CVE-2024-45105

MEDIUM Year: 2024
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-825
View all →

Vulnerability Description

An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code.

Related Vulnerabilities

CVE-2024-23638

MEDIUM
CVSS:6.5(Medium)

Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This proble...

CWE-8252024

CVE-2025-30653

MEDIUM
CVSS:6.5(Medium)

An Expired Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service ...

CWE-8252025

CVE-2019-15691

HIGH
CVSS:7.2(High)

TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder ...

CWE-8252019

CVE-2023-20212

HIGH
CVSS:7.5(High)

A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic ...

CWE-8252023

CVE-2024-28889

MEDIUM
CVSS:5.9(Medium)

When an SSL profile with alert timeout is configured with a non-default value on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Managem...

CWE-8252024

CVE-2024-39792

HIGH
CVSS:7.5(High)

When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technica...

CWE-8252024