CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

78 matches found

The Hacker News•added 2025/12/19 8:25 a.m.•5 views

New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

Certain motherboard models from vendors like ASRock, ASUSTeK Computer, GIGABYTE, and MSI are affected by a security vulnerability that leaves them susceptible to early-boot direct memory access DMA attacks across architectures that implement a Unified Extensible Firmware Interface UEFI and...

7CVSS6.8AI score0.00077EPSS

Exploits0

RedhatCVE•added 2025/12/18 3:38 a.m.•4 views

CVE-2025-14304

Certain motherboard models developed by ASRock and its subsidiaries, ASRockRack and ASRockInd. has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory...

7CVSS6.8AI score0.00077EPSS

Exploits0References1

NVD•added 2025/12/17 4:15 a.m.•1 views

CVE-2025-14304

7CVSS0.00077EPSS

Exploits0References4

EUVD•added 2025/12/17 3:23 a.m.•1 views

EUVD-2025-203867

7CVSS6.3AI score0.00077EPSS

Exploits0References5

Cvelist•added 2025/12/17 3:23 a.m.•22 views

CVE-2025-14304 ASRock, ASRockRack, ASRockInd｜Motherboard - Protection Mechanism Failure

7CVSS0.00077EPSS

Exploits0References4

CVE•added 2025/12/17 3:23 a.m.•5 views

CVE-2025-14304

CVE-2025-14304 describes a protection mechanism failure affecting ASRock, ASRock Rack, and ASRock Industrial motherboards (Intel 500/600/700/800 series chipsets) where IOMMU is not properly enabled during early boot. This allows unauthenticated, DMA-capable PCIe devices with physical access to re...

7CVSS6.4AI score0.00077EPSS

Exploits0References4

Vulnrichment•added 2025/12/17 3:23 a.m.•1 views

CVE-2025-14304 ASRock, ASRockRack, ASRockInd｜Motherboard - Protection Mechanism Failure

7CVSS6.4AI score0.00077EPSS

Exploits0References4

Positive Technologies•added 2025/12/17 12:0 a.m.•3 views

PT-2025-51805

Name of the Vulnerable Software and Affected Versions ASRock, ASRockRack, and ASRockInd motherboards affected versions not specified Description Certain motherboard models developed by ASRock and its subsidiaries, ASRockRack and ASRockInd, exhibit a Protection Mechanism Failure. This is due to...

7CVSS6.7AI score0.00077EPSS

Exploits0References11

CNNVD•added 2025/12/17 12:0 a.m.•2 views

ASRock Motherboards 安全漏洞

ASRock Motherboards is a series of motherboards from ASRock Taiwan, China. A security vulnerability exists in ASRock Motherboards, which stems from IOMMU not being properly enabled, which could allow an unauthenticated physical attacker to read or write arbitrary physical memory before the...

7CVSS6.8AI score0.00077EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2018-2780

Malware in sbrugna...

7.2CVSS7AI score0.00139EPSS

Exploits5References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-2779

Malware in sbrugna...

7.8CVSS7AI score0.00224EPSS

Exploits5References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-6198

Malware in sbrugna...

9.8CVSS9.2AI score0.01179EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-2782

Malware in sbrugna...

7.8CVSS7AI score0.00535EPSS

Exploits5References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-2781

Malware in sbrugna...

7.8CVSS7AI score0.00394EPSS

Exploits5References4

RedhatCVE•added 2025/05/22 4:23 p.m.•11 views

CVE-2020-15368

AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3...

5.5CVSS5.3AI score0.03732EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:12 p.m.•4 views

CVE-2020-14032

ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM...

9.8CVSS7.8AI score0.01179EPSS

Exploits1

ThreatPost•added 2022/04/14 3:57 p.m.•67 views

Feds: APTs Have Tools That Can Take Over Critical Infrastructure

Threat actors have built and are ready to deploy tools that can take over a number of widely used industrial control system ICS devices, which spells trouble for critical infrastructure providers—particularly those in the energy sector, federal agencies have warned. In a joint advisory, the...

6.1CVSS6AI score0.03732EPSS

Exploits1References6

VulnCheck KEV•added 2022/04/13 12:0 a.m.•0 views

VulnCheck KEV: CVE-2020-15368

AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3...

5.5CVSS6.2AI score0.03732EPSS

Exploits1References1