27 matches found
CVE-2024-36355
Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 sleep wake up, potentially resulting in arbitrary code execution...
CVE-2024-36355
Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 sleep wake up, potentially resulting in arbitrary code execution...
CVE-2023-31343
Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution...
EUVD-2023-24738
Malicious code in bioql PyPI...
EUVD-2023-35656
Malicious code in bioql PyPI...
EUVD-2023-35654
Malicious code in bioql PyPI...
EUVD-2023-35653
Malicious code in bioql PyPI...
CVE-2023-31342
Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution...
CVE-2023-31345
CVE-2023-31345 is an AMD SMM-handling vulnerability in AMD Secure Processor firmware. The issue stems from improper input validation in the SMM handler, which could allow a privileged attacker to overwrite SMRAM and potentially achieve arbitrary code execution. Affected context is AMD client/serv...
CVE-2023-31345
Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution...
CVE-2023-31342
Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution...
CVE-2023-31343
Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution...
CVE-2023-20559
Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges...
Design/Logic Flaw
Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of privileges...
Design/Logic Flaw
Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges...
CVE-2023-20558
Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of privileges...
CVE-2023-20558
CVE-2023-20558 involves AMD Secure Processor/SMU SMM code. The root cause is insufficient control flow management in AmdCpmOemSmm, which could allow a privileged attacker to tamper with the SMM handler and escalate privileges. Affected software/hardware: AMD Ryzen 2000 series desktop processors (...
CVE-2023-20559
The CVE-2023-20559 entry concerns AMD Ryzen 2000-series CPUs with a vulnerability in the System Management Mode (SMM) component. Specifically, insufficient control flow management in AmdCpmGpioInitSmm could allow a privileged attacker to tamper with the SMM handler, potentially leading to privile...
CVE-2023-20559
Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges...
Memory corruption
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory corruption vulnerability in the Software SMI handler in the PnpSmm driver...