Search Results (365419 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-32477 1 Insyde 1 Insydeh2o 2025-05-05 7 High
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.
CVE-2022-32475 1 Insyde 1 Insydeh2o 2025-05-05 7 High
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the VariableRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This issue was fixed in the kernel, which also protected chipset and OEM chipset code.
CVE-2022-32471 1 Insyde 1 Insydeh2o 2025-05-05 7 High
An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. The IhisiDxe driver uses the command buffer to pass input and output data. By modifying the command buffer contents with DMA after the input parameters have been checked but before they are used, the IHISI SMM code may be convinced to modify SMRAM or OS, leading to possible data corruption or escalation of privileges.
CVE-2022-32470 1 Insyde 1 Insydeh2o 2025-05-05 7 High
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.
CVE-2022-32469 1 Insyde 1 Insydeh2o 2025-05-05 7 High
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.
CVE-2022-32208 7 Apple, Debian, Fedoraproject and 4 more 21 Macos, Debian Linux, Fedora and 18 more 2025-05-05 5.9 Medium
When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.
CVE-2022-32206 7 Debian, Fedoraproject, Haxx and 4 more 35 Debian Linux, Fedora, Curl and 32 more 2025-05-05 6.5 Medium
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.
CVE-2022-32205 7 Apple, Debian, Fedoraproject and 4 more 29 Macos, Debian Linux, Fedora and 26 more 2025-05-05 4.3 Medium
A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven't expired. Due to cookie matching rules, a server on `foo.example.com` can set cookies that also would match for `bar.example.com`, making it it possible for a "sister server" to effectively cause a denial of service for a sibling site on the same second level domain using this method.
CVE-2022-30944 1 Intel 2 Active Management Technology Firmware, Standard Manageability 2025-05-05 5.5 Medium
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable information disclosure via local access.
CVE-2022-30601 1 Intel 2 Active Management Technology Firmware, Standard Manageability 2025-05-05 9.8 Critical
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable information disclosure and escalation of privilege via network access.
CVE-2022-29593 1 Dingtian-tech 2 Dt-r004, Dt-r004 Firmware 2025-05-05 5.9 Medium
relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request.
CVE-2022-28709 1 Intel 2 Ethernet Controller E810, Ethernet Controller E810 Firmware 2025-05-05 4.4 Medium
Improper access control in the firmware for some Intel(R) E810 Ethernet Controllers before version 1.6.1.9 may allow a privileged user to potentially enable denial of service via local access.
CVE-2022-28697 1 Intel 2 Active Management Technology Firmware, Standard Manageability 2025-05-05 6.8 Medium
Improper access control in firmware for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
CVE-2022-28696 1 Intel 1 Distribution For Python 2025-05-05 7.8 High
Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2022-28388 5 Debian, Fedoraproject, Linux and 2 more 22 Debian Linux, Fedora, Linux Kernel and 19 more 2025-05-05 5.5 Medium
usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-28356 2 Debian, Linux 2 Debian Linux, Linux Kernel 2025-05-05 5.5 Medium
In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.
CVE-2022-27500 1 Intel 1 Support 2025-05-05 5.5 Medium
Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-26373 3 Debian, Intel, Redhat 987 Debian Linux, Celeron 5305u, Celeron 5305u Firmware and 984 more 2025-05-05 5.5 Medium
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
CVE-2022-26074 1 Intel 1 Server Platform Services Firmware 2025-05-05 4.4 Medium
Incomplete cleanup in a firmware subsystem for Intel(R) SPS before versions SPS_E3_04.08.04.330.0 and SPS_E3_04.01.04.530.0 may allow a privileged user to potentially enable denial of service via local access.
CVE-2022-26017 1 Intel 1 Driver \& Support Assistant 2025-05-05 8 High
Improper access control in the Intel(R) DSA software for before version 22.2.14 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.