Filtered by vendor Amd Subscriptions
Total 287 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-21946 1 Amd 2 Ryzen Master, Ryzen Master Utility For Overclocking Control 2024-12-18 7.3 High
Incorrect default permissions in the AMD RyzenTM Master Utility installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
CVE-2024-21938 1 Amd 1 Management Plugin For Sccm 2024-12-18 7.3 High
Incorrect default permissions in the AMD Management Plugin for the Microsoft® System Center Configuration Manager (SCCM) installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
CVE-2024-21939 1 Amd 2 Cloud Manageability Service, Cloud Manageability Service Acms Software 2024-12-18 7.3 High
Incorrect default permissions in the AMD Cloud Manageability Service (ACMS) Software installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
CVE-2024-21945 1 Amd 2 Ryzen Master, Ryzen Master Monitoring Software Development Kit 2024-12-18 7.3 High
Incorrect default permissions in the AMD RyzenTM Master monitoring SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
CVE-2024-21957 1 Amd 1 Management Console 2024-12-18 7.3 High
Incorrect default permissions in the AMD Management Console installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
CVE-2024-21958 1 Amd 2 Provisioning Console, Provisioning Console Apc Software 2024-12-18 7.3 High
Incorrect default permissions in the AMD Provisioning Console installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
CVE-2023-31307 1 Amd 32 Radeon Pro W6300, Radeon Pro W6400, Radeon Pro W6600 and 29 more 2024-12-13 2.3 Low
Improper validation of array index in Power Management Firmware (PMFW) may allow a privileged attacker to cause an out-of-bounds memory read within PMFW, potentially leading to a denial of service.
CVE-2023-31341 1 Amd 2 Amd Uprof, Uprof 2024-12-13 7.3 High
Insufficient validation of the Input Output Control (IOCTL) input buffer in AMD μProf may allow an authenticated attacker to cause an out-of-bounds write, potentially causing a Windows® OS crash, resulting in denial of service.
CVE-2022-23815 1 Amd 36 Athlon 3000g, Athlon Gold 3150g, Athlon Gold 3150g Firmware and 33 more 2024-12-13 7.5 High
Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.
CVE-2021-26367 1 Amd 102 Athlon Gold 3150c, Athlon Gold 3150c Firmware, Athlon Gold 3150g and 99 more 2024-12-12 5.7 Medium
A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability.
CVE-2021-26344 1 Amd 141 Epyc 7001, Epyc 7001 Firmware, Epyc 7203 and 138 more 2024-12-12 7.2 High
An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution.
CVE-2023-20591 1 Amd 132 Epyc 7003 Firmware, Epyc 7203, Epyc 7203 Firmware and 129 more 2024-12-12 6.5 Medium
Improper re-initialization of IOMMU during the DRTM event may permit an untrusted platform configuration to persist, allowing an attacker to read or modify hypervisor memory, potentially resulting in loss of confidentiality, integrity, and availability.
CVE-2023-20584 2 Amd, Redhat 135 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 132 more 2024-12-12 5.3 Medium
IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
CVE-2023-20510 1 Amd 32 Radeon Pro W6300, Radeon Pro W6400, Radeon Pro W6600 and 29 more 2024-12-12 4.7 Medium
An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service.
CVE-2023-31366 1 Amd 1 Uprof 2024-12-12 3.3 Low
Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service.
CVE-2023-31349 1 Amd 2 Amd Uprof, Uprof 2024-12-12 7.3 High
Incorrect default permissions in the AMD μProf installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
CVE-2023-31348 1 Amd 2 Uprof, Uprof Tool 2024-12-12 7.3 High
A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
CVE-2023-20566 1 Amd 130 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 127 more 2024-12-03 5.3 Medium
Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.
CVE-2022-23821 1 Amd 214 Athlon 3015ce, Athlon 3015ce Firmware, Athlon 3015e and 211 more 2024-12-03 9.8 Critical
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.
CVE-2024-21937 1 Amd 5 Amd Software Adrenalin Edition, Amd Software Cloud Edition, Amd Software Pro Edition and 2 more 2024-11-27 7.3 High
Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.