CVE-2023-20594
- EPSS 0.05%
- Veröffentlicht 20.09.2023 18:15:12
- Zuletzt bearbeitet 27.06.2025 22:15:23
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVE-2023-20597
- EPSS 0.08%
- Veröffentlicht 20.09.2023 18:15:12
- Zuletzt bearbeitet 27.06.2025 22:15:25
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVE-2021-46765
- EPSS 0.12%
- Veröffentlicht 09.05.2023 20:15:12
- Zuletzt bearbeitet 27.01.2025 18:15:29
Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service.
CVE-2021-46773
- EPSS 0.16%
- Veröffentlicht 09.05.2023 20:15:12
- Zuletzt bearbeitet 28.01.2025 16:15:32
Insufficient input validation in ABL may enable a privileged attacker to corrupt ASP memory, potentially resulting in a loss of integrity or code execution.
CVE-2021-46753
- EPSS 0.18%
- Veröffentlicht 09.05.2023 19:15:11
- Zuletzt bearbeitet 28.01.2025 16:15:31
Failure to validate the length fields of the ASP (AMD Secure Processor) sensor fusion hub headers may allow an attacker with a malicious Uapp or ABL to map the ASP sensor fusion hub region and overwrite data structures leading to a potential loss of ...