News & Sicurezza

CVE ID : CVE-2025-48517 Published : Feb. 10, 2026, 8:16 p.m. | 8 hours, 7 minutes ago Description : Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality. Severity: 4.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-48509 Published : Feb. 10, 2026, 8:16 p.m. | 4 hours, 6 minutes ago Description : Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity Severity: 1.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-29946 Published : Feb. 10, 2026, 8:16 p.m. | 2 hours, 6 minutes ago Description : Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-29952 Published : Feb. 10, 2026, 8:16 p.m. | 4 hours, 6 minutes ago Description : Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-29950 Published : Feb. 10, 2026, 8:16 p.m. | 4 hours, 6 minutes ago Description : Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-29948 Published : Feb. 10, 2026, 8:16 p.m. | 2 hours, 6 minutes ago Description : Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-29939 Published : Feb. 10, 2026, 8:16 p.m. | 2 hours, 6 minutes ago Description : Improper access control in secure encrypted virtualization (SEV) could allow a privileged attacker to write to the reverse map page (RMP) during secure nested paging (SNP) initialization, potentially resulting in a loss of guest memory confidentiality and integrity. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2026-1763 Published : Feb. 10, 2026, 8:16 p.m. | 8 hours, 6 minutes ago Description : Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions. Severity: 4.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2026-1762 Published : Feb. 10, 2026, 8:16 p.m. | 8 hours, 6 minutes ago Description : A vulnerability in GE Vernova Enervista UR Setup on Windows allows File Manipulation.This issue affects Enervista: 8.6 and prior versions. Severity: 2.9 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-29951 Published : Feb. 10, 2026, 8:16 p.m. | 4 hours, 6 minutes ago Description : A buffer overflow in the AMD Secure Processor (ASP) bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2024-36311 Published : Feb. 10, 2026, 7:50 p.m. | 32 minutes ago Description : A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability. Severity: 4.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-48515 Published : Feb. 10, 2026, 8:16 p.m. | 8 hours, 7 minutes ago Description : Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...