CVE-2021-0154
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access....
CVE-2021-0155
Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Read...
CVE-2021-0159
Improper input validation in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via...
CVE-2021-0188
Return of pointer value outside of expected range in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation...
CVE-2021-0189
Use of out-of-range pointer offset in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via...
SEC Consult SA-20220512-0 :: Sandbox Escape with Root Access & Clear-text passwords in Konica Minolta bizhub MFP Printer Terminals
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on May 12 SEC Consult Vulnerability Lab Security Advisory < 20220512-0 > ======================================================================= title: Sandbox Escape...
Re: Defense in depth — the Microsoft way (part 80): 25 (in words: TWENTY-FIVE) year old TRIVIAL bug crashes CMD.exe
Posted by Tavis Ormandy on May 12 They're explaining that you need privileges to attack *other* users. I don't think anyone is disputing you can...
USN-5420-1: Vorbis vulnerabilities
It was discovered that Vorbis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute...
USN-5419-1: Rsyslog vulnerabilities
It was discovered that Rsyslog improperly handled certain invalid input. An attacker could use this issue to cause Rsyslog to crash. Read More
A Vulnerability in certain HP PC BIOS Could Allow for Local Arbitrary Code Execution
A vulnerability has been discovered in certain HP PC BIOS, which could allow for local arbitrary code execution. The BIOS is a firmware which is...