Filtered by vendor Amd
Subscriptions
Total
263 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-26311 | 1 Amd | 65 Epyc 7232p, Epyc 7251, Epyc 7252 and 62 more | 2024-09-17 | 7.2 High |
In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor. | ||||
CVE-2020-12961 | 1 Amd | 90 Epyc 7002, Epyc 7002 Firmware, Epyc 7003 and 87 more | 2024-09-17 | 7.8 High |
A potential vulnerability exists in AMD Platform Security Processor (PSP) that may allow an attacker to zero any privileged register on the System Management Network which may lead to bypassing SPI ROM protections. | ||||
CVE-2021-46771 | 1 Amd | 46 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 43 more | 2024-09-17 | 7.8 High |
Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user application. | ||||
CVE-2021-26400 | 1 Amd | 1 Cpu | 2024-09-17 | 4.0 Medium |
AMD processors may speculatively re-order load instructions which can result in stale data being observed when multiple processors are operating on shared memory, resulting in potential data leakage. | ||||
CVE-2022-23823 | 1 Amd | 284 A10-9600p, A10-9600p Firmware, A10-9630p and 281 more | 2024-09-17 | 6.5 Medium |
A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure. | ||||
CVE-2020-12960 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-09-17 | 5.5 Medium |
AMD Graphics Driver for Windows 10, amdfender.sys may improperly handle input validation on InputBuffer which may result in a denial of service (DoS). | ||||
CVE-2021-26337 | 1 Amd | 224 Epyc 7002, Epyc 7002 Firmware, Epyc 7003 and 221 more | 2024-09-17 | 5.5 Medium |
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests. | ||||
CVE-2021-26375 | 1 Amd | 167 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 164 more | 2024-09-17 | 5.5 Medium |
Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service. | ||||
CVE-2020-12980 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2024-09-17 | 7.8 High |
An out of bounds write and read vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | ||||
CVE-2020-12901 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-09-17 | 5.5 Medium |
Arbitrary Free After Use in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or information disclosure. | ||||
CVE-2021-26401 | 2 Amd, Redhat | 255 A10-9600p, A10-9600p Firmware, A10-9630p and 252 more | 2024-09-17 | 5.6 Medium |
LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. | ||||
CVE-2020-12898 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-09-17 | 7.8 High |
Stack Buffer Overflow in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | ||||
CVE-2020-12983 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2024-09-17 | 7.8 High |
An out of bounds write vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privileges or denial of service. | ||||
CVE-2021-26327 | 1 Amd | 40 Epyc 7003, Epyc 7003 Firmware, Epyc 72f3 and 37 more | 2024-09-17 | 5.5 Medium |
Insufficient validation of guest context in the SNP Firmware could lead to a potential loss of guest confidentiality. | ||||
CVE-2022-27674 | 4 Amd, Freebsd, Linux and 1 more | 4 Amd Uprof, Freebsd, Linux Kernel and 1 more | 2024-09-17 | 7.5 High |
Insufficient validation in the IOCTL input/output buffer in AMD μProf may allow an attacker to bypass bounds checks potentially leading to a Windows kernel crash resulting in denial of service. | ||||
CVE-2021-26314 | 6 Amd, Arm, Broadcom and 3 more | 11 Ryzen 5 5600x, Ryzen 7 2700x, Ryzen Threadripper 2990wx and 8 more | 2024-09-17 | 5.5 Medium |
Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage. | ||||
CVE-2020-12900 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-09-17 | 7.8 High |
An arbitrary write vulnerability in the AMD Radeon Graphics Driver for Windows 10 potentially allows unprivileged users to gain Escalation of Privileges and cause Denial of Service. | ||||
CVE-2021-26363 | 1 Amd | 67 Radeon Software, Ryzen 3 3100, Ryzen 3 3100 Firmware and 64 more | 2024-09-17 | 4.4 Medium |
A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area, potentially leading to data exposure. | ||||
CVE-2020-12929 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-09-17 | 7.8 High |
Improper parameters validation in some trusted applications of the PSP contained in the AMD Graphics Driver may allow a local attacker to bypass security restrictions and achieve arbitrary code execution . | ||||
CVE-2021-26339 | 1 Amd | 168 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 165 more | 2024-09-17 | 5.5 Medium |
A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers. |