120856 matches found
CVE-2025-29951
A buffer overflow in the AMD Secure Processor ASP bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution...
CVE-2025-48515
CVE-2025-48515 concerns the AMD Secure Processor (ASP) Boot Loader. The provided documents describe insufficient parameter sanitization that could allow an attacker with access to a SPI ROM upgrade to overwrite memory, potentially enabling arbitrary code execution. The PT-2026-7464 entry reiterat...
CVE-2025-48515
Insufficient parameter sanitization in AMD Secure Processor ASP Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution...
CVE-2026-21349 Lightroom Desktop | Out-of-bounds Write (CWE-787)
Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2024-36355
Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 sleep wake up, potentially resulting in arbitrary code execution...
CVE-2024-36355
CVE-2024-36355 is an AMD SMM-related vulnerability: improper input validation in the System Management Mode (SMM) handler can enable a Ring0 attacker to write to SMRAM and alter execution flow during S3 wake, potentially allowing arbitrary code execution. Affected context appears in AMD EPYC/embe...
CVE-2026-21352
DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21352
DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21353
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21347
Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21347
Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21346
Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21342
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21342
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2025-29950
CVE-2025-29950 describes an improper input validation in AMD’s System Management Mode (SMM) that could allow a privileged local attacker to overwrite stack memory and achieve arbitrary code execution. Public sources in the connected set consistently frame this as an SMM/stack-corruption issue wit...
CVE-2026-2302 Unsafe Reflection in Mongoid::Criteria.from_hash
Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.fromhash may allow for executing arbitrary Ruby code...
Unsafe Reflection in Mongoid::Criteria.from_hash
Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.fromhash may allow for executing arbitrary Ruby code...
CVE-2026-21353 DNG SDK | Integer Overflow or Wraparound (CWE-190)
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21353 DNG SDK | Integer Overflow or Wraparound (CWE-190)
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21353
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...