Filtered by vendor Amd
Subscribe
Total
281 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-21946 | 1 Amd | 1 Ryzen Master Utility For Overclocking Control | 2024-12-18 | N/A | 7.3 HIGH |
| Incorrect default permissions in the AMD RyzenTM Master Utility installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. | |||||
| CVE-2024-21938 | 1 Amd | 1 Management Plugin For Sccm | 2024-12-18 | N/A | 7.3 HIGH |
| Incorrect default permissions in the AMD Management Plugin for the Microsoft® System Center Configuration Manager (SCCM) installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | |||||
| CVE-2024-21939 | 1 Amd | 1 Cloud Manageability Service | 2024-12-18 | N/A | 7.3 HIGH |
| Incorrect default permissions in the AMD Cloud Manageability Service (ACMS) Software installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. | |||||
| CVE-2024-21945 | 1 Amd | 1 Ryzen Master Monitoring Software Development Kit | 2024-12-18 | N/A | 7.3 HIGH |
| Incorrect default permissions in the AMD RyzenTM Master monitoring SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. | |||||
| CVE-2024-21957 | 1 Amd | 1 Management Console | 2024-12-18 | N/A | 7.3 HIGH |
| Incorrect default permissions in the AMD Management Console installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. | |||||
| CVE-2024-21958 | 1 Amd | 1 Provisioning Console | 2024-12-18 | N/A | 7.3 HIGH |
| Incorrect default permissions in the AMD Provisioning Console installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | |||||
| CVE-2023-31307 | 1 Amd | 32 Radeon Pro W6300, Radeon Pro W6400, Radeon Pro W6600 and 29 more | 2024-12-13 | N/A | 2.3 LOW |
| Improper validation of array index in Power Management Firmware (PMFW) may allow a privileged attacker to cause an out-of-bounds memory read within PMFW, potentially leading to a denial of service. | |||||
| CVE-2021-26367 | 1 Amd | 102 Athlon Gold 3150c, Athlon Gold 3150c Firmware, Athlon Gold 3150g and 99 more | 2024-12-12 | N/A | 5.7 MEDIUM |
| A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability. | |||||
| CVE-2023-20584 | 1 Amd | 130 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 127 more | 2024-12-12 | N/A | 5.3 MEDIUM |
| IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity. | |||||
| CVE-2023-20510 | 1 Amd | 32 Radeon Pro W6300, Radeon Pro W6400, Radeon Pro W6600 and 29 more | 2024-12-12 | N/A | 4.7 MEDIUM |
| An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service. | |||||
| CVE-2023-31366 | 1 Amd | 1 Uprof | 2024-12-12 | N/A | 3.3 LOW |
| Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service. | |||||
| CVE-2023-31349 | 1 Amd | 1 Uprof | 2024-12-12 | N/A | 7.3 HIGH |
| Incorrect default permissions in the AMD μProf installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | |||||
| CVE-2023-31348 | 1 Amd | 1 Uprof | 2024-12-12 | N/A | 7.3 HIGH |
| A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | |||||
| CVE-2024-21937 | 1 Amd | 2 Radeon Software, Radeon Software For Hip | 2024-11-27 | N/A | 7.3 HIGH |
| Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. | |||||
| CVE-2023-20575 | 1 Amd | 176 Epyc 5552, Epyc 5552 Firmware, Epyc 7232p and 173 more | 2024-11-27 | N/A | 6.5 MEDIUM |
| A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM potentially resulting in a leak of sensitive information. | |||||
| CVE-2019-5478 | 1 Amd | 82 Zu11eg, Zu11eg Firmware, Zu15eg and 79 more | 2024-11-27 | 2.1 LOW | 5.5 MEDIUM |
| A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior. | |||||
| CVE-2023-31339 | 2 Amd, Arm | 43 Trusted Firmware-a, Zu11eg, Zu15eg and 40 more | 2024-11-27 | N/A | 4.8 MEDIUM |
| Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service. | |||||
| CVE-2024-21980 | 1 Amd | 172 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 169 more | 2024-11-26 | N/A | 7.9 HIGH |
| Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity. | |||||
| CVE-2024-21978 | 1 Amd | 172 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 169 more | 2024-11-26 | N/A | 6.0 MEDIUM |
| Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption. | |||||
| CVE-2023-31355 | 1 Amd | 172 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 169 more | 2024-11-26 | N/A | 6.0 MEDIUM |
| Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest. | |||||