News & Sicurezza

CVE ID : CVE-2025-29950 Published : Feb. 10, 2026, 8:16 p.m. | 4 hours, 6 minutes ago Description : Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-48509 Published : Feb. 10, 2026, 8:16 p.m. | 4 hours, 6 minutes ago Description : Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity Severity: 1.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-29946 Published : Feb. 10, 2026, 8:16 p.m. | 2 hours, 6 minutes ago Description : Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-29952 Published : Feb. 10, 2026, 8:16 p.m. | 4 hours, 6 minutes ago Description : Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-29939 Published : Feb. 10, 2026, 8:16 p.m. | 2 hours, 6 minutes ago Description : Improper access control in secure encrypted virtualization (SEV) could allow a privileged attacker to write to the reverse map page (RMP) during secure nested paging (SNP) initialization, potentially resulting in a loss of guest memory confidentiality and integrity. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2026-1763 Published : Feb. 10, 2026, 8:16 p.m. | 8 hours, 6 minutes ago Description : Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions. Severity: 4.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2026-1762 Published : Feb. 10, 2026, 8:16 p.m. | 8 hours, 6 minutes ago Description : A vulnerability in GE Vernova Enervista UR Setup on Windows allows File Manipulation.This issue affects Enervista: 8.6 and prior versions. Severity: 2.9 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-29951 Published : Feb. 10, 2026, 8:16 p.m. | 4 hours, 6 minutes ago Description : A buffer overflow in the AMD Secure Processor (ASP) bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2024-36311 Published : Feb. 10, 2026, 7:50 p.m. | 32 minutes ago Description : A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability. Severity: 4.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2025-48515 Published : Feb. 10, 2026, 8:16 p.m. | 8 hours, 7 minutes ago Description : Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2021-26410 Published : Feb. 10, 2026, 7:48 p.m. | 34 minutes ago Description : Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure. Severity: 1.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID : CVE-2021-26381 Published : Feb. 10, 2026, 7:47 p.m. | 35 minutes ago Description : Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory corruption. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...