NotCVE - vendor:"Amd" product:"Epyc 7002"

Page 2 of 39 results (0.004 seconds)

CVSS: -EPSS: 0%CPEs: 8EXPL: 0

CVE-2023-20587

https://notcve.org/view.php?id=CVE-2023-20587

Improper Access Control in System Management Mode (SMM) may allow an attacker access to the SPI flash potentially leading to arbitrary code execution. Un control de acceso inadecuado en el modo de administración del sistema (SMM) puede permitir que un atacante acceda a la memoria flash SPI, lo que podría provocar la ejecución de código arbitrario. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7009 •

CVSS: 5.5EPSS: 0%CPEs: 256EXPL: 0

CVE-2021-26371

https://notcve.org/view.php?id=CVE-2021-26371

A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001 https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 •

CVSS: 7.4EPSS: 0%CPEs: 196EXPL: 0

CVE-2021-26356

https://notcve.org/view.php?id=CVE-2021-26356

A TOCTOU in ASP bootloader may allow an attacker to tamper with the SPI ROM following data read to memory potentially resulting in S3 data corruption and information disclosure. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001 https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 5.5EPSS: 0%CPEs: 304EXPL: 0

CVE-2021-26354

https://notcve.org/view.php?id=CVE-2021-26354

Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL which may cause arbitrary memory values to be initialized to zero, potentially leading to a loss of integrity. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001 https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 5.3EPSS: 0%CPEs: 100EXPL: 0

CVE-2023-20532

https://notcve.org/view.php?id=CVE-2023-20532

Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service. Una validación de entrada insuficiente en la SMU puede permitir que un atacante bloquee recursos incorrectamente, lo que podría provocar una denegación de servicio. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032 • CWE-20: Improper Input Validation •

1 2 3 4 5