Security Vulnerabilities - CVEs Published In August 2023
Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD μProf may allow an authenticated user to send an arbitrary address potentially resulting in a Windows crash leading to denial of service.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-08
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution.
CVSS Score
7.8
EPSS Score
0.084
Published
2023-08-08
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
CVSS Score
4.7
EPSS Score
0.006
Published
2023-08-08
A potential vulnerability was reported in Radeon™ Software Crimson ReLive Edition which may allow escalation of privilege. Radeon™ Software Crimson ReLive Edition falls outside of the security support lifecycle and AMD does not plan to release any mitigations
CVSS Score
9.8
EPSS Score
0.002
Published
2023-08-08
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
CVSS Score
5.5
EPSS Score
0.063
Published
2023-08-08
An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution.
CVSS Score
6.8
EPSS Score
0.001
Published
2023-08-08
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVSS Score
9.8
EPSS Score
0.036
Published
2023-08-08
Microsoft Teams Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.006
Published
2023-08-08
Microsoft Teams Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.006
Published
2023-08-08
An issue in the CAB file extraction function of Bitberry File Opener v23.0 allows attackers to execute a directory traversal.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-08-08