CVE-2021-46772

LOW Year: 2021
CVSS v3 Score
3.9
Low
Weakness Type
CWE-125
View all →

Vulnerability Description

Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service.

Related Vulnerabilities

CVE-2019-5296

LOW
CVSS:3.9(Low)

Mate20 Huawei smartphones versions earlier than HMA-AL00C00B175 have an out-of-bounds read vulnerability. An attacker with a high permission runs some specific commands on the smartphone. Due to insuf...

CWE-1252019

CVE-2020-29443

LOW
CVSS:3.9(Low)

ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.

CWE-1252020

CVE-2023-22656

LOW
CVSS:3.9(Low)

Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

CWE-1252023

CVE-2024-32667

LOW
CVSS:3.9(Low)

Out-of-bounds read for some OpenCL(TM) software may allow an authenticated user to potentially enable denial of service via local access.

CWE-1252024

CVE-2020-11947

LOW
CVSS:3.8(Low)

iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.

CWE-1252020

CVE-2020-17390

LOW
CVSS:3.8(Low)

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code o...

CWE-1252020