Search Results (432 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-52536 1 Amd 8 Epyc 7003 Series Processors, Epyc 8004 Series Processors, Epyc 9004 Series Processors and 5 more 2026-04-15 N/A
Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity.
CVE-2025-29952 1 Amd 2 Epyc 9005 Series Processors, Epyc Embedded 9005 Series Processors 2026-04-15 N/A
Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity
CVE-2025-0003 1 Amd 1 Xilinx Run Time 2026-04-15 7.3 High
Inadequate lock protection within Xilinx Run time may allow a local attacker to trigger a Use-After-Free condition potentially resulting in loss of confidentiality or availability
CVE-2025-52541 1 Amd 1 Vivado Installation 2026-04-15 7.3 High
A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
CVE-2025-0012 1 Amd 2 Epyc 9005 Series Processors, Epyc Embedded 9005 Series Processors 2026-04-15 N/A
Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality.
CVE-2023-31330 1 Amd 8 Athlon, Athlon 3000, Ryzen 3000 and 5 more 2026-04-15 2.5 Low
An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss of confidentiality.
CVE-2023-31364 1 Amd 33 Athlon 3000 Series Mobile Processors With Radeon Graphics, Epyc 7001 Series Processors, Epyc 7002 Series Processors and 30 more 2026-04-15 N/A
Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service.
CVE-2024-21922 1 Amd 1 Storemi 2026-04-15 7.3 High
A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
CVE-2025-54515 2 Amd, Arm 4 Alveo, Versal, Cortex-a and 1 more 2026-04-15 N/A
The Secure Flag passed to Versal™ Adaptive SoC’s Trusted Firmware for Cortex®-A processors (TF-A) for Arm’s Power State Coordination Interface (PSCI) commands were incorrectly set to secure instead of using the processor’s actual security state. This would allow the PSCI requests to appear they were from processors in the secure state instead of the non-secure state.
CVE-2023-31326 1 Amd 8 Instinct Mi210, Instinct Mi250, Radeon Pro V710 and 5 more 2026-04-15 2.8 Low
Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment (TEE) driver, potentially leading to loss of confidentiality.
CVE-2025-0029 1 Amd 2 Epyc 9005 Series Processors, Epyc Embedded 9005 Series Processors 2026-04-15 N/A
Improper handling of error condition during host-induced faults can allow a local high-privileged attack to selectively drop guest DMA writes, potentially resulting in a loss of SEV-SNP guest memory integrity
CVE-2023-31351 1 Amd 4 Epyc, Epyc 7003, Epyc 8004 and 1 more 2026-04-15 5.3 Medium
Improper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory resulting in loss of integrity.
CVE-2025-48518 1 Amd 9 Radeon Pro V710, Radeon Pro W7000 Series, Radeon Rx 7000 Series and 6 more 2026-04-15 N/A
Improper input validation in AMD Graphics Driver could allow a local attacker to write out of bounds, potentially resulting in loss of integrity or denial of service.
CVE-2025-0009 1 Amd 9 Athlon, Radeon Pro V520, Radeon Pro V620 and 6 more 2026-04-15 5.5 Medium
A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss of availability.
CVE-2023-31322 1 Amd 3 Radeon, Radeon Pro W7000, Radeon Rx 7000 2026-04-15 8.7 High
Type confusion in the ASP could allow an attacker to pass a malformed argument to the Reliability, Availability, and Serviceability trusted application (RAS TA) potentially leading to a read or write to shared memory resulting in loss of confidentiality, integrity, or availability.
CVE-2024-21923 1 Amd 1 Storemi 2026-04-15 7.3 High
Incorrect default permissions in AMD StoreMI™ could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
CVE-2025-0031 1 Amd 9 Epyc 7003 Series Processors, Epyc 8004 Series Processors, Epyc 9004 Series Processors and 6 more 2026-04-15 N/A
A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity.
CVE-2023-20516 1 Amd 7 Instinct Mi210, Instinct Mi250, Radeon and 4 more 2026-04-15 3.3 Low
Improper handling of insufficiency privileges in the ASP could allow a privileged attacker to modify Translation Map Registers (TMRs) potentially resulting in loss of confidentiality or integrity.
CVE-2025-48515 1 Amd 5 Ryzen 5000 Series Desktop Processors, Ryzen 5000 Series Desktop Processors With Radeon Graphics, Ryzen 5000 Series Mobile Processors With Radeon Graphics and 2 more 2026-04-15 N/A
Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution.
CVE-2024-36319 1 Amd 14 Instinct Mi300a, Instinct Mi300x, Instinct Mi308x and 11 more 2026-04-15 N/A
Debug code left active in AMD's Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system.