CVE-2023-20508

MEDIUM Year: 2023
CVSS v3 Score
5.0
Medium
Weakness Type
CWE-1284
View all →

Vulnerability Description

Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidentiality, integrity, or availability.

Related Vulnerabilities

CVE-2023-31310

MEDIUM
CVSS:5.0(Medium)

Improper input validation in Power Management Firmware (PMFW) may allow an attacker with privileges to send a malformed input for the "set temperature input selection" command, potentially resulting i...

CWE-12842023

CVE-2021-26347

MEDIUM
CVSS:4.7(Medium)

Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential ...

CWE-12842021

CVE-2022-37311

MEDIUM
CVSS:5.3(Medium)

OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large location request parameter to the redirect servlet.

CWE-12842022

CVE-2022-37312

MEDIUM
CVSS:5.3(Medium)

OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large request body containing a redirect URL to the deferrer servlet.

CWE-12842022

CVE-2023-20582

MEDIUM
CVSS:5.3(Medium)

Improper handling of invalid nested page table entries in the IOMMU may allow a privileged attacker to induce page table entry (PTE) faults to bypass RMP checks in SEV-SNP, potentially leading to a lo...

CWE-12842023

CVE-2023-4439

MEDIUM
CVSS:5.3(Medium)

A vulnerability was found in SourceCodester Card Holder Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Minus Value Handler. ...

CWE-12842023