CVSS: 10.0EPSS: 0%CPEs: 305EXPL: 0CVE-2023-39281
https://notcve.org/view.php?id=CVE-2023-39281
01 Nov 2023 — A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase. Una vulnerabilidad de desbordamiento del búfer de pila descubierta en AsfSecureBootDxe en Insyde InsydeH2O con kernel 5.0 a 5.5 permite a los atacantes ejecutar código arbitrario durante la fase DXE. • https://www.insyde.com/security-pledge • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 4.7EPSS: 0%CPEs: 340EXPL: 0CVE-2022-27672 – kernel: AMD: Cross-Thread Return Address Predictions
https://notcve.org/view.php?id=CVE-2022-27672
14 Feb 2023 — When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure. A flaw was found in HW. When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch, potentially resulting in information disclosure. When SMT is enabled, certain AMD processors may speculatively execute instructions using a targ... • https://security.gentoo.org/glsa/202402-07 •