Lucene search
K

204 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/11 2:33 p.m.4 views

CVE-2023-20514

Improper handling of parameters in the AMD Secure Processor ASP could allow a privileged attacker to pass an arbitrary memory value to functions in the trusted execution environment resulting in arbitrary code execution...

8.7CVSS6.3AI score0.0014EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/11 2:33 p.m.4 views

CVE-2023-20514

Improper handling of parameters in the AMD Secure Processor ASP could allow a privileged attacker to pass an arbitrary memory value to functions in the trusted execution environment resulting in arbitrary code execution...

8.7CVSS6.3AI score0.0014EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.8 views

AMD Secure Processor 安全漏洞

The AMD Secure Processor is an independent ARM Coretex-A5 chip developed by the American semiconductor company AMD. The AMD Secure Processor has a security vulnerability that stems from improper parameter handling, which may allow for the execution of arbitrary code...

8.7CVSS6AI score0.0014EPSS
Exploits0References2
NVD
NVD
added 2026/02/10 8:16 p.m.4 views

CVE-2025-29949

Insufficient input parameter sanitization in AMD Secure Processor ASP Boot Loader legacy recovery mode only could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service...

4.8CVSS0.00134EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/10 7:50 p.m.6 views

CVE-2025-29951

A buffer overflow in the AMD Secure Processor ASP bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution...

7.3CVSS6.3AI score0.00137EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/10 7:50 p.m.4 views

CVE-2025-29951

A buffer overflow in the AMD Secure Processor ASP bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution...

7.3CVSS6.3AI score0.00137EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/10 7:50 p.m.27 views

CVE-2025-29951

A buffer overflow in the AMD Secure Processor ASP bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution...

7.3CVSS0.00137EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/10 7:49 p.m.5 views

CVE-2025-48515

Insufficient parameter sanitization in AMD Secure Processor ASP Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution...

5.4CVSS6AI score0.00126EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 7:49 p.m.25 views

CVE-2025-48515

CVE-2025-48515 concerns the AMD Secure Processor (ASP) Boot Loader. The provided documents describe insufficient parameter sanitization that could allow an attacker with access to a SPI ROM upgrade to overwrite memory, potentially enabling arbitrary code execution. The PT-2026-7464 entry reiterat...

5.4CVSS6AI score0.00126EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 7:49 p.m.25 views

CVE-2025-48515

Insufficient parameter sanitization in AMD Secure Processor ASP Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution...

5.4CVSS0.00126EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/10 7:48 p.m.5 views

CVE-2021-26410

Improper syscall input validation in ASP AMD Secure Processor may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure...

1.8CVSS5.5AI score0.00146EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/10 7:48 p.m.4 views

CVE-2021-26410

Improper syscall input validation in ASP AMD Secure Processor may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure...

1.8CVSS5.5AI score0.00146EPSS
Exploits0References2
CVE
CVE
added 2026/02/10 7:48 p.m.31 views

CVE-2021-26410

The CVE-2021-26410 entry concerns an improper syscall input validation in the AMD Secure Processor (ASP) that may force the kernel to read syscall parameter values from its own memory space, enabling an attacker to infer contents of kernel memory and potentially disclose information. Connected so...

1.8CVSS5.5AI score0.00146EPSS
Exploits0References2
CVE
CVE
added 2026/02/10 7:46 p.m.13 views

CVE-2025-29949

CVE-2025-29949 is an AMD ASP Boot Loader issue limited to legacy recovery mode. The connected documents confirm insufficient input parameter sanitization in the ASP Boot Loader, which could allow an out-of-bounds write that corrupts Secure DRAM and may cause a denial of service. Affected software...

4.8CVSS5.5AI score0.00134EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 7:7 p.m.31 views

CVE-2025-29948

Improper access control in AMD Secure Encrypted Virtualization SEV firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity...

5.9CVSS0.00144EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.7 views

PT-2026-7462

Name of the Vulnerable Software and Affected Versions AMD Secure Processor ASP Boot Loader affected versions not specified Description A flaw exists in the AMD Secure Processor ASP Boot Loader, specifically within its legacy recovery mode. This issue involves inadequate sanitization of input...

4.8CVSS5.5AI score0.00134EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/10/29 1:1 a.m.8 views

KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid

...

5.5CVSS7AI score0.00197EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/10/28 7:16 p.m.6 views

New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves

A group of academic researchers from Georgia Tech, Purdue University, and Synkhronix have developed a side-channel attack called TEE.Fail that allows for the extraction of secrets from the trusted execution environment TEE in a computer's main processor, including Intel's Software Guard eXtension...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-13166

Malware in sbrugna...

7.8CVSS6.7AI score0.00213EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-13141

Malware in sbrugna...

7.8CVSS6.1AI score0.00286EPSS
Exploits0References3
Rows per page
Query Builder