CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38168 – .NET and Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38168
13 Aug 2024 — .NET and Visual Studio Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38168 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.4EPSS: 0%CPEs: -EXPL: 0CVE-2023-31366
https://notcve.org/view.php?id=CVE-2023-31366
13 Aug 2024 — Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service. • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-9001 • CWE-20: Improper Input Validation •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31341
https://notcve.org/view.php?id=CVE-2023-31341
13 Aug 2024 — Insufficient validation of the Input Output Control (IOCTL) input buffer in AMD μProf may allow an authenticated attacker to cause an out-of-bounds write, potentially causing a Windows® OS crash, resulting in denial of service. ... Prof may allow an authenticated attacker to cause an out-of-bounds write, potentially causing a Windows® OS crash, resulting in denial of service. • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-9001 • CWE-284: Improper Access Control •
CVSS: 5.0EPSS: 0%CPEs: -EXPL: 0CVE-2023-31339
https://notcve.org/view.php?id=CVE-2023-31339
13 Aug 2024 — Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8002 • CWE-20: Improper Input Validation •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31307
https://notcve.org/view.php?id=CVE-2023-31307
13 Aug 2024 — Improper validation of array index in Power Management Firmware (PMFW) may allow a privileged attacker to cause an out-of-bounds memory read within PMFW, potentially leading to a denial of service. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html • CWE-129: Improper Validation of Array Index •
CVSS: 5.0EPSS: 0%CPEs: -EXPL: 0CVE-2023-20513
https://notcve.org/view.php?id=CVE-2023-20513
13 Aug 2024 — An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize a malicious VF (virtualization function) to send a malformed message, potentially resulting in a denial of service. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html • CWE-787: Out-of-bounds Write •
CVSS: 5.0EPSS: 0%CPEs: -EXPL: 0CVE-2023-20510
https://notcve.org/view.php?id=CVE-2023-20510
13 Aug 2024 — An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html •
CVSS: 5.0EPSS: 0%CPEs: 14EXPL: 0CVE-2021-46772
https://notcve.org/view.php?id=CVE-2021-46772
13 Aug 2024 — Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service. Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, po... • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.2EPSS: 0%CPEs: 7EXPL: 0CVE-2021-46746
https://notcve.org/view.php?id=CVE-2021-46746
13 Aug 2024 — Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leading to a denial of service. Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-bas... • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-6619 – Incorrect Permission Assignment for Critical Resource in Ocean Data Systems Dream Report
https://notcve.org/view.php?id=CVE-2024-6619
13 Aug 2024 — In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-226-08 • CWE-732: Incorrect Permission Assignment for Critical Resource •