13 matches found
EUVD-2021-13193
Malware in sbrugna...
EUVD-2023-24697
Malicious code in bioql PyPI...
EUVD-2021-33428
Malicious code in bioql PyPI...
CVE-2023-20578
A TOCTOU Time-Of-Check-Time-Of-Use in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution...
CVE-2021-46772
Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service...
CVE-2021-26387
Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity...
CVE-2023-20518
Incomplete cleanup in the ASP may expose the Master Encryption Key MEK to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality...
CVE-2023-20518
Incomplete cleanup in the ASP may expose the Master Encryption Key MEK to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality...
CVE-2021-46772
Summary: CVE-2021-46772 describes insufficient input validation in the ABL that may allow a privileged attacker with BIOS/UEFI access to tamper with SPI ROM headers, causing out-of-bounds reads/writes and memory corruption or DoS. The Connected documents provide concrete mitigation details from A...
CVE-2021-46772
Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service...
CVE-2021-26387
Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity...
CVE-2021-26387
Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity...
CVE-2021-26387
CVE-2021-26387 describes insufficient access controls in the AMD ASP kernel that could allow a privileged attacker with access to AMD signing keys and BIOS/UEFI shell to map DRAM regions into protected areas, risking platform integrity. Public documents indicate this CVE is tracked within AMD sec...