CVEs classified under CWE-1231, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2024-36354 — CVSS 7.5 (high): Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a…
CVE-2025-52536: Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting…
CVE-2022-42285 — CVSS 6.0 (medium): DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization (PEI)phase, where a privileged user can disable SPI flash protection…