Filtered by vendor Amd
Subscribe
Total
252 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-8930 | 1 Amd | 8 Epyc Server, Epyc Server Firmware, Ryzen and 5 more | 2023-12-10 | 9.3 HIGH | 9.0 CRITICAL |
The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3. | |||||
CVE-2015-7724 | 1 Amd | 1 Fglrx-driver | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. NOTE: This vulnerability exists due to an incomplete fix for CVE-2015-7723. | |||||
CVE-2015-7723 | 1 Amd | 1 Fglrx-driver | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. | |||||
CVE-2017-5926 | 5 Allwinner, Amd, Intel and 2 more | 20 A64, Athlon Ii 640 X4, E-350 and 17 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. | |||||
CVE-2017-5925 | 5 Allwinner, Amd, Intel and 2 more | 20 A64, Athlon Ii 640 X4, E-350 and 17 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. | |||||
CVE-2017-5927 | 5 Allwinner, Amd, Intel and 2 more | 20 A64, Athlon Ii 640 X4, E-350 and 17 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. | |||||
CVE-2017-7262 | 1 Amd | 1 Ryzen | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
The AMD Ryzen processor with AGESA microcode through 2017-01-27 allows local users to cause a denial of service (system hang) via an application that makes a long series of FMA3 instructions, as demonstrated by the Flops test suite. | |||||
CVE-2013-6885 | 1 Amd | 3 16h Model 00h Processor, 16h Model 0fh Processor, 16h Model Processor Firmware | 2023-12-10 | 4.7 MEDIUM | N/A |
The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of service (system hang) via a crafted application, aka the errata 793 issue. | |||||
CVE-2008-3890 | 2 Amd, Freebsd | 2 Amd64, Freebsd | 2023-12-10 | 7.2 HIGH | N/A |
The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an extra swapgs call after a General Protection Fault (GPF), which allows local users to gain privileges by triggering a GPF during the kernel's return from (1) an interrupt, (2) a trap, or (3) a system call. | |||||
CVE-2008-1615 | 2 Amd, Redhat | 3 Amd64, Enterprise Linux, Enterprise Linux Desktop | 2023-12-10 | 4.9 MEDIUM | N/A |
Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls. | |||||
CVE-2007-4315 | 3 Amd, Ati, Microsoft | 3 Catalyst Driver, Catalyst Driver, Windows Vista | 2023-12-10 | 6.9 MEDIUM | N/A |
The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows local users to bypass the driver signing policy, write to arbitrary kernel memory locations, and thereby gain privileges via unspecified vectors, as demonstrated by "Purple Pill". | |||||
CVE-2007-4574 | 3 Amd, Intel, Redhat | 3 Amd64, Ia64, Enterprise Linux | 2023-12-10 | 4.7 MEDIUM | N/A |
Unspecified vulnerability in the "stack unwinder fixes" in kernel in Red Hat Enterprise Linux 5, when running on AMD64 and Intel 64, allows local users to cause a denial of service via unknown vectors. |