VYPR
← All vendors
Vendor

Phoenix

Products
7
CVEs
11
Across products
14
Status
Private

Products

7

Recent CVEs

11
  • CVE-2017-9457MedJul 25, 2017
    Phoenix
    SecureCore
    risk 0.44cvss 6.7epss 0.00

    Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS.

  • CVE-2025-40727MedJun 16, 2025
    Phoenix
    Phoenix Site CMS
    risk 0.33cvss epss 0.03

    A Reflected Cross Site Scripting (XSS) vulnerability was found in '/search' in Phoenix Site CMS from Phoenix, which allows remote attackers to execute arbitrary code via 's' GET parameter.

  • CVE-2024-12533May 13, 2025
    Phoenix
    SecureCore Technology 4
    risk 0.00cvss epss 0.00

    Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore Technology 4 allows Input Data Manipulation.This issue affects SecureCore Technology 4: from 4.0.1.0 before 4.0.1.1018, from 4.1.0.1 before 4.1.0.573, from 4.2.0.1 before 4.2.0.338, from…

  • CVE-2024-29980Jan 14, 2025
    Phoenix
    SecureCore
    risk 0.00cvss epss 0.00

    Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake, Phoenix SecureCore™ for Intel Coffee Lake, Phoenix SecureCore™ for Intel Comet Lake, Phoenix SecureCore™ for Intel Ice Lake allows Input Data Manipulation.This…

  • CVE-2024-29979Jan 14, 2025
    Phoenix
    SecureCore
    risk 0.00cvss epss 0.00

    Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake, Phoenix SecureCore™ for Intel Coffee Lake, Phoenix SecureCore™ for Intel Comet Lake, Phoenix SecureCore™ for Intel Ice Lake allows Input Data Manipulation.This…

  • CVE-2024-1598May 14, 2024
    Phoenix
    Securecore™ For Intel Meteor Lake
    risk 0.00cvss epss 0.00

    Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before 4.1.0.567.

  • CVE-2024-0762May 14, 2024
    Phoenix
    SecureCore
    risk 0.00cvss epss 0.00

    Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake: from 4.1.0.1…

  • CVE-2023-35841May 14, 2024
    Phoenix
    WinFlash Driver
    risk 0.00cvss epss 0.00

    Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows Privilege Escalation which allows for modification of system firmware.This issue affects WinFlash Driver: before 4.5.0.0.

  • CVE-2023-5058Dec 7, 2023
    Phoenix
    SecureCore Technology 4
    risk 0.00cvss epss 0.00

    Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentially allows denial-of-service attacks or arbitrary code execution.

  • CVE-2023-31100Nov 14, 2023
    Phoenix
    SecureCore Technology 4
    risk 0.00cvss epss 0.00

    Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects SecureCore™ Technology™ 4: * from 4.3.0.0 before 4.3.0.203 * from 4.3.1.0 before 4.3.1.163 * from 4.4.0.0 before…

  • CVE-2019-18279Nov 13, 2019
    Phoenix
    SCT WinFlash
    risk 0.00cvss epss 0.01

    In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included drivers could be used by a malicious Windows application to gain elevated privileges. Adverse impacts are limited to the Windows environment and there is no known direct impact to the UEFI firmware. This was fixed…