Filtered by vendor Amd Subscriptions
Total 287 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-20575 1 Amd 176 Epyc 5552, Epyc 5552 Firmware, Epyc 7232p and 173 more 2024-11-27 6.5 Medium
A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM potentially resulting in a leak of sensitive information.
CVE-2019-5478 1 Amd 82 Zu11eg, Zu11eg Firmware, Zu15eg and 79 more 2024-11-27 5.5 Medium
A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior.
CVE-2023-31339 2 Amd, Arm 43 Trusted Firmware-a, Zu11eg, Zu15eg and 40 more 2024-11-27 4.8 Medium
Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.
CVE-2024-21980 1 Amd 174 Epyc 7003 Firmware, Epyc 7203, Epyc 7203 Firmware and 171 more 2024-11-26 7.9 High
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.
CVE-2024-21978 1 Amd 174 Epyc 7003 Firmware, Epyc 7203, Epyc 7203 Firmware and 171 more 2024-11-26 6 Medium
Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption.
CVE-2023-31355 1 Amd 172 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 169 more 2024-11-26 6 Medium
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.
CVE-2023-4969 3 Amd, Imaginationtech, Khronos 261 Athlon 3000g, Athlon 3000g Firmware, Instinct Mi100 and 258 more 2024-11-21 6.5 Medium
A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.
CVE-2023-44216 8 Amd, Apple, Canonical and 5 more 17 Ryzen 5 7600x, Ryzen 7 4800u, M1 Mac Mini and 14 more 2024-11-21 5.3 Medium
PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin.
CVE-2023-39281 3 Amd, Insyde, Intel 279 Athlon Gold 7220u, Athlon Silver 7120u, Ryzen3 5300u and 276 more 2024-11-21 9.8 Critical
A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.
CVE-2023-31347 1 Amd 123 Epyc 7203 Firmware, Epyc 7203p, Epyc 7203p Firmware and 120 more 2024-11-21 4.9 Medium
Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity.  
CVE-2023-31346 2 Amd, Redhat 128 Epyc 7203 Firmware, Epyc 7203p, Epyc 7203p Firmware and 125 more 2024-11-21 6.0 Medium
Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.
CVE-2023-31320 1 Amd 113 Radeon Pro Vega 56, Radeon Pro Vega 56 Firmware, Radeon Pro Vega 64 and 110 more 2024-11-21 7.5 High
Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service.
CVE-2023-20598 1 Amd 107 Radeon Pro W5500, Radeon Pro W5700, Radeon Pro W6300 and 104 more 2024-11-21 7.8 High
An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution.
CVE-2023-20597 1 Amd 202 Ryzen 3100, Ryzen 3100 Firmware, Ryzen 3300x and 199 more 2024-11-21 5.5 Medium
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVE-2023-20596 1 Amd 128 Ryzen 3 5125c, Ryzen 3 5125c Firmware, Ryzen 3 5300g and 125 more 2024-11-21 9.8 Critical
Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.
CVE-2023-20594 1 Amd 250 Epyc 7003, Epyc 7003 Firmware, Epyc 72f3 and 247 more 2024-11-21 4.4 Medium
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVE-2023-20593 4 Amd, Debian, Redhat and 1 more 147 Athlon Gold 7220u, Athlon Gold 7220u Firmware, Epyc 7232p and 144 more 2024-11-21 5.5 Medium
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
CVE-2023-20592 2 Amd, Redhat 141 Epyc 7001, Epyc 7001 Firmware, Epyc 7203 and 138 more 2024-11-21 6.5 Medium
Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity.
CVE-2023-20589 1 Amd 244 4700s, 4700s Firmware, Athlon Gold 3150c and 241 more 2024-11-21 6.8 Medium
An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution. 
CVE-2023-20588 5 Amd, Debian, Fedoraproject and 2 more 78 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 75 more 2024-11-21 5.5 Medium
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.