CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Name of the Vulnerable Software and Affected Versions: ASP affected versions not specified Description: An out-of-bounds read issue exists in the ASP bootloader. A privileged attacker with access to a malicious bootloader could potentially read sensitive memory, leading to a loss of...

2.5CVSS5.9AI score0.00019EPSS

Exploits0References7

Redos•added 2024/12/09 12:0 a.m.•13 views

ROS-20241209-01

A vulnerability in AMD EPYC™ AGESA™ PI packages is related to incorrect input and range validation in the header of an AMD Secure Processor ASP bootloader image. of the AMD Secure Processor ASP bootloader image. Exploitation of the vulnerability could allow an attacker to, use attacker-controlled...

9.9CVSS7.5AI score0.00508EPSS

Exploits0

Tenable Nessus•added 2023/12/07 12:0 a.m.•41 views

SUSE SLES15 Security Update : kernel-firmware (SUSE-SU-2023:4654-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4654-1 advisory. - Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds...

9.8CVSS7.2AI score0.0036EPSS

Exploits0References25

Tenable Nessus•added 2023/12/07 12:0 a.m.•49 views

SUSE SLES15 Security Update : kernel-firmware (SUSE-SU-2023:4665-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4665-1 advisory. - Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds...

9.8CVSS7.2AI score0.0036EPSS

Exploits0References25

SUSE CVE•added 2023/11/16 1:58 a.m.•1 views

SUSE CVE-2021-46766

Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality...

2.5CVSS5.4AI score0.00033EPSS

Exploits0References9

SUSE CVE•added 2023/11/16 1:55 a.m.•2 views

SUSE CVE-2023-20526

Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality...

1.9CVSS5.2AI score0.0006EPSS

Exploits0References9

NVD•added 2023/11/14 7:15 p.m.•20 views

CVE-2023-20526

Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality...

4.6CVSS0.0006EPSS

Exploits0References3

NVD•added 2023/11/14 7:15 p.m.•25 views

CVE-2023-20521

TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service...

5.7CVSS0.00056EPSS

Exploits0References3

NVD•added 2023/11/14 7:15 p.m.•16 views

CVE-2021-46766

Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality...

5.5CVSS0.00033EPSS

Exploits0References3

OSV•added 2023/11/14 7:15 p.m.•0 views

CVE-2021-46766

Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality...

5.5CVSS5.8AI score

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by