Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2023
CVE-2021-26365
Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about out-of-bounds memory contents.
CVSS Score
8.2
EPSS Score
0.002
Published
2023-05-09
CVE-2021-26371
A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-05-09
CVE-2021-26379
Insufficient input validation of mailbox data in the SMU may allow an attacker to coerce the SMU to corrupt SMRAM, potentially leading to a loss of integrity and privilege escalation.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-05-09
CVE-2021-26397
Insufficient address validation, may allow an attacker with a compromised ABL and UApp to corrupt sensitive memory locations potentially resulting in a loss of integrity or availability.
CVSS Score
7.1
EPSS Score
0.0
Published
2023-05-09
CVE-2021-26406
Insufficient validation in parsing Owner's Certificate Authority (OCA) certificates in SEV (AMD Secure Encrypted Virtualization) and SEV-ES user application can lead to a host crash potentially resulting in denial of service.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-05-09
CVE-2021-46749
Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-05-09
CVE-2023-29341
AV1 Video Extension Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.008
Published
2023-05-09
CVE-2023-29343
SysInternals Sysmon for Windows Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.142
Published
2023-05-09
CVE-2023-2609
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-05-09
CVE-2023-31472
An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in which an empty file can be created anywhere on the filesystem. This is caused by a command injection vulnerability with a filter applied.
CVSS Score
7.5
EPSS Score
0.285
Published
2023-05-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved