Security
Headlines
HeadlinesLatestCVEs

Tag

#bios

Privacy Protocol Elusiv Raises $3.5 Million in Seed Funding

By Deeba Ahmed Elusiv protocol offers privacy with compliance to protect Solana users with accessible and compliant privacy. This is a post from HackRead.com Read the original post: Privacy Protocol Elusiv Raises $3.5 Million in Seed Funding

HackRead
Open in Source
#ios#git#bios
Red Hat Security Advisory 2022-7201-01

Red Hat Security Advisory 2022-7201-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.12. Issues addressed include a code execution vulnerability.

RHSA-2022:7201: Red Hat Security Advisory: OpenShift Container Platform 4.11.12 security update

Red Hat OpenShift Container Platform release 4.11.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (issue 3 of 3)

CVE-2022-42055: GL.iNET MT300N-V2 Vulnerabilities and Hardware Teardown

Multiple command injection vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 via the ping and traceroute tools allow attackers to read arbitrary files on the system.

CVE-2021-45925: Vulnerabilities in BMC Firmware Affect OT/IoT Device Security – Part 1

Observable discrepancies in the login process allow an attacker to guess legitimate user names registered in the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0.

CVE-2022-34390: DSA-2022-269: Dell Client Platform BIOS Security Update for Alienware Area-51 R4/R5

Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

CVE-2022-32483: DSA-2022-248: Dell Client BIOS Security Update

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

Intel Processor UEFI Source Code Leaked

Exposed code included private key for Intel Boot Guard, meaning it can no longer be trusted, according to a researcher.

CVE-2022-32492: DSA-2022-169: Dell Client Precision 5820, 7820, and 7920 Tower BIOS Security Update

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.