Vulnerabilities > Gigabyte > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-12-21 CVE-2018-19323 Unspecified vulnerability in Gigabyte products
The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes functionality to read and write Machine Specific Registers (MSRs).
network
low complexity
gigabyte
critical
9.8
2018-07-09 CVE-2017-3198 Missing Encryption of Sensitive Data vulnerability in Gigabyte Gb-Bsi7H-6500 Firmware and Gb-Bxi7-5775 Firmware
GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware.
network
low complexity
gigabyte CWE-311
critical
9.8
2018-07-09 CVE-2017-3197 Improper Input Validation vulnerability in Gigabyte Gb-Bsi7H-6500 Firmware and Gb-Bxi7-5775 Firmware
GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 (version F6) and GB-BXi7-5775 (version F2) platforms does not securely implement BIOSWE, BLE, SMM_BWP, and PRx features.
network
low complexity
gigabyte CWE-20
critical
9.8