Search Results (432 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-52541 1 Amd 1 Vivado Installation 2026-04-15 7.3 High
A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
CVE-2025-48518 1 Amd 9 Radeon Pro V710, Radeon Pro W7000 Series, Radeon Rx 7000 Series and 6 more 2026-04-15 N/A
Improper input validation in AMD Graphics Driver could allow a local attacker to write out of bounds, potentially resulting in loss of integrity or denial of service.
CVE-2025-29939 1 Amd 8 Epyc 7003 Series Processors, Epyc 8004 Series Processors, Epyc 9004 Series Processors and 5 more 2026-04-15 N/A
Improper access control in secure encrypted virtualization (SEV) could allow a privileged attacker to write to the reverse map page (RMP) during secure nested paging (SNP) initialization, potentially resulting in a loss of guest memory confidentiality and integrity.
CVE-2025-0033 1 Amd 3 Epyc, Epyc 7003, Epyc 9005 2026-04-15 6 Medium
Improper access control within AMD SEV-SNP could allow an admin privileged attacker to write to the RMP during SNP initialization, potentially resulting in a loss of SEV-SNP guest memory integrity.
CVE-2025-0009 1 Amd 9 Athlon, Radeon Pro V520, Radeon Pro V620 and 6 more 2026-04-15 5.5 Medium
A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss of availability.
CVE-2022-27672 2 Amd, Redhat 331 A10-9600p, A10-9600p Firmware, A10-9630p and 328 more 2026-04-13 4.7 Medium
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.
CVE-2023-31324 1 Amd 28 Instinct Mi210, Instinct Mi250, Instinct Mi300a and 25 more 2026-03-05 7.8 High
A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability.
CVE-2023-20548 1 Amd 28 Instinct Mi210, Instinct Mi250, Instinct Mi300a and 25 more 2026-03-05 7.8 High
A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability.
CVE-2023-31358 1 Amd 1 Aim-t Manageability Api 2026-02-26 7.3 High
A DLL hijacking vulnerability in the AMD Manageability API could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
CVE-2023-31359 1 Amd 1 Aim-t Manageability Api 2026-02-26 7.3 High
Incorrect default permissions in the AMD Manageability API could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
CVE-2021-26353 1 Amd 46 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 43 more 2026-02-24 7.8 High
Failure to validate inputs in SMM may allow an attacker to create a mishandled error leaving the DRTM UApp in a partially initialized state potentially resulting in loss of memory integrity.
CVE-2024-36340 1 Amd 1 Uprof 2025-11-26 6.6 Medium
A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points, potentially resulting in arbitrary file deletion or disclosure.
CVE-2025-29933 1 Amd 1 Uprof 2025-11-26 5.5 Medium
Improper input validation within AMD uProf can allow a local attacker to write out of bounds, potentially resulting in a crash or denial of service
CVE-2025-48502 1 Amd 1 Uprof 2025-11-26 5.5 Medium
Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service.
CVE-2025-48510 1 Amd 1 Uprof 2025-11-26 7.1 High
Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confidentiality or availability.
CVE-2025-48511 1 Amd 1 Uprof 2025-11-26 5.5 Medium
Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service.
CVE-2025-39705 2 Amd, Linux 2 Graphics Driver, Linux Kernel 2025-11-25 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a Null pointer dereference vulnerability [Why] A null pointer dereference vulnerability exists in the AMD display driver's (DC module) cleanup function dc_destruct(). When display control context (dc->ctx) construction fails (due to memory allocation failure), this pointer remains NULL. During subsequent error handling when dc_destruct() is called, there's no NULL check before dereferencing the perf_trace member (dc->ctx->perf_trace), causing a kernel null pointer dereference crash. [How] Check if dc->ctx is non-NULL before dereferencing. (Updated commit text and removed unnecessary error message) (cherry picked from commit 9dd8e2ba268c636c240a918e0a31e6feaee19404)
CVE-2023-20597 1 Amd 202 Ryzen 3100, Ryzen 3100 Firmware, Ryzen 3300x and 199 more 2025-06-27 5.5 Medium
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVE-2023-20594 1 Amd 250 Epyc 7003, Epyc 7003 Firmware, Epyc 72f3 and 247 more 2025-06-27 4.4 Medium
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVE-2023-4969 3 Amd, Imaginationtech, Khronos 261 Athlon 3000g, Athlon 3000g Firmware, Instinct Mi100 and 258 more 2025-06-20 6.5 Medium
A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.