Export limit exceeded: 339531 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (76357 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-12946 | 1 Amd | 88 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 85 more | 2024-11-21 | 7.1 High |
| Insufficient input validation in ASP firmware for discrete TPM commands could allow a potential loss of integrity and denial of service. | ||||
| CVE-2020-12944 | 1 Amd | 114 Epyc 7232p, Epyc 7232p Firmware, Epyc 7251 and 111 more | 2024-11-21 | 7.8 High |
| Insufficient validation of BIOS image length by ASP Firmware could lead to arbitrary code execution. | ||||
| CVE-2020-12931 | 1 Amd | 215 Amd 3015ce, Amd 3015ce Firmware, Amd 3015e and 212 more | 2024-11-21 | 7.8 High |
| Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity. | ||||
| CVE-2020-12930 | 1 Amd | 219 Amd 3015ce, Amd 3015ce Firmware, Amd 3015e and 216 more | 2024-11-21 | 7.8 High |
| Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity. | ||||
| CVE-2020-12929 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 7.8 High |
| Improper parameters validation in some trusted applications of the PSP contained in the AMD Graphics Driver may allow a local attacker to bypass security restrictions and achieve arbitrary code execution . | ||||
| CVE-2020-12928 | 1 Amd | 1 Ryzen Master | 2024-11-21 | 7.8 High |
| A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master V15 may allow any authenticated user to escalate privileges to NT authority system. | ||||
| CVE-2020-12927 | 1 Amd | 1 Vbios Flash Tool Software Development Kit | 2024-11-21 | 7.8 High |
| A potential vulnerability in a dynamically loaded AMD driver in AMD VBIOS Flash Tool SDK may allow any authenticated user to escalate privileges to NT authority system. | ||||
| CVE-2020-12903 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 7.8 High |
| Out of Bounds Write and Read in AMD Graphics Driver for Windows 10 in Escape 0x6002d03 may lead to escalation of privilege or denial of service. | ||||
| CVE-2020-12902 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 7.8 High |
| Arbitrary Decrement Privilege Escalation in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | ||||
| CVE-2020-12900 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 7.8 High |
| An arbitrary write vulnerability in the AMD Radeon Graphics Driver for Windows 10 potentially allows unprivileged users to gain Escalation of Privileges and cause Denial of Service. | ||||
| CVE-2020-12899 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 7.1 High |
| Arbitrary Read in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or denial of service. | ||||
| CVE-2020-12898 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 7.8 High |
| Stack Buffer Overflow in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | ||||
| CVE-2020-12895 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 7.8 High |
| Pool/Heap Overflow in AMD Graphics Driver for Windows 10 in Escape 0x110037 may lead to escalation of privilege, information disclosure or denial of service. | ||||
| CVE-2020-12894 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 7.1 High |
| Arbitrary Write in AMD Graphics Driver for Windows 10 in Escape 0x40010d may lead to arbitrary write to kernel memory or denial of service. | ||||
| CVE-2020-12893 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 7.8 High |
| Stack Buffer Overflow in AMD Graphics Driver for Windows 10 in Escape 0x15002a may lead to escalation of privilege or denial of service. | ||||
| CVE-2020-12892 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 7.8 High |
| An untrusted search path in AMD Radeon settings Installer may lead to a privilege escalation or unauthorized code execution. | ||||
| CVE-2020-12891 | 1 Amd | 2 Radeon Pro Software, Radeon Software | 2024-11-21 | 7.8 High |
| AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable. | ||||
| CVE-2020-12887 | 1 Arm | 2 Mbed-coap, Mbed Os | 2024-11-21 | 7.5 High |
| Memory leaks were discovered in the CoAP library in Arm Mbed OS 5.15.3 when using the Arm mbed-coap library 5.1.5. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses the CoAP option number field of all options present in the input packet. Each option number is calculated as a sum of the previous option number and a delta of the current option. The delta and the previous option number are expressed as unsigned 16-bit integers. Due to lack of overflow detection, it is possible to craft a packet that wraps the option number around and results in the same option number being processed again in a single packet. Certain options allocate memory by calling a memory allocation function. In the cases of COAP_OPTION_URI_QUERY, COAP_OPTION_URI_PATH, COAP_OPTION_LOCATION_QUERY, and COAP_OPTION_ETAG, there is no check on whether memory has already been allocated, which in conjunction with the option number integer overflow may lead to multiple assignments of allocated memory to a single pointer. This has been demonstrated to lead to memory leak by buffer orphaning. As a result, the memory is never freed. | ||||
| CVE-2020-12885 | 1 Arm | 1 Mbed Os | 2024-11-21 | 7.5 High |
| An infinite loop was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse_multiple_options() parses CoAP options in a while loop. This loop's exit condition is computed using the previously allocated heap memory required for storing the result of parsing multiple options. If the input heap memory calculation results in zero bytes, the loop exit condition is never met and the loop is not terminated. As a result, the packet parsing function never exits, leading to resource consumption. | ||||
| CVE-2020-12878 | 1 Digi | 2 Connectport X2e, Connectport X2e Firmware | 2024-11-21 | 7.8 High |
| Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/python/.ssh directory. | ||||