CVE-2023-20594
- EPSS 0.05%
- Published 20.09.2023 18:15:12
- Last modified 27.06.2025 22:15:23
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVE-2023-20597
- EPSS 0.08%
- Published 20.09.2023 18:15:12
- Last modified 27.06.2025 22:15:25
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVE-2023-20555
- EPSS 0.05%
- Published 08.08.2023 18:15:11
- Last modified 21.11.2024 07:41:06
Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM.
CVE-2023-20569
- EPSS 0.63%
- Published 08.08.2023 18:15:11
- Last modified 21.11.2024 07:41:08
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. ...
CVE-2023-20589
- EPSS 0.08%
- Published 08.08.2023 18:15:11
- Last modified 21.11.2024 07:41:10
An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution. ...