{
"Source": "CVE FEED",
"Title": "CVE-2024-36354 - Intel DIMM SMM Isolation Bypass Vulnerability",
"Content": "CVE ID : CVE-2024-36354
Published : Sept. 6, 2025, 6:15 p.m. | 21 minutes ago
Description : Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to bypass SMM isolation potentially resulting in arbitrary code execution at the SMM level.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-36354 - Intel DIMM SMM Isolation Bypass Vulnerability",
"Content": "CVE ID : CVE-2024-36354
Published : Sept. 6, 2025, 6:15 p.m. | 21 minutes ago
Description : Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to bypass SMM isolation potentially resulting in arbitrary code execution at the SMM level.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-36352 - AMD Graphics Driver Pointer Validation Vulnerability",
"Content": "CVE ID : CVE-2024-36352
Published : Sept. 6, 2025, 6:15 p.m. | 21 minutes ago
Description : Improper input validation in the AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary writes or denial of service.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-36352 - AMD Graphics Driver Pointer Validation Vulnerability",
"Content": "CVE ID : CVE-2024-36352
Published : Sept. 6, 2025, 6:15 p.m. | 21 minutes ago
Description : Improper input validation in the AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary writes or denial of service.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-21947 - Intel SMM Arbitrary Code Execution Vulnerability",
"Content": "CVE ID : CVE-2024-21947
Published : Sept. 6, 2025, 6:15 p.m. | 21 minutes ago
Description : Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-21947 - Intel SMM Arbitrary Code Execution Vulnerability",
"Content": "CVE ID : CVE-2024-21947
Published : Sept. 6, 2025, 6:15 p.m. | 21 minutes ago
Description : Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-21970 - AMD AND Power Management Firmware Array Index Validation Vulnerability",
"Content": "CVE ID : CVE-2024-21970
Published : Sept. 6, 2025, 6:15 p.m. | 21 minutes ago
Description : Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-21970 - AMD AND Power Management Firmware Array Index Validation Vulnerability",
"Content": "CVE ID : CVE-2024-21970
Published : Sept. 6, 2025, 6:15 p.m. | 21 minutes ago
Description : Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-36326 - AMD RomArmor Missing Authorization Vulnerability",
"Content": "CVE ID : CVE-2024-36326
Published : Sept. 6, 2025, 6:15 p.m. | 21 minutes ago
Description : Missing authorization in AMD RomArmor could allow an attacker to bypass ROMArmor protections during system resume from a standby state, potentially resulting in a loss of confidentiality and integrity.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-36326 - AMD RomArmor Missing Authorization Vulnerability",
"Content": "CVE ID : CVE-2024-36326
Published : Sept. 6, 2025, 6:15 p.m. | 21 minutes ago
Description : Missing authorization in AMD RomArmor could allow an attacker to bypass ROMArmor protections during system resume from a standby state, potentially resulting in a loss of confidentiality and integrity.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-36331 - AMD SEV-SNP CPU Cache Memory Overwrite Vulnerability",
"Content": "CVE ID : CVE-2024-36331
Published : Sept. 6, 2025, 6:15 p.m. | 21 minutes ago
Description : Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity.
Severity: 3.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-36331 - AMD SEV-SNP CPU Cache Memory Overwrite Vulnerability",
"Content": "CVE ID : CVE-2024-36331
Published : Sept. 6, 2025, 6:15 p.m. | 21 minutes ago
Description : Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity.
Severity: 3.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-36342 - NVIDIA GPU Driver Heap Overflow Vulnerability",
"Content": "CVE ID : CVE-2024-36342
Published : Sept. 6, 2025, 6:15 p.m. | 21 minutes ago
Description : Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-36342 - NVIDIA GPU Driver Heap Overflow Vulnerability",
"Content": "CVE ID : CVE-2024-36342
Published : Sept. 6, 2025, 6:15 p.m. | 21 minutes ago
Description : Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2024-36346 - AMD Power Management Firmware (PMFW) GPU Reset Vulnerability",
"Content": "CVE ID : CVE-2024-36346
Published : Sept. 6, 2025, 6:15 p.m. | 21 minutes ago
Description : Improper input validation in AMD Power Management Firmware (PMFW) could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2024-36346 - AMD Power Management Firmware (PMFW) GPU Reset Vulnerability",
"Content": "CVE ID : CVE-2024-36346
Published : Sept. 6, 2025, 6:15 p.m. | 21 minutes ago
Description : Improper input validation in AMD Power Management Firmware (PMFW) could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-0009 - AMD Crash Defender NULL Pointer Dereference",
"Content": "CVE ID : CVE-2025-0009
Published : Sept. 6, 2025, 6:12 p.m. | 24 minutes ago
Description : A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss of availability.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-0009 - AMD Crash Defender NULL Pointer Dereference",
"Content": "CVE ID : CVE-2025-0009
Published : Sept. 6, 2025, 6:12 p.m. | 24 minutes ago
Description : A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss of availability.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2023-31365 - AMD SMU Integer Overflow Vulnerability",
"Content": "CVE ID : CVE-2023-31365
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : An integer overflow in the SMU could allow a privileged attacker to potentially write memory beyond the end of the reserved dRAM area resulting in loss of integrity or availability.
Severity: 3.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2023-31365 - AMD SMU Integer Overflow Vulnerability",
"Content": "CVE ID : CVE-2023-31365
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : An integer overflow in the SMU could allow a privileged attacker to potentially write memory beyond the end of the reserved dRAM area resulting in loss of integrity or availability.
Severity: 3.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2023-31322 - Apache ASP Type Confusion Memory Corruption Vulnerability",
"Content": "CVE ID : CVE-2023-31322
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Type confusion in the ASP could allow an attacker to pass a malformed argument to the Reliability, Availability, and Serviceability trusted application (RAS TA) potentially leading to a read or write to shared memory resulting in loss of confidentiality, integrity, or availability.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2023-31322 - Apache ASP Type Confusion Memory Corruption Vulnerability",
"Content": "CVE ID : CVE-2023-31322
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Type confusion in the ASP could allow an attacker to pass a malformed argument to the Reliability, Availability, and Serviceability trusted application (RAS TA) potentially leading to a read or write to shared memory resulting in loss of confidentiality, integrity, or availability.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2023-31325 - Xilinx Zynq-7000 SOC Data Confidentiality and Integrity Vulnerability",
"Content": "CVE ID : CVE-2023-31325
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Improper isolation of shared resources on System-on-a-chip (SOC) could a privileged attacker to tamper with the contents of the PSP reserved DRAM region potentially resulting in loss of confidentiality and integrity.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2023-31325 - Xilinx Zynq-7000 SOC Data Confidentiality and Integrity Vulnerability",
"Content": "CVE ID : CVE-2023-31325
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Improper isolation of shared resources on System-on-a-chip (SOC) could a privileged attacker to tamper with the contents of the PSP reserved DRAM region potentially resulting in loss of confidentiality and integrity.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2023-31330 - "Qualcomm Snapdragon ASP Out-of-Bounds Read Vulnerability"",
"Content": "CVE ID : CVE-2023-31330
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss of confidentiality.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2023-31330 - "Qualcomm Snapdragon ASP Out-of-Bounds Read Vulnerability"",
"Content": "CVE ID : CVE-2023-31330
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss of confidentiality.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2023-31351 - VMware vSphere IOMMU Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2023-31351
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Improper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory resulting in loss of integrity.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2023-31351 - VMware vSphere IOMMU Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2023-31351
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Improper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory resulting in loss of integrity.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2023-31326 - Apache ASP Uninitialized Variable Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2023-31326
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment (TEE) driver, potentially leading to loss of confidentiality.
Severity: 2.8 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2023-31326 - Apache ASP Uninitialized Variable Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2023-31326
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment (TEE) driver, potentially leading to loss of confidentiality.
Severity: 2.8 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-58445 - Atlantis Exposes Service Version Publicly on /status API Endpoint",
"Content": "CVE ID : CVE-2025-58445
Published : Sept. 6, 2025, 8:15 p.m. | 29 minutes ago
Description : Atlantis is a self-hosted golang application that listens for Terraform pull request events via webhooks. All versions of Atlantis publicly expose detailed version information through its /status endpoint. This information disclosure could allow attackers to identify and target known vulnerabilities associated with the specific versions, potentially compromising the service's security posture. This issue does not currently have a fix.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-58445 - Atlantis Exposes Service Version Publicly on /status API Endpoint",
"Content": "CVE ID : CVE-2025-58445
Published : Sept. 6, 2025, 8:15 p.m. | 29 minutes ago
Description : Atlantis is a self-hosted golang application that listens for Terraform pull request events via webhooks. All versions of Atlantis publicly expose detailed version information through its /status endpoint. This information disclosure could allow attackers to identify and target known vulnerabilities associated with the specific versions, potentially compromising the service's security posture. This issue does not currently have a fix.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-58443 - FOG's authentication bypass leads to full SQL DB dump",
"Content": "CVE ID : CVE-2025-58443
Published : Sept. 6, 2025, 8:15 p.m. | 29 minutes ago
Description : FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1673 and below contain an authentication bypass vulnerability. It is possible for an attacker to perform an unauthenticated DB dump where they could pull a full SQL DB without credentials. A fix is expected to be released 9/15/2025. To address this vulnerability immediately, upgrade to the latest version of either the dev-branch or working-1.6 branch. This will patch the issue for users concerned about immediate exposure. See the FOG Project documentation for step-by-step upgrade instructions: .
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-58443 - FOG's authentication bypass leads to full SQL DB dump",
"Content": "CVE ID : CVE-2025-58443
Published : Sept. 6, 2025, 8:15 p.m. | 29 minutes ago
Description : FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1673 and below contain an authentication bypass vulnerability. It is possible for an attacker to perform an unauthenticated DB dump where they could pull a full SQL DB without credentials. A fix is expected to be released 9/15/2025. To address this vulnerability immediately, upgrade to the latest version of either the dev-branch or working-1.6 branch. This will patch the issue for users concerned about immediate exposure. See the FOG Project documentation for step-by-step upgrade instructions: .
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-0011 - AMD Crash Defender Kernel Address Information Disclosure",
"Content": "CVE ID : CVE-2025-0011
Published : Sept. 6, 2025, 7:15 p.m. | 1 hour, 29 minutes ago
Description : Improper removal of sensitive information before storage or transfer in AMD Crash Defender could allow an attacker to obtain kernel address information potentially resulting in loss of confidentiality.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-0011 - AMD Crash Defender Kernel Address Information Disclosure",
"Content": "CVE ID : CVE-2025-0011
Published : Sept. 6, 2025, 7:15 p.m. | 1 hour, 29 minutes ago
Description : Improper removal of sensitive information before storage or transfer in AMD Crash Defender could allow an attacker to obtain kernel address information potentially resulting in loss of confidentiality.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-0032 - AMD CPU Microcode Patch Loading Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2025-0032
Published : Sept. 6, 2025, 7:15 p.m. | 1 hour, 29 minutes ago
Description : Improper cleanup in AMD CPU microcode patch loading could allow an attacker with local administrator privilege to load malicious CPU microcode, potentially resulting in loss of integrity of x86 instruction execution.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-0032 - AMD CPU Microcode Patch Loading Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2025-0032
Published : Sept. 6, 2025, 7:15 p.m. | 1 hour, 29 minutes ago
Description : Improper cleanup in AMD CPU microcode patch loading could allow an attacker with local administrator privilege to load malicious CPU microcode, potentially resulting in loss of integrity of x86 instruction execution.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-0034 - Qualcomm Snapdragon TEE SOC Driver Use-After-Free Buffer Overflow",
"Content": "CVE ID : CVE-2025-0034
Published : Sept. 6, 2025, 7:15 p.m. | 1 hour, 29 minutes ago
Description : Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-0034 - Qualcomm Snapdragon TEE SOC Driver Use-After-Free Buffer Overflow",
"Content": "CVE ID : CVE-2025-0034
Published : Sept. 6, 2025, 7:15 p.m. | 1 hour, 29 minutes ago
Description : Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-58438 - internetarchive is vulnerable to Directory Traversal through file downloads",
"Content": "CVE ID : CVE-2025-58438
Published : Sept. 6, 2025, 7:15 p.m. | 1 hour, 29 minutes ago
Description : internetarchive is a Python and Command-Line Interface to Archive.org In versions 5.5.0 and below, there is a directory traversal (path traversal) vulnerability in the File.download() method of the internetarchive library. The file.download() method does not properly sanitize user-supplied filenames or validate the final download path. A maliciously crafted filename could contain path traversal sequences (e.g., ../../../../windows/system32/file.txt) or illegal characters that, when processed, would cause the file to be written outside of the intended target directory. An attacker could potentially overwrite critical system files or application configuration files, leading to a denial of service, privilege escalation, or remote code execution, depending on the context in which the library is used. The vulnerability is particularly critical for users on Windows systems, but all operating systems are affected. This issue is fixed in version 5.5.1.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-58438 - internetarchive is vulnerable to Directory Traversal through file downloads",
"Content": "CVE ID : CVE-2025-58438
Published : Sept. 6, 2025, 7:15 p.m. | 1 hour, 29 minutes ago
Description : internetarchive is a Python and Command-Line Interface to Archive.org In versions 5.5.0 and below, there is a directory traversal (path traversal) vulnerability in the File.download() method of the internetarchive library. The file.download() method does not properly sanitize user-supplied filenames or validate the final download path. A maliciously crafted filename could contain path traversal sequences (e.g., ../../../../windows/system32/file.txt) or illegal characters that, when processed, would cause the file to be written outside of the intended target directory. An attacker could potentially overwrite critical system files or application configuration files, leading to a denial of service, privilege escalation, or remote code execution, depending on the context in which the library is used. The vulnerability is particularly critical for users on Windows systems, but all operating systems are affected. This issue is fixed in version 5.5.1.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "06 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹