CVSS: 5.5EPSS: 0%CPEs: 84EXPL: 0CVE-2023-20588 – Speculative Leaks
https://notcve.org/view.php?id=CVE-2023-20588
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. Un error de división por cero en algunos procesadores AMD puede potencialmente devolver datos especulativos que resulten en una pérdida de confidencialidad. • http://www.openwall.com/lists/oss-security/2023/09/25/3 http://www.openwall.com/lists/oss-security/2023/09/25/4 http://www.openwall.com/lists/oss-security/2023/09/25/5 http://www.openwall.com/lists/oss-security/2023/09/25/7 http://www.openwall.com/lists/oss-security/2023/09/25/8 http://www.openwall.com/lists/oss-security/2023/09/26/5 http://www.openwall.com/lists/oss-security/2023/09/26/8 http://www.openwall.com/lists/oss-security/2023 • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 0%CPEs: 294EXPL: 0CVE-2021-26316
https://notcve.org/view.php?id=CVE-2021-26316
Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031 https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 132EXPL: 0CVE-2020-12965
https://notcve.org/view.php?id=CVE-2020-12965
When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage. Cuando se combinan con secuencias de software específicas, las CPUs de AMD pueden ejecutar transitoriamente cargas no canónicas y almacenar usando sólo los 48 bits de dirección inferiores, resultando potencialmente en un filtrado de datos • http://www.openwall.com/lists/oss-security/2023/12/05/3 https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1010 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •