CVE-2015-2890
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2015-2890
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The BIOS implementation on Dell Latitude, OptiPlex, Precision Mobile Workstation, and Precision Workstation Client Solutions (CS) devices with model-dependent firmware before A21 does not enforce a BIOS_CNTL locking protection mechanism upon being woken from sleep, which allows local users to conduct EFI flash attacks by leveraging console access, a similar issue to CVE-2015-3692.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Dell设备安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Dell Latitude等都是美国戴尔(Dell)公司的产品。Dell Latitude和OptiPlex都是笔记本产品型号;Precision Mobile Workstation是一个精密移动工作站;Precision Workstation CS是一套移动工作站客户端;BIOS(Basic Input-Output System,基本输出输入系统)是一组固化到计算机主板上的ROM芯片上的程序,它保存着计算机最重要的基本输入输出的程序、系统设置信息、开机后自检程序和系统自启动程序。 多款Dell设备
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2015-2890
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2015-2890
请登录查看更多情报信息。
- http://www.kb.cert.org/vuls/id/BLUU-9XXQ9Lx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2015-2890
Same Patch Batch · n/a · 2015-08-01 · 18 CVEs total
| CVE-2015-1904 | IBM Business Process Manager 权限许可和访问控制漏洞 | |
| CVE-2015-5618 | Chiyu BF-630和BF-630W fingerprint access-control设备权限许可和访问控制漏洞 | |
| CVE-2015-4295 | Cisco Unified Communications Manager Prime Collaboration Deployment组件信息泄露漏洞 | |
| CVE-2015-4294 | Cisco IM and Presence Service 跨站脚本漏洞 | |
| CVE-2015-4292 | Cisco Prime Central for Hosted Collaboration Solution 跨站脚本漏洞 | |
| CVE-2015-4291 | Cisco ASR 1000 IOS XE 资源管理错误漏洞 | |
| CVE-2015-4289 | Cisco AnyConnect Secure Mobility Client 目录遍历漏洞 | |
| CVE-2015-2871 | Chiyu BF-660C fingerprint access-control设备权限许可和访问控制漏洞 | |
| CVE-2015-2870 | 多款Chiyu产品跨站脚本漏洞 | |
| CVE-2015-1009 | Schneider Electric InduSoft Web Studio和Wonderware InTouch Machine Edition 信息泄露漏洞 | |
| CVE-2015-1492 | Symantec Endpoint Protection Manager 输入验证漏洞 | |
| CVE-2015-1491 | Symantec Endpoint Protection Manager SQL注入漏洞 | |
| CVE-2015-1490 | Symantec Endpoint Protection Manager 目录遍历漏洞 | |
| CVE-2015-1489 | Symantec Endpoint Protection Manager 权限许可和访问控制漏洞 | |
| CVE-2015-1488 | Symantec Endpoint Protection Manager 信息泄露漏洞 | |
| CVE-2015-1487 | Symantec Endpoint Protection Manager 输入验证漏洞 | |
| CVE-2015-1486 | Symantec Endpoint Protection Manager 授权问题漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-6638
PostgreSQL REFRESH PUBLICATION allows SQL injection via tabl - CVE-2026-6575
PostgreSQL pg_restore_attribute_stats accepts values that ca - CVE-2026-6637
PostgreSQL refint allows stack buffer overflow and SQL injec - CVE-2026-6479
PostgreSQL SSL/GSS init causes denial of service, via uncont - CVE-2026-6478
PostgreSQL discloses MD5-hashed passwords via covert timing
V. Comments for CVE-2015-2890
No comments yet