15 matches found
TDXRay: Microarchitectural Side-Channel Analysis of Intel TDX for Real-World Workloads
Affected Products AMD EPYC™ Series Processors AMD EPYC™ 7003 Series Processors AMD EPYC™ 8004 Series Processors AMD EPYC™ 9004 Series Processors AMD EPYC™ 9005 Series Processors AMD EPYC™ Embedded Series Processors AMD EPYC™ Embedded 7003 AMD EPYC™ Embedded 8004 AMD EPYC™ Embedded 9004 AMD EPYC™...
HPESBHF05023 rev.1 - Certain HPE SimpliVity Servers Using Certain AMD EPYC Processors, AMD-SB-7059: Guest Initiated Machine Check Errors, Denial of Service Vulnerability
Potential Security Impact: Remote: Denial of Service DoS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SimpliVity 325 Gen11 - Prior to SimpliVity Support Pack SVTSP Gen11 v20260116 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2023-31364 |...
HPESBHF04798 rev.1 - Certain HPE SimpliVity Servers using AMD 3rd Generation and 4th Generation EPYC Processors, AMD-SB-3015, Undermining Integrity Features of SEV-SNP with Memory Aliasing (BadRAM)
Potential Security Impact: Local: Compromise of System Integrity SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SimpliVity 325 Gen10 Plus - Prior to HPE SimpliVity Gen10 Support Pack SVTSPGen10 v2025-0630 HPE SimpliVity 325 Gen11 - Prior to HPE SimpliVity Gen11 Support Pack...
Security Bulletin: IBM Security Guardium is affected by multiple OS level vulnerabilities
Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID:CVE-2022-1941 DESCRIPTION: protobuf is vulnerable to a denial of service, caused by a parsing vulnerability for the MessageSet type in the ProtocolBuffers. By sending a specially crafted message with multiple...
HPESBCR04827 rev.1 - Certain HPE Cray Servers Using Certain AMD EPYC Processors, AMD-SB-7027: AMD System Management Mode (SMM) Vulnerabilities, Local Arbitrary Code Execution Vulnerability
Potential Security Impact: Local: Arbitrary Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Cray EX235a Accelerator Blade - Prior to v2.1.0 HFP 25.1.2 HPE Cray EX235n Server - Prior to v1.5.1 HFP 24.10.1 HPE Cray EX255a Accelerator Blade - Prior to v1.4.0 HFP...
CVE-2024-36347
A flaw was found in AMD processors. This flaw allows an attacker with system administration privileges to exploit an issue in the signature verification in the AMD CPU ROM microcode patch loader, allowing the load of malicious microcode. This issue could impact the integrity of x86 instruction...
HPESBCR04666 rev.1 - Certain HPE Cray Servers Using Certain AMD EPYC Processors, AMD-SB-7009: AMD Processor Security Notice, Local Arbitrary Code Execution Vulnerability
Potential Security Impact: Local: Arbitrary Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Cray EX235a Accelerator Blade prior to BIOS 1.8.0 in HFP 24.3.1 HPE Cray EX235n Server prior to BIOS 1.3.1 in HFP 23.9 HPE Cray EX425 Compute Blade prior to BIOS 1.7.2 in...
HPESBCR04657 rev.1 - Certain HPE ProLiant DL/XL Servers and HPE Cray Supercomputer Using Certain AMD EPYC Processors, Multiple Vulnerabilities
Potential Security Impact: Local: Arbitrary Code Execution, Code Execution, Denial of Service DoS, Elevated Privileges, Buffer Overflow SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL325 Gen10 Plus server - Prior to 2.84 HFP 23.9 HPE ProLiant DL385 Gen10 Plus serve...
SEV-SNP Firmware Vulnerabilities
Bulletin ID: AMD-SB-3007 Potential Impact: Data leakage CVE-2023-31346 and loss of integrity CVE-2023-31347 Severity: Refer to the CVE Details section Summary This bulletin addresses two SEV firmware vulnerabilities reported by an external researcher. Refer to the CVE Details section below. CVE...
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Additionally, a cross site scripting issue was found. These have been addressed in the update. Vulnerability Details CVEID:CVE-2020-22218 DESCRIPTION: libssh...
PT-2023-17472 · Amd · 3Rd Gen Amd Epyc™ Processors +99
Name of the Vulnerable Software and Affected Versions: Insufficient information is provided to determine the specific software and versions affected. Description: The issue involves improper initialization of variables in the DXE driver, potentially allowing a privileged user to leak sensitive...
FreeBSD : wolfssl -- multiple issues (9b9a5f6e-1755-11ed-adef-589cfc01894a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 9b9a5f6e-1755-11ed-adef-589cfc01894a advisory. - AMD EPYC Processors contain an information disclosure vulnerability in the Secure Encrypted...
CVE-2020-12966
AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State SEV-ES and Secure Encrypted Virtualization with Secure Nested Paging SEV-SNP. A local authenticated attacker could potentially exploit this vulnerability leading to...
AMD Secure Encryption Virtualization (SEV) Information Disclosure
Bulletin ID: AMD-SB-1013 Potential Impact: Information Disclosure Severity: Medium Summary AMD received notification of a potential security vulnerability from a team of researchers led by Professor Yinqian Zhang from Southern University of Science and Technology SUSTech. A paper titled...
TLB Poisoning Attacks on AMD Secure Encrypted Virtualization (SEV)
Bulletin ID: AMD-SB-1023 Potential Impact: Loss of Integrity, Confidentiality and Availability Summary A malicious hypervisor HV along with an unprivileged process controlled by an attacker and executing in a guest VM, may maliciously control the process of flushing the Translation Lookaside Buff...