Lucene search
K

2426 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/10 7:50 p.m.5 views

CVE-2024-36311

A Time-of-check time-of-use TOCTOU race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability...

4.6CVSS5.8AI score0.00121EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/10 7:50 p.m.6 views

CVE-2024-36311

A Time-of-check time-of-use TOCTOU race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability...

4.6CVSS5.8AI score0.00121EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 7:28 p.m.28 views

CVE-2024-36355

Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 sleep wake up, potentially resulting in arbitrary code execution...

7CVSS0.00153EPSS
Exploits0References2
CVE
CVE
added 2026/02/10 7:28 p.m.16 views

CVE-2024-36355

CVE-2024-36355 is an AMD SMM-related vulnerability: improper input validation in the System Management Mode (SMM) handler can enable a Ring0 attacker to write to SMRAM and alter execution flow during S3 wake, potentially allowing arbitrary code execution. Affected context appears in AMD EPYC/embe...

7CVSS6.2AI score0.00153EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/10 7:24 p.m.26 views

CVE-2024-36310

Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or integrity...

4.6CVSS0.00177EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/10 7:24 p.m.6 views

CVE-2024-36310

Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or integrity...

4.6CVSS5.7AI score0.00177EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/10 7:24 p.m.5 views

CVE-2024-36310

Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or integrity...

4.6CVSS5.8AI score0.00177EPSS
Exploits0References4
CVE
CVE
added 2026/02/10 7:12 p.m.12 views

CVE-2025-0012

CVE-2025-0012 describes a vulnerability in AMD platforms (notably AMD EPYC/EPYC Embedded) where improper handling of overlap between the segmented reverse map table (RMP) and System Management Mode (SMM) memory could allow a privileged attacker to corrupt or partially infer SMM memory, leading to...

6.8CVSS5.5AI score0.00136EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/10 7:12 p.m.5 views

CVE-2025-0012

Improper handling of overlap between the segmented reverse map table RMP and system management mode SMM memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality...

6.8CVSS5.5AI score0.00136EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/10 7:12 p.m.6 views

CVE-2025-0012

Improper handling of overlap between the segmented reverse map table RMP and system management mode SMM memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality...

6.8CVSS5.5AI score0.00136EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 7:12 p.m.36 views

CVE-2025-0012

Improper handling of overlap between the segmented reverse map table RMP and system management mode SMM memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality...

6.8CVSS0.00136EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 7:10 p.m.29 views

CVE-2025-29950

Improper input validation in system management mode SMM could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution...

7.1CVSS0.00145EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/10 7:10 p.m.6 views

CVE-2025-29950

Improper input validation in system management mode SMM could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution...

7.1CVSS6AI score0.00145EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/10 7:10 p.m.4 views

CVE-2025-29950

Improper input validation in system management mode SMM could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution...

7.1CVSS6AI score0.00145EPSS
Exploits0References3
CVE
CVE
added 2026/02/10 7:10 p.m.9 views

CVE-2025-29950

CVE-2025-29950 describes an improper input validation in AMD’s System Management Mode (SMM) that could allow a privileged local attacker to overwrite stack memory and achieve arbitrary code execution. Public sources in the connected set consistently frame this as an SMM/stack-corruption issue wit...

7.1CVSS6AI score0.00145EPSS
Exploits0References2
OSV
OSV
added 2026/02/10 5:16 p.m.2 views

DEBIAN-CVE-2025-31648

Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

1.8CVSS5.1AI score0.00133EPSS
Exploits0References1
OSV
OSV
added 2026/02/10 5:16 p.m.10 views

UBUNTU-CVE-2025-31648

Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

3.9CVSS5.7AI score0.00133EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/10 4:25 p.m.27 views

CVE-2025-31648

Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

3.9CVSS0.00133EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/02/10 4:25 p.m.7 views

CVE-2025-31648

Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

3.9CVSS5AI score0.00133EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.9 views

PT-2026-7443

Improper handling of overlap between the segmented reverse map table RMP and system management mode SMM memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality...

6.8CVSS5.5AI score0.00136EPSS
Exploits0References2
Rows per page
Query Builder