CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

609 matches found

RedhatCVE•added 2026/02/13 1:22 p.m.•2 views

CVE-2024-36355

Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 sleep wake up, potentially resulting in arbitrary code execution...

7CVSS6.1AI score0.00007EPSS

Exploits0References1

NVD•added 2026/02/10 8:16 p.m.•3 views

CVE-2024-36310

Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or integrity...

4.6CVSS0.00006EPSS

Exploits0References3

CVE•added 2026/02/10 7:28 p.m.•6 views

CVE-2024-36355

CVE-2024-36355 is an AMD SMM-related vulnerability: improper input validation in the System Management Mode (SMM) handler can enable a Ring0 attacker to write to SMRAM and alter execution flow during S3 wake, potentially allowing arbitrary code execution. Affected context appears in AMD EPYC/embe...

7CVSS6.2AI score0.00007EPSS

Exploits0References2

Vulnrichment•added 2026/02/10 7:28 p.m.•1 views

CVE-2024-36355

7CVSS6.2AI score0.00007EPSS

Exploits0References2

Cvelist•added 2026/02/10 7:24 p.m.•21 views

CVE-2024-36310

4.6CVSS0.00006EPSS

Exploits0References3

CVE•added 2026/02/10 7:24 p.m.•5 views

CVE-2024-36310

CVE-2024-36310 affects AMD processors via the System Management Mode (SMM) communications buffer. The vulnerability stems from improper input validation, enabling a privileged attacker to perform an out-of-bounds read or write to SMRAM, with potential loss of confidentiality or integrity. Public ...

4.6CVSS5.8AI score0.00006EPSS

Exploits0References3

CNNVD•added 2026/02/10 12:0 a.m.•2 views

AMD多款产品安全漏洞

Both the AMD Ryzen and AMD EPYC are products of American semiconductor company AMD. The AMD Ryzen is a central processing unit CPU. The AMD EPYC is a high-performance server processor. Several AMD products have security vulnerabilities. These vulnerabilities stem from improper input validation,...

7CVSS6.2AI score0.00007EPSS

Exploits0References3

Positive Technologies•added 2026/02/10 12:0 a.m.•2 views

PT-2026-7442

Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description A flaw exists in the System Management Mode SMM handler due to improper input validation. This could allow an attacker with Ring0 access to write to System Management RAM SMRAM and alter the execution flow...

7CVSS6AI score0.00007EPSS

Exploits0References5

RedhatCVE•added 2026/01/09 11:26 a.m.•6 views

CVE-2021-33627

An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm. Software SMI services that use the Communicate function of the EFISMMCOMMUNICATIONPROTOC...

8.2CVSS7.1AI score0.00103EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:53 a.m.•4 views

CVE-2022-33984

DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the SdMmcDevice driver could cause SMRAM corrupti...

7CVSS6.9AI score0.0005EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:53 a.m.•1 views

CVE-2022-33909

DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the HddPassword driver could cause SMRAM corrupti...

7CVSS6.9AI score0.00038EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:52 a.m.•4 views

CVE-2022-33905

DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler could cause SMRAM corruption a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the AhciBusDxe driver could cause SMRAM corruption through...

7CVSS6.9AI score0.00038EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:48 a.m.•3 views

CVE-2022-31243

Update description and links DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption through a TOCTOU attack.. "DMA transactions which are targeted at input buffers used for the software SMI handl...

6.4CVSS7AI score0.00051EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:40 a.m.•4 views

CVE-2022-35896

An issue SMM memory leak vulnerability in SMM driver SMRAM was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An attacker can dump SMRAM contents via the software SMI provided by the FvbServicesRuntimeDxe driver to read the contents of SMRAM, leading to information disclosure...

6CVSS6.3AI score0.00091EPSS

Exploits1References1