Lucene search
K

2419 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/15 2:48 a.m.15 views

CVE-2023-31309

Improper validation in Power Management Firmware PMFW may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability...

6.8CVSS5.8AI score0.00112EPSS
Exploits0References2
NVD
NVD
added 2026/05/15 2:16 a.m.44 views

CVE-2026-0438

A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially...

5.4CVSS0.00139EPSS
Exploits0References2
NVD
NVD
added 2026/05/15 2:16 a.m.13 views

CVE-2024-36345

Improper input validation in the AMD OverDrive AOD System Management Mode SMM module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality...

4.6CVSS0.00108EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/15 1:42 a.m.9 views

CVE-2024-36345

Improper input validation in the AMD OverDrive AOD System Management Mode SMM module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality...

4.6CVSS5.8AI score0.00108EPSS
Exploits0References3
CVE
CVE
added 2026/05/15 1:42 a.m.25 views

CVE-2024-36345

CVE-2024-36345 concerns the AMD OverDrive (AOD) System Management Mode (SMM) module. The issue is described as improper input validation in the AOD SMM, enabling a privileged attacker to perform an out-of-bounds read and potentially cause loss of confidentiality. Affected component: AMD OverDrive...

4.6CVSS5.8AI score0.00108EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/15 1:42 a.m.43 views

CVE-2024-36345

Improper input validation in the AMD OverDrive AOD System Management Mode SMM module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality...

4.6CVSS0.00108EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/15 1:41 a.m.22 views

EUVD-2026-30496

A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially...

5.4CVSS6AI score0.00139EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/15 1:41 a.m.13 views

CVE-2026-0438

A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially...

5.4CVSS6AI score0.00139EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/15 1:41 a.m.9 views

CVE-2026-0438

A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially...

5.4CVSS6AI score0.00139EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/15 1:41 a.m.57 views

CVE-2026-0438

A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially...

5.4CVSS0.00139EPSS
Exploits0References2
CVE
CVE
added 2026/05/15 1:41 a.m.29 views

CVE-2026-0438

CVE-2026-0438 describes a vulnerability in System Management Mode (SMM) handling on AMD platforms where an SMM handler could call out to code in non-SMM/untrusted memory. An attacker with high privileges, physical access, and active user interaction, under high complexity and given preconditions,...

5.4CVSS6AI score0.00139EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.13 views

AMD Radeon 输入验证错误漏洞

AMD Radeon is a set of device driver and utility software developed by American semiconductor company AMD, used for Advanced Micro Devices graphics cards and GPUs. AMD Radeon has a vulnerability related to input validation. This vulnerability arises from improper validation, which may allow...

6.8CVSS5.8AI score0.00112EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.16 views

PT-2026-41226

Improper input validation in the AMD OverDrive AOD System Management Mode SMM module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality...

4.6CVSS5.8AI score0.00108EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.13 views

PT-2026-41234

A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially...

5.4CVSS6AI score0.00139EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.12 views

AMD Chipset 安全漏洞

The AMD Chipset is a series of chips developed by American semiconductor company AMD. The AMD Chipset contains security vulnerabilities. These vulnerabilities stem from the ability to execute code within non-SMM trustable memory. This could allow high-privilege attackers to trigger the execution ...

5.4CVSS6.1AI score0.00139EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.11 views

PT-2026-41239

Improper validation in Power Management Firmware PMFW may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability...

6.8CVSS5.8AI score0.00112EPSS
Exploits0References2
Amazon
Amazon
added 2026/05/14 12:0 a.m.18 views

Low: microcode_ctl

Issue Overview: Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occ...

3.9CVSS5.8AI score0.00133EPSS
Exploits0
NVD
NVD
added 2026/05/13 4:17 a.m.17 views

CVE-2025-61972

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in arbitrary code execution in AMD Secure Processor ASP and loss of the SEV-SNP guest's confidentiality and integrity...

8.5CVSS0.0013EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/13 3:3 a.m.9 views

CVE-2025-61972

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in arbitrary code execution in AMD Secure Processor ASP and loss of the SEV-SNP guest's confidentiality and integrity...

8.5CVSS6.3AI score0.0013EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/13 3:3 a.m.9 views

EUVD-2025-209812

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in arbitrary code execution in AMD Secure Processor ASP and loss of the SEV-SNP guest's confidentiality and integrity...

8.5CVSS6.3AI score0.0013EPSS
Exploits0References1
Rows per page
Query Builder