code execution in SMM (escalating privilege from ring 0 to ring -2).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42113 ‼
📖 Read
via "National Vulnerability Database".
SMM callout vulnerability allowing a possible attacker to hijack execution flow of a code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-22818 ‼
📖 Read
via "National Vulnerability Database".
The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41837 ‼
📖 Read
via "National Vulnerability Database".
An unsafe pointer vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler. An attacker can use this unsafe pointer "current_ptr" to read or write or manipulate data into SMRAM. Exploitation of this vulnerability can lead to escalation of privileges reserved only for SMM using the SwSMI handler.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23871 ‼
📖 Read
via "National Vulnerability Database".
Multiple cross-site scripting (XSS) vulnerabilities in the component outcomes_addProcess.php of Gibbon CMS v22.0.01 allow attackers to execute arbitrary web scripts or HTML via a crafted payload insterted into the name, category, description parameters.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41840 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated table variable EFI_BOOT_SERVICES. This allows an attacker who is capable of executing code in DXE phase to exploit this vulnerability to escalate privileges to SMM. The attacker can overwrite the LocateProtocol or Freepool memory address location to execute unwanted code.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-33627 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(CommBuffer). This can be used by an attacker to corrupt data in SMRAM memory and even lead to arbitrary code execution.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42059 ‼
📖 Read
via "National Vulnerability Database".
Stack overflow vulnerability that allows a local root user to access UEFI DXE driver and execute arbitrary code.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43323 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in UsbCoreDxe in Insyde InsydeH2O with kernel 5.5 before 05.51.45, 5.4 before 05.43.45, 5.3 before 05.35.45, 5.2 before 05.26.45, 5.1 before 05.16.45, and 5.0 before 05.08.45. An SMM callout vulnerability allows an attacker to hijack execution flow of code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41841 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated table variables EFI_BOOT_SERVICES and EFI_RUNTIME_SERVICES. This can be used by an attacker to overwrite address location of the function (LocateHandleBuffer) to the address location of arbitrary code controlled by the attacker. On system call to SWSMI handler, the arbitrary code can be triggered to execute.📖 Read
via "National Vulnerability Database".
🗓️ SnapFuzz: New fuzzing tool speeds up testing of network applications 🗓️
📖 Read
via "The Daily Swig".
Though still in its early stages, SnapFuzz is already showing some promising results📖 Read
via "The Daily Swig".
‼ CVE-2022-23568 ‼
📖 Read
via "National Vulnerability Database".
Tensorflow is an Open Source Machine Learning Framework. The implementation of `AddManySparseToTensorsMap` is vulnerable to an integer overflow which results in a `CHECK`-fail when building new `TensorShape` objects (so, an assert failure based denial of service). We are missing some validation on the shapes of the input tensors as well as directly constructing a large `TensorShape` with user-provided dimensions. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.📖 Read
via "National Vulnerability Database".