CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An insufficient DRAM address validation in PMFW may allow a privileged attacker to perform a DMA read from an invalid DRAM address to SRAM, potentially resulting in loss of data integrity...

5.2CVSS0.00044EPSS

Exploits0References1

NVD•added 2024/08/13 5:15 p.m.•11 views

CVE-2023-20510

An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service...

6CVSS0.00034EPSS

Exploits0References1

OSV•added 2024/08/13 5:15 p.m.•0 views

CVE-2023-20510

An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service...

6CVSS5.8AI score

Exploits0References1

Vulnrichment•added 2024/08/13 4:52 p.m.•15 views

CVE-2023-20510

An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service...

4.7CVSS6.9AI score0.00034EPSS

Exploits0References1

Cvelist•added 2024/08/13 4:52 p.m.•20 views

CVE-2023-20509

An insufficient DRAM address validation in PMFW may allow a privileged attacker to perform a DMA read from an invalid DRAM address to SRAM, potentially resulting in loss of data integrity...

5.2CVSS0.00044EPSS

Exploits0References1

CVE•added 2024/08/13 4:52 p.m.•46 views

CVE-2023-20509

CVE-2023-20509 describes an insufficient DRAM address validation in PMFW that could allow a local privileged attacker to perform a DMA read from an invalid DRAM address to SRAM, potentially leading to data integrity loss. Affected component is PMFW (PM firmware); root cause is address validation ...

5.2CVSS6.9AI score0.00044EPSS

Exploits0References1

Positive Technologies•added 2024/08/13 12:0 a.m.•4 views

PT-2024-11947 · Pmfw · Pmfw

Name of the Vulnerable Software and Affected Versions: PMFW affected versions not specified Description: The issue is related to an insufficient DRAM address validation in PMFW, which may allow a privileged attacker to perform a DMA read from an invalid DRAM address to SRAM. This could potentiall...

5.2CVSS6.6AI score0.00044EPSS

Exploits0References6

Tenable Nessus•added 2023/12/07 12:0 a.m.•49 views

SUSE SLES15 Security Update : kernel-firmware (SUSE-SU-2023:4665-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4665-1 advisory. - Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds...

9.8CVSS7.2AI score0.0036EPSS

Exploits0References25

OSV•added 2023/11/14 7:15 p.m.•2 views

CVE-2021-46774

Insufficient DRAM address validation in System Management Unit SMU may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service...

7.5CVSS5.8AI score

Exploits0References3

NVD•added 2023/11/14 7:15 p.m.•13 views

CVE-2021-46774

Insufficient DRAM address validation in System Management Unit SMU may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service...

7.5CVSS0.00033EPSS

Exploits0References3

Cvelist•added 2023/11/14 6:52 p.m.•24 views

CVE-2021-46774

Insufficient DRAM address validation in System Management Unit SMU may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service...

6.7CVSS8.7AI score0.00033EPSS

Exploits0References3

Vulnrichment•added 2023/11/14 6:52 p.m.•28 views

CVE-2021-46774

Insufficient DRAM address validation in System Management Unit SMU may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service...

6.7CVSS6.6AI score0.00033EPSS

Exploits0References3

CNNVD•added 2023/11/14 12:0 a.m.•1 views

AMD EPYC Security Vulnerability

AMD EPYC is an x86 architecture server microprocessor product line from AMD, known as "Xiao Long" in Chinese, utilizing the Zen microarchitecture. The AMD EPYC suffers from a security vulnerability that stems from insufficient validation of the DRAM address in the System Management Unit SMU, whic...

7.5CVSS6.7AI score0.00051EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by