Lucene search
K

30 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A known cache speculation vulnerability, known as Branch History Injection BHI or Spectre-BHB, reappears in the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history stored in the CPU Branch History Buffer, or BHB to influence mispredict...

5.5CVSS6.6AI score0.00264EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/17 10:2 a.m.5 views

CVE-2025-62863

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM PCIe driver that could result in an out-of-bounds write within PCIe driver’s S-EL0 address space...

9.8CVSS7.1AI score0.00314EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/16 6:31 p.m.3 views

EUVD-2025-203817

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM MMCommunicate service that could result in an out-of-bounds write within the UEFI-MM Secure Partition context...

6.6AI score0.00314EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/16 6:31 p.m.6 views

EUVD-2025-203818

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM PCIe driver that could result in an out-of-bounds write within PCIe driver’s S-EL0 address space...

6.6AI score0.00314EPSS
Exploits0References3
OSV
OSV
added 2025/12/16 6:16 p.m.4 views

CVE-2025-62864

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM MMCommunicate service that could result in an out-of-bounds write within the UEFI-MM Secure Partition context...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References2
OSV
OSV
added 2025/12/16 6:16 p.m.2 views

CVE-2025-62863

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM PCIe driver that could result in an out-of-bounds write within PCIe driver’s S-EL0 address space...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References2
NVD
NVD
added 2025/12/16 6:16 p.m.5 views

CVE-2025-62863

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM PCIe driver that could result in an out-of-bounds write within PCIe driver’s S-EL0 address space...

9.8CVSS0.00314EPSS
Exploits0References2
OSV
OSV
added 2025/12/16 5:16 p.m.2 views

CVE-2025-62862

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver that could result in 1 an out-of-bounds read which leaks Secure-EL0 information to a process...

4.6CVSS5.8AI score0.00105EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.6 views

PT-2025-51756

Name of the Vulnerable Software and Affected Versions AmpereOne AC03 versions prior to 3.5.9.3 AmpereOne AC04 versions prior to 4.4.5.2 AmpereOne M versions prior to 5.4.5.1 Description The software contains a flaw where an incorrectly formed System Management Call SMC to the UEFI-MM MMCommunicat...

9.8CVSS6.7AI score0.00314EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.4 views

Ampere Computing多款产品 安全漏洞

Ampere Computing AmpereOne AC03 and others are a processor chip from Ampere Computing, USA. A security vulnerability exists in various Ampere Computing products, which stems from an SMC call format error that could result in an out-of-bounds write to the PCIe driver S-EL0 address space. The...

9.8CVSS6.8AI score0.00314EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.3 views

Ampere多款产品 安全漏洞

Ampere Computing AmpereOne AC03 and others are a processor chip from Ampere Computing, USA. A security vulnerability exists in various Ampere products, which stems from an SMC call format error that could result in an out-of-bounds write to the UEFI-MM secure partitioning environment. The followi...

9.8CVSS6.9AI score0.00314EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/16 12:0 a.m.3 views

CVE-2025-62862

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver that could result in 1 an out-of-bounds read which leaks Secure-EL0 information to a process...

6.4AI score0.00105EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/16 12:0 a.m.28 views

CVE-2025-62862

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver that could result in 1 an out-of-bounds read which leaks Secure-EL0 information to a process...

0.00105EPSS
Exploits0References2
CVE
CVE
added 2025/12/16 12:0 a.m.10 views

CVE-2025-62863

CVE-2025-62863 concerns AmpereOne processors (AC03 before 3.5.9.3, AC04 before 4.4.5.2, M before 5.4.5.1). The issue arises from an incorrectly formed System Management Call (SMC) to the UEFI-MM PCIe driver, which could enable an out-of-bounds write in the PCIe driver’s S-EL0 address space. Repor...

9.8CVSS6.7AI score0.00314EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/12/16 12:0 a.m.29 views

CVE-2025-62863

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM PCIe driver that could result in an out-of-bounds write within PCIe driver’s S-EL0 address space...

0.00314EPSS
Exploits0References2
CVE
CVE
added 2025/12/16 12:0 a.m.17 views

CVE-2025-62864

AmpereOne hardware (AC03 before 3.5.9.3, AC04 before 4.4.5.2, M before 5.4.5.1) is affected by CVE-2025-62864 due to an incorrectly formed SMC call to the UEFI-MM MMCommunicate service, which could cause an out-of-bounds write within the UEFI-MM Secure Partition context. Red Hat and NVD entries a...

9.8CVSS6.7AI score0.00314EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/12/16 12:0 a.m.9 views

CVE-2025-62862

CVE-2025-62862 concerns AmpereOne AC03 (before 3.5.9.3), AC04 (before 4.4.5.2), and M (before 5.4.5.1). The root cause is an incorrectly formed SMC call to the UEFI-MM Boot Error Record Table driver, enabling (1) out-of-bounds reads that may leak Secure-EL0 information to Non-Secure state, or (2)...

4.6CVSS6.4AI score0.00105EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-43699

Malicious code in bioql PyPI...

5.5CVSS6.7AI score0.00264EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/05/29 8:25 a.m.52 views

Moderate: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.8CVSS6.5AI score0.00264EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/05/31 11:21 p.m.4 views

SUSE CVE-2023-3006

A known cache speculation vulnerability, known as Branch History Injection BHI or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history stored in the CPU Branch History Buffer, or BHB to influenc...

4.8CVSS6.6AI score0.00264EPSS
Exploits0References16
Rows per page
Query Builder