Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-40134PUBLISHED: 2023-01-30An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.
CVE-2022-40135PUBLISHED: 2023-01-30An information leak vulnerability in the Smart USB Protection SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.
CVE-2022-40136PUBLISHED: 2023-01-30An information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.
CVE-2022-40137PUBLISHED: 2023-01-30A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code.
CVE-2022-48006PUBLISHED: 2023-01-30An arbitrary file upload vulnerability in taocms v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is exploited via manipulation of the upext variable at /include/Model/Upload.php.
User Rank: Apprentice
6/18/2019 | 5:00:17 AM