Filtered by vendor Amd Subscriptions
Total 287 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-21949 1 Amd 1 Ryzen Ai Software 2024-11-15 5.5 Medium
Improper validation of user input in the NPU driver could allow an attacker to provide a buffer with unexpected size, potentially leading to system crash.
CVE-2024-21974 1 Amd 1 Ryzen Ai Software 2024-11-15 8.8 High
Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution.
CVE-2024-21975 1 Amd 1 Ryzen Ai Software 2024-11-15 8.8 High
Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution.
CVE-2024-21976 1 Amd 1 Ryzen 2024-11-13 8.8 High
Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution.
CVE-2023-20578 1 Amd 218 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 215 more 2024-10-02 7.5 High
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution.
CVE-2022-23817 1 Amd 128 Athlon 3000g Firmware, Athlon Gold 3150ge Firmware, Athlon Gold Pro 3150g Firmware and 125 more 2024-08-17 7 High
Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space, potentially leading to privilege escalation.
CVE-2024-21981 1 Amd 3 Athlon, Epyc, Ryzen 2024-08-15 5.7 Medium
Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to extract ASP cryptographic keys, potentially resulting in loss of confidentiality and integrity.