CVE-2023-25506

HIGH Year: 2023
CVSS v3 Score
8.2
High
Weakness Type
CWE-788
View all →

Vulnerability Description

NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. The scope of the impact of this vulnerability can extend to other components.

Related Vulnerabilities

CVE-2020-24412

HIGH
CVSS:7.8(High)

Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in...

CWE-7882020

CVE-2020-24413

HIGH
CVSS:7.8(High)

Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in...

CWE-7882020

CVE-2020-24414

HIGH
CVSS:7.8(High)

Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in...

CWE-7882020

CVE-2020-24415

HIGH
CVSS:7.8(High)

Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in...

CWE-7882020

CVE-2020-9727

HIGH
CVSS:7.8(High)

A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resu...

CWE-7882020

CVE-2020-9728

HIGH
CVSS:7.8(High)

A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resu...

CWE-7882020