Filtered by vendor Amd
Subscriptions
Total
287 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-21946 | 1 Amd | 2 Ryzen Master, Ryzen Master Utility For Overclocking Control | 2024-12-18 | 7.3 High |
Incorrect default permissions in the AMD RyzenTM Master Utility installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. | ||||
CVE-2024-21938 | 1 Amd | 1 Management Plugin For Sccm | 2024-12-18 | 7.3 High |
Incorrect default permissions in the AMD Management Plugin for the Microsoft® System Center Configuration Manager (SCCM) installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | ||||
CVE-2024-21939 | 1 Amd | 2 Cloud Manageability Service, Cloud Manageability Service Acms Software | 2024-12-18 | 7.3 High |
Incorrect default permissions in the AMD Cloud Manageability Service (ACMS) Software installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. | ||||
CVE-2024-21945 | 1 Amd | 2 Ryzen Master, Ryzen Master Monitoring Software Development Kit | 2024-12-18 | 7.3 High |
Incorrect default permissions in the AMD RyzenTM Master monitoring SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. | ||||
CVE-2024-21957 | 1 Amd | 1 Management Console | 2024-12-18 | 7.3 High |
Incorrect default permissions in the AMD Management Console installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. | ||||
CVE-2024-21958 | 1 Amd | 2 Provisioning Console, Provisioning Console Apc Software | 2024-12-18 | 7.3 High |
Incorrect default permissions in the AMD Provisioning Console installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | ||||
CVE-2023-31307 | 1 Amd | 32 Radeon Pro W6300, Radeon Pro W6400, Radeon Pro W6600 and 29 more | 2024-12-13 | 2.3 Low |
Improper validation of array index in Power Management Firmware (PMFW) may allow a privileged attacker to cause an out-of-bounds memory read within PMFW, potentially leading to a denial of service. | ||||
CVE-2023-31341 | 1 Amd | 2 Amd Uprof, Uprof | 2024-12-13 | 7.3 High |
Insufficient validation of the Input Output Control (IOCTL) input buffer in AMD μProf may allow an authenticated attacker to cause an out-of-bounds write, potentially causing a Windows® OS crash, resulting in denial of service. | ||||
CVE-2022-23815 | 1 Amd | 36 Athlon 3000g, Athlon Gold 3150g, Athlon Gold 3150g Firmware and 33 more | 2024-12-13 | 7.5 High |
Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution. | ||||
CVE-2021-26367 | 1 Amd | 102 Athlon Gold 3150c, Athlon Gold 3150c Firmware, Athlon Gold 3150g and 99 more | 2024-12-12 | 5.7 Medium |
A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability. | ||||
CVE-2021-26344 | 1 Amd | 141 Epyc 7001, Epyc 7001 Firmware, Epyc 7203 and 138 more | 2024-12-12 | 7.2 High |
An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution. | ||||
CVE-2023-20591 | 1 Amd | 132 Epyc 7003 Firmware, Epyc 7203, Epyc 7203 Firmware and 129 more | 2024-12-12 | 6.5 Medium |
Improper re-initialization of IOMMU during the DRTM event may permit an untrusted platform configuration to persist, allowing an attacker to read or modify hypervisor memory, potentially resulting in loss of confidentiality, integrity, and availability. | ||||
CVE-2023-20584 | 2 Amd, Redhat | 135 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 132 more | 2024-12-12 | 5.3 Medium |
IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity. | ||||
CVE-2023-20510 | 1 Amd | 32 Radeon Pro W6300, Radeon Pro W6400, Radeon Pro W6600 and 29 more | 2024-12-12 | 4.7 Medium |
An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service. | ||||
CVE-2023-31366 | 1 Amd | 1 Uprof | 2024-12-12 | 3.3 Low |
Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service. | ||||
CVE-2023-31349 | 1 Amd | 2 Amd Uprof, Uprof | 2024-12-12 | 7.3 High |
Incorrect default permissions in the AMD μProf installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | ||||
CVE-2023-31348 | 1 Amd | 2 Uprof, Uprof Tool | 2024-12-12 | 7.3 High |
A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | ||||
CVE-2023-20566 | 1 Amd | 130 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 127 more | 2024-12-03 | 5.3 Medium |
Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity. | ||||
CVE-2022-23821 | 1 Amd | 214 Athlon 3015ce, Athlon 3015ce Firmware, Athlon 3015e and 211 more | 2024-12-03 | 9.8 Critical |
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution. | ||||
CVE-2024-21937 | 1 Amd | 5 Amd Software Adrenalin Edition, Amd Software Cloud Edition, Amd Software Pro Edition and 2 more | 2024-11-27 | 7.3 High |
Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. |