6425 matches found
CVE-2025-0012
CVE-2025-0012 describes a vulnerability in AMD platforms (notably AMD EPYC/EPYC Embedded) where improper handling of overlap between the segmented reverse map table (RMP) and System Management Mode (SMM) memory could allow a privileged attacker to corrupt or partially infer SMM memory, leading to...
CVE-2025-0012
Improper handling of overlap between the segmented reverse map table RMP and system management mode SMM memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality...
CVE-2025-0012
Improper handling of overlap between the segmented reverse map table RMP and system management mode SMM memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality...
CVE-2025-0012
Improper handling of overlap between the segmented reverse map table RMP and system management mode SMM memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality...
CVE-2025-29939
CVE-2025-29939 concerns AMD SEV with SNP, where improper access control during SNP initialization could let a privileged attacker write to the reverse map page (RMP), risking loss of guest memory confidentiality and integrity. Affected: AMD Secure Encrypted Virtualization (SEV) in AMD EPYC platfo...
CVE-2025-29939
Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...
CVE-2025-29939
Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...
CVE-2025-29939
Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...
CVE-2026-2191
A weakness has been identified in Tenda AC9 15.03.06.42multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could ...
AMD EPYC 安全漏洞
The AMD EPYC is a high-performance server processor developed by American semiconductor company AMD. There are security vulnerabilities in the AMD EPYC™ 9005 Series Processors and the AMD EPYC™ Embedded 9005 Series Processors. These vulnerabilities stem from improper handling of the segmentation...
PT-2026-7446
Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...
AMD EPYC™ and AMD EPYC™ Embedded Series Processor Vulnerabilities – February 2026
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score| CVSS Vector ---|---|---|--- CVE-2025-52533| Improper access control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentiality ...
PT-2026-7443
Improper handling of overlap between the segmented reverse map table RMP and system management mode SMM memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality...
CVE-2026-25881
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.31, a sandbox escape vulnerability allows sandboxed code to mutate host built-in prototypes by laundering the isGlobal protection flag through array literal intermediaries. When a global prototype reference e.g., Map.prototype,...
CVE-2026-2245
CCExtractor up to v183 contains a vulnerability in the MPEG-TS File Parser (src/lib_ccx/ts_tables.c: parse_PAT/parse_PMT) that can trigger an out-of-bounds read. This is a local (AV:L) issue with low confidentiality/integrity impact and partial availability impact, as per CVSS metrics; exploitati...
CVE-2026-2245 CCExtractor MPEG-TS File ts_tables.c parse_PMT out-of-bounds
A vulnerability was identified in CCExtractor up to 183. This affects the function parsePAT/parsePMT in the library src/libccx/tstables.c of the component MPEG-TS File Parser. Such manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is...
CVE-2026-2191
A weakness has been identified in Tenda AC9 15.03.06.42multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could ...
CVE-2026-2191 Tenda AC9 formGetDdosDefenceList stack-based overflow
A weakness has been identified in Tenda AC9 15.03.06.42multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could ...
CVE-2026-2191 Tenda AC9 formGetDdosDefenceList stack-based overflow
A weakness has been identified in Tenda AC9 15.03.06.42multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could ...
CVE-2026-2191
CVE-2026-2191 affects Tenda AC9 15.03.06.42_multi. The flaw is in the function formGetDdosDefenceList where manipulating the argument security.ddos.map leads to a stack-based buffer overflow. The issue is exploitable remotely and an exploit has been publicly released. Additional sources corrobora...