Security
Headlines
HeadlinesLatestCVEs

Tag

#bios

CVE-2022-34390: DSA-2022-269: Dell Client Platform BIOS Security Update for Alienware Area-51 R4/R5

Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

CVE
#vulnerability#ios#intel#bios#auth#dell
CVE-2022-32483: DSA-2022-248: Dell Client BIOS Security Update

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Intel Processor UEFI Source Code Leaked

Exposed code included private key for Intel Boot Guard, meaning it can no longer be trusted, according to a researcher.

CVE-2022-32492: DSA-2022-169: Dell Client Precision 5820, 7820, and 7920 Tower BIOS Security Update

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Intel Confirms Leak of Alder Lake BIOS Source Code

Chipmaker Intel has confirmed that proprietary source code related to its Alder Lake CPUs has been leaked, following its release by an unknown third-party on 4chan and GitHub last week. The published content contains Unified Extensible Firmware Interface (UEFI) code for Alder Lake, the company's 12th generation processors that was originally launched in November 2021. In a statement shared with

CVE-2022-36635

ZKteco ZKBioSecurity V5000 4.1.3 was discovered to contain a SQL injection vulnerability via the component /baseOpLog.do.

CVE-2022-36634: ZKBioSecurity 3.0.5- Privilege Escalation to Admin (CVE-2022-36634)

An access control issue in ZKTeco ZKBioSecurity V5000 3.0.5_r allows attackers to arbitrarily create admin users via a crafted HTTP request.

ZKSecurity BIO 3.0.5.0_R Privilege Escalation

ZKSecurity BIO version 3.0.5.0_R suffers from a privilege escalation vulnerability.

ZKSecurity BIO 4.1.2 SQL Injection / Code Execution

ZKSecurity BIO version 4.1.2 suffers from a remote SQL injection vulnerability that can allow for remote code execution.

2K Games Help Desk Platform Hacked to Spread Info-stealing Malware

By Deeba Ahmed Famous publisher 2K Games’ helpdesk platform was hacked where the attackers attempted to distribute malware to gamers’ devices.… This is a post from HackRead.com Read the original post: 2K Games Help Desk Platform Hacked to Spread Info-stealing Malware