Export limit exceeded: 363359 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (34 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-31364 1 Amd 33 Athlon 3000 Series Mobile Processors With Radeon Graphics, Epyc 7001 Series Processors, Epyc 7002 Series Processors and 30 more 2026-04-15 N/A
Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service.
CVE-2025-48518 1 Amd 9 Radeon Pro V710, Radeon Pro W7000 Series, Radeon Rx 7000 Series and 6 more 2026-04-15 N/A
Improper input validation in AMD Graphics Driver could allow a local attacker to write out of bounds, potentially resulting in loss of integrity or denial of service.
CVE-2025-29951 1 Amd 4 Ryzen 5000 Series Mobile Processors With Radeon Graphics, Ryzen Embedded R1000 Series Processors, Ryzen Embedded R2000 Series Processors and 1 more 2026-04-15 N/A
A buffer overflow in the AMD Secure Processor (ASP) bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution.
CVE-2024-36311 1 Amd 5 Ryzen 5000 Series Desktop Processors, Ryzen 7000 Series Desktop Processors, Ryzen 7040 Series Mobile Processors With Radeon Graphics and 2 more 2026-04-15 N/A
A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability.
CVE-2025-29949 1 Amd 17 Ryzen 5000 Series Desktop Processors, Ryzen 5000 Series Desktop Processors With Radeon Graphics, Ryzen 5000 Series Mobile Processors With Radeon Graphics and 14 more 2026-04-15 N/A
Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service.
CVE-2025-54514 1 Amd 10 Epyc 9005 Series Processors, Epyc Embedded 9005 Series Processors, Ryzen 5000 Series Desktop Processors and 7 more 2026-04-15 N/A
Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity.
CVE-2021-26381 1 Amd 17 Radeon Pro V520, Radeon Pro V620, Radeon Pro W5000 Series and 14 more 2026-04-15 N/A
Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory corruption.
CVE-2021-26410 1 Amd 15 Radeon Pro V520, Radeon Pro V620, Radeon Pro W5000 Series and 12 more 2026-04-15 N/A
Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure.
CVE-2024-21961 1 Amd 21 Epyc 7002 Series Processors, Epyc Embedded 7002 Series Processors, Ryzen 4000 Series Desktop Processors and 18 more 2026-04-15 N/A
Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack against the host resulting in loss of availability.
CVE-2021-46750 1 Amd 11 Athlon, Athlon 3000, Radeon Pro V620 and 8 more 2026-04-15 3 Low
Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR (Trusted Memory Region) that was previously allocated by the ASP bootloader leading to a potential loss of integrity.
CVE-2024-21947 1 Amd 8 Athlon, Athlon 3000, Ryzen and 5 more 2026-04-15 7.5 High
Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level.
CVE-2024-21970 1 Amd 9 Athlon, Athlon 3000, Ryzen and 6 more 2026-04-15 4.4 Medium
Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity.
CVE-2024-21977 1 Amd 11 Epyc, Epyc 7003, Epyc 8004 and 8 more 2026-04-15 3.2 Low
Incomplete cleanup after loading a CPU microcode patch may allow a privileged attacker to degrade the entropy of the RDRAND instruction, potentially resulting in loss of integrity for SEV-SNP guests.
CVE-2023-20563 1 Amd 154 Ryzen 3 5100, Ryzen 3 5100 Firmware, Ryzen 3 5125c and 151 more 2024-11-21 7.8 High
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.