Vulnerabilities > Gigabyte > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-12-21 | CVE-2018-19323 | Unspecified vulnerability in Gigabyte products The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes functionality to read and write Machine Specific Registers (MSRs). | 9.8 |
2018-07-09 | CVE-2017-3198 | Missing Encryption of Sensitive Data vulnerability in Gigabyte Gb-Bsi7H-6500 Firmware and Gb-Bxi7-5775 Firmware GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. | 10.0 |
2018-07-09 | CVE-2017-3197 | Improper Input Validation vulnerability in Gigabyte Gb-Bsi7H-6500 Firmware and Gb-Bxi7-5775 Firmware GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 (version F6) and GB-BXi7-5775 (version F2) platforms does not securely implement BIOSWE, BLE, SMM_BWP, and PRx features. | 10.0 |
2010-08-02 | CVE-2010-1518 | Improper Input Validation vulnerability in Gigabyte Dldrv2 Activex Control 1.4.206.11 Array index error in the SetDLInfo method in the GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via the item argument. | 10.0 |
2010-08-02 | CVE-2010-1517 | Improper Input Validation vulnerability in Gigabyte Dldrv2 Activex Control 1.4.206.11 The GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote attackers to (1) download arbitrary programs onto a client system, and execute these programs, via vectors involving the dl method; and (2) download arbitrary programs onto a client system via vectors involving the SetDLInfo method in conjunction with the Bdl method. | 10.0 |