Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-11 | CVE-2021-46767 | Improper Input Validation vulnerability in AMD Milanpi Firmware and Romepi Firmware Insufficient input validation in the ASP may allow an attacker with physical access, unauthorized write access to memory potentially leading to a loss of integrity or denial of service. | 6.1 |
| 2023-01-11 | CVE-2022-23814 | Improper Input Validation vulnerability in AMD Milanpi-Sp3 Firmware Failure to validate addresses provided by software to BIOS commands may result in a potential loss of integrity of guest memory in a confidential compute environment. | 5.3 |
| 2023-01-11 | CVE-2023-20522 | Improper Input Validation vulnerability in AMD Milanpi Firmware and Romepi Firmware Insufficient input validation in ASP may allow an attacker with a malicious BIOS to potentially cause a denial of service. | 7.5 |
| 2023-01-11 | CVE-2023-20525 | Improper Input Validation vulnerability in AMD products Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service. | 6.5 |
| 2023-01-11 | CVE-2023-20527 | Improper Input Validation vulnerability in AMD products Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, potentially leading to a denial-of-service. | 6.5 |
| 2023-01-11 | CVE-2023-20528 | Improper Input Validation vulnerability in AMD products Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus potentially leading to a loss of confidentiality. | 2.4 |
| 2023-01-11 | CVE-2023-20530 | Improper Input Validation vulnerability in AMD products Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service. | 7.5 |
| 2023-01-11 | CVE-2023-20532 | Improper Input Validation vulnerability in AMD products Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service. | 5.3 |
| 2023-01-11 | CVE-2023-22963 | Improper Input Validation vulnerability in Personnummer The personnummer implementation before 3.0.3 for Dart mishandles numbers in which the last four digits match the ^000[0-9]$ regular expression. | 5.3 |
| 2023-01-10 | CVE-2023-0139 | Improper Input Validation vulnerability in Google Chrome Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to bypass download restrictions via a crafted HTML page. | 6.5 |