Export limit exceeded: 363853 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363853 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363853 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363853 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10730 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (432 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-0034 | 1 Amd | 2 Instinct Mi300x, Instinct Mi325x | 2026-04-15 | 4.7 Medium |
| Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service. | ||||
| CVE-2025-0011 | 1 Amd | 12 Radeon, Radeon Pro V520, Radeon Pro V620 and 9 more | 2026-04-15 | 3.3 Low |
| Improper removal of sensitive information before storage or transfer in AMD Crash Defender could allow an attacker to obtain kernel address information potentially resulting in loss of confidentiality. | ||||
| CVE-2025-0005 | 1 Amd | 1 Xilinx Run Time | 2026-04-15 | 7.3 High |
| Improper input validation within the XOCL driver may allow a local attacker to generate an integer overflow condition, potentially resulting in crash or denial of service. | ||||
| CVE-2021-26410 | 1 Amd | 15 Radeon Pro V520, Radeon Pro V620, Radeon Pro W5000 Series and 12 more | 2026-04-15 | N/A |
| Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure. | ||||
| CVE-2025-0007 | 1 Amd | 1 Xilinx Run Time | 2026-04-15 | 5.7 Medium |
| Insufficient validation within Xilinx Run Time framework could allow a local attacker to escalate privileges from user space to kernel space, potentially compromising confidentiality, integrity, and/or availability. | ||||
| CVE-2024-36316 | 1 Amd | 19 Radeon Pro V520, Radeon Pro V620, Radeon Pro V710 and 16 more | 2026-04-15 | 5.5 Medium |
| The integer overflow vulnerability within AMD Graphics driver could allow an attacker to bypass size checks potentially resulting in a denial of service | ||||
| CVE-2023-31322 | 1 Amd | 3 Radeon, Radeon Pro W7000, Radeon Rx 7000 | 2026-04-15 | 8.7 High |
| Type confusion in the ASP could allow an attacker to pass a malformed argument to the Reliability, Availability, and Serviceability trusted application (RAS TA) potentially leading to a read or write to shared memory resulting in loss of confidentiality, integrity, or availability. | ||||
| CVE-2024-21923 | 1 Amd | 1 Storemi | 2026-04-15 | 7.3 High |
| Incorrect default permissions in AMD StoreMI™ could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. | ||||
| CVE-2024-36342 | 1 Amd | 10 Athlon, Athlon 3000, Instinct Mi210 and 7 more | 2026-04-15 | 8.8 High |
| Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution. | ||||
| CVE-2024-36311 | 1 Amd | 5 Ryzen 5000 Series Desktop Processors, Ryzen 7000 Series Desktop Processors, Ryzen 7040 Series Mobile Processors With Radeon Graphics and 2 more | 2026-04-15 | N/A |
| A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability. | ||||
| CVE-2023-20601 | 1 Amd | 2 Radeon Pro Vii, Radeon Vii | 2026-04-15 | N/A |
| Improper input validation within RAS TA Driver can allow a local attacker to access out-of-bounds memory, potentially resulting in a denial-of-service condition. | ||||
| CVE-2025-61969 | 1 Amd | 1 Amd Uprof | 2026-04-15 | N/A |
| Incorrect permission assignment in AMD µProf may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | ||||
| CVE-2025-0031 | 1 Amd | 9 Epyc 7003 Series Processors, Epyc 8004 Series Processors, Epyc 9004 Series Processors and 6 more | 2026-04-15 | N/A |
| A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity. | ||||
| CVE-2024-36320 | 1 Amd | 28 Radeon Pro Vii, Radeon Pro W5000 Series, Radeon Pro W6000 Series and 25 more | 2026-04-15 | N/A |
| Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability | ||||
| CVE-2024-21922 | 1 Amd | 1 Storemi | 2026-04-15 | 7.3 High |
| A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | ||||
| CVE-2023-31330 | 1 Amd | 8 Athlon, Athlon 3000, Ryzen 3000 and 5 more | 2026-04-15 | 2.5 Low |
| An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss of confidentiality. | ||||
| CVE-2024-21970 | 1 Amd | 9 Athlon, Athlon 3000, Ryzen and 6 more | 2026-04-15 | 4.4 Medium |
| Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity. | ||||
| CVE-2024-2193 | 2 Amd, Xen | 2 Cpu, Xen | 2026-04-15 | 5.7 Medium |
| A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths. | ||||
| CVE-2024-36319 | 1 Amd | 14 Instinct Mi300a, Instinct Mi300x, Instinct Mi308x and 11 more | 2026-04-15 | N/A |
| Debug code left active in AMD's Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system. | ||||
| CVE-2024-36326 | 1 Amd | 3 Ryzen, Ryzen 7040, Ryzen Ai 300 | 2026-04-15 | 8.4 High |
| Missing authorization in AMD RomArmor could allow an attacker to bypass ROMArmor protections during system resume from a standby state, potentially resulting in a loss of confidentiality and integrity. | ||||