CVE-2023-20588
- EPSS 6.11%
- Veröffentlicht 08.08.2023 18:15:11
- Zuletzt bearbeitet 21.11.2024 07:41:10
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
CVE-2021-46756
- EPSS 0.12%
- Veröffentlicht 09.05.2023 20:15:12
- Zuletzt bearbeitet 28.01.2025 16:15:31
Insufficient validation of inputs in SVC_MAP_USER_STACK in the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious Uapp or ABL to send malformed or invalid syscall to the bootloader resulting in a potential denial of service ...
CVE-2023-20520
- EPSS 0.31%
- Veröffentlicht 09.05.2023 19:15:11
- Zuletzt bearbeitet 28.01.2025 16:15:34
Improper access control settings in ASP Bootloader may allow an attacker to corrupt the return address causing a stack-based buffer overrun potentially leading to arbitrary code execution.
CVE-2021-26406
- EPSS 0.15%
- Veröffentlicht 09.05.2023 19:15:10
- Zuletzt bearbeitet 28.01.2025 16:15:30
Insufficient validation in parsing Owner's Certificate Authority (OCA) certificates in SEV (AMD Secure Encrypted Virtualization) and SEV-ES user application can lead to a host crash potentially resulting in denial of service.