2419 matches found
CVE-2023-31309
Improper validation in Power Management Firmware PMFW may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability...
CVE-2026-0438
A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially...
CVE-2024-36345
Improper input validation in the AMD OverDrive AOD System Management Mode SMM module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality...
CVE-2024-36345
Improper input validation in the AMD OverDrive AOD System Management Mode SMM module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality...
CVE-2024-36345
CVE-2024-36345 concerns the AMD OverDrive (AOD) System Management Mode (SMM) module. The issue is described as improper input validation in the AOD SMM, enabling a privileged attacker to perform an out-of-bounds read and potentially cause loss of confidentiality. Affected component: AMD OverDrive...
CVE-2024-36345
Improper input validation in the AMD OverDrive AOD System Management Mode SMM module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality...
EUVD-2026-30496
A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially...
CVE-2026-0438
A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially...
CVE-2026-0438
A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially...
CVE-2026-0438
A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially...
CVE-2026-0438
CVE-2026-0438 describes a vulnerability in System Management Mode (SMM) handling on AMD platforms where an SMM handler could call out to code in non-SMM/untrusted memory. An attacker with high privileges, physical access, and active user interaction, under high complexity and given preconditions,...
AMD Radeon 输入验证错误漏洞
AMD Radeon is a set of device driver and utility software developed by American semiconductor company AMD, used for Advanced Micro Devices graphics cards and GPUs. AMD Radeon has a vulnerability related to input validation. This vulnerability arises from improper validation, which may allow...
PT-2026-41226
Improper input validation in the AMD OverDrive AOD System Management Mode SMM module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality...
PT-2026-41234
A System Management Mode SMM handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially...
AMD Chipset 安全漏洞
The AMD Chipset is a series of chips developed by American semiconductor company AMD. The AMD Chipset contains security vulnerabilities. These vulnerabilities stem from the ability to execute code within non-SMM trustable memory. This could allow high-privilege attackers to trigger the execution ...
PT-2026-41239
Improper validation in Power Management Firmware PMFW may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability...
Low: microcode_ctl
Issue Overview: Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occ...
CVE-2025-61972
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in arbitrary code execution in AMD Secure Processor ASP and loss of the SEV-SNP guest's confidentiality and integrity...
CVE-2025-61972
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in arbitrary code execution in AMD Secure Processor ASP and loss of the SEV-SNP guest's confidentiality and integrity...
EUVD-2025-209812
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in arbitrary code execution in AMD Secure Processor ASP and loss of the SEV-SNP guest's confidentiality and integrity...