62156 matches found
CVE-2026-8511
An use after free flaw was found in the UI component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495108488...
CVE-2025-48516
Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotected PMIC interface to create a permanent denial of service condition or affect the integrity of the memory module...
CVE-2025-0040
Improper access control between the Joint Test Action Group JTAG and Advanced Extensible Interface AXI could allow an attacker with physical access to read or overwrite the contents of cross-chip debug XCD registers potentially resulting in loss of data integrity or confidentiality...
CVE-2022-23826
A TOCTOU Time-Of-Check to Time-Of-Use in the graphics interface may allow an attacker to load registers repeatedly creating a race condition potentially leading to a loss of integrity...
CVE-2025-54517
Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...
CVE-2025-48516
Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotected PMIC interface to create a permanent denial of service condition or affect the integrity of the memory module...
CVE-2025-48516
Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotected PMIC interface to create a permanent denial of service condition or affect the integrity of the memory module...
CVE-2025-48516
Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotected PMIC interface to create a permanent denial of service condition or affect the integrity of the memory module...
CVE-2025-48516
CVE-2025-48516 : The AMD AMD/AGESA Bootloader Firmware DDR5 memory module has an insecure default configuration state that enables an attacker with local privileges to abuse an unprotected PMIC interface, potentially causing a permanent denial of service or affecting memory integrity. The descrip...
EUVD-2025-209875
Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotected PMIC interface to create a permanent denial of service condition or affect the integrity of the memory module...
[SECURITY] Fedora 44 Update: rust-rpm-sequoia-1.10.2-2.fc44
An implementation of the RPM PGP interface using Sequoia...
[SECURITY] Fedora 44 Update: rust-sequoia-chameleon-gnupg-0.13.1-12.fc44
Sequoia's reimplementation of the GnuPG interface...
CVE-2022-23826
A TOCTOU Time-Of-Check to Time-Of-Use in the graphics interface may allow an attacker to load registers repeatedly creating a race condition potentially leading to a loss of integrity...
CVE-2022-23826
A TOCTOU Time-Of-Check to Time-Of-Use in the graphics interface may allow an attacker to load registers repeatedly creating a race condition potentially leading to a loss of integrity...
CVE-2022-23826
CVE-2022-23826 describes a TOCTOU in the AMD graphics interface that could allow a local attacker with HIGH privileges and no user interaction to repeatedly load registers, creating a race condition and potentially compromising integrity. The CVE is listed with a low base score (CVSS v4.0: 1.8) a...
CVE-2022-23826
A TOCTOU Time-Of-Check to Time-Of-Use in the graphics interface may allow an attacker to load registers repeatedly creating a race condition potentially leading to a loss of integrity...
EUVD-2022-28755
A TOCTOU Time-Of-Check to Time-Of-Use in the graphics interface may allow an attacker to load registers repeatedly creating a race condition potentially leading to a loss of integrity...
CVE-2026-2652 Authentication Bypass in mlflow/mlflow
A vulnerability in mlflow/mlflow versions 3.9.0 and earlier allows unauthenticated access to certain FastAPI routes when the server is started with authentication enabled --app-name basic-auth and served via uvicorn ASGI. The FastAPI permission middleware only enforces authentication on /gateway/...
CVE-2025-0040
Improper access control between the Joint Test Action Group JTAG and Advanced Extensible Interface AXI could allow an attacker with physical access to read or overwrite the contents of cross-chip debug XCD registers potentially resulting in loss of data integrity or confidentiality...
CVE-2025-0040
CVE-2025-0040 describes an improper access control between JTAG and AXI that could let an attacker with physical access read or overwrite cross-chip debug (XCD) registers, potentially affecting data integrity and confidentiality. The vulnerability affects the AMD ecosystem context referenced in A...