Filtered by vendor Amd
Subscribe
Total
252 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-12892 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2023-12-10 | 4.4 MEDIUM | 7.8 HIGH |
An untrusted search path in AMD Radeon settings Installer may lead to a privilege escalation or unauthorized code execution. | |||||
CVE-2020-12965 | 1 Amd | 126 Athlon 3050ge, Athlon 3050ge Firmware, Athlon 3150g and 123 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage. | |||||
CVE-2021-26325 | 1 Amd | 40 Epyc 7232p, Epyc 7232p Firmware, Epyc 72f3 and 37 more | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Insufficient input validation in the SNP_GUEST_REQUEST command may lead to a potential data abort error and a denial of service. | |||||
CVE-2021-26331 | 1 Amd | 116 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 113 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox entries leading to arbitrary code execution. | |||||
CVE-2020-12898 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Stack Buffer Overflow in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | |||||
CVE-2020-12963 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the system. | |||||
CVE-2021-26340 | 1 Amd | 210 Epyc 7001, Epyc 7001 Firmware, Epyc 7232p and 207 more | 2023-12-10 | 3.6 LOW | 8.4 HIGH |
A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to flush the Translation Lookaside Buffer (TLB) resulting in unexpected behavior inside the virtual machine (VM). | |||||
CVE-2021-26337 | 1 Amd | 224 Epyc 7002, Epyc 7002 Firmware, Epyc 7003 and 221 more | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests. | |||||
CVE-2020-12905 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004403 may lead to arbitrary information disclosure. | |||||
CVE-2021-26335 | 1 Amd | 116 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 113 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially resulting in arbitrary code execution. | |||||
CVE-2021-26320 | 1 Amd | 114 Epyc 7232p, Epyc 7232p Firmware, Epyc 7251 and 111 more | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP | |||||
CVE-2020-12903 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Out of Bounds Write and Read in AMD Graphics Driver for Windows 10 in Escape 0x6002d03 may lead to escalation of privilege or denial of service. | |||||
CVE-2020-12897 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Kernel Pool Address disclosure in AMD Graphics Driver for Windows 10 may lead to KASLR bypass. | |||||
CVE-2021-26333 | 1 Amd | 2 Chipset Driver, Psp Driver | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset driver. The discretionary access control list (DACL) may allow low privileged users to open a handle and send requests to the driver resulting in a potential data leak from uninitialized physical pages. | |||||
CVE-2020-12962 | 2 Amd, Microsoft | 2 Radeon Software, Windows | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Escape call interface in the AMD Graphics Driver for Windows may cause privilege escalation. | |||||
CVE-2020-12899 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2023-12-10 | 3.6 LOW | 7.1 HIGH |
Arbitrary Read in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or denial of service. | |||||
CVE-2020-12900 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
An arbitrary write vulnerability in the AMD Radeon Graphics Driver for Windows 10 potentially allows unprivileged users to gain Escalation of Privileges and cause Denial of Service. | |||||
CVE-2020-12929 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Improper parameters validation in some trusted applications of the PSP contained in the AMD Graphics Driver may allow a local attacker to bypass security restrictions and achieve arbitrary code execution . | |||||
CVE-2021-26338 | 1 Amd | 88 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 85 more | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
Improper access controls in System Management Unit (SMU) may allow for an attacker to override performance control tables located in DRAM resulting in a potential lack of system resources. | |||||
CVE-2021-26334 | 3 Amd, Linux, Microsoft | 3 Amd Uprof, Linux Kernel, Windows | 2023-12-10 | 9.0 HIGH | 9.9 CRITICAL |
The AMDPowerProfiler.sys driver of AMD µProf tool may allow lower privileged users to access MSRs in kernel which may lead to privilege escalation and ring-0 code execution by the lower privileged user. |