Insufficient bounds checking in ASP (AMD Secure Processor) firmware while handling BIOS mailbox commands, may allow an attacker to write partially-controlled data out-of-bounds to SMM or SEV-ES regions which may lead to a potential loss of integrity and availability.
CWE-787
CVE-2021-26411
Internet Explorer Memory Corruption Vulnerability
CVE-2021-26419
Scripting Engine Memory Corruption Vulnerability
CVE-2021-26330
AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources.
CVE-2021-26222
The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.
CVE-2021-26233
FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfcb, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.