VYPR
Vendor

AMD

Products
263
CVEs
355
Across products
271
Status
Private

Products

263
View all 263 products →

Recent CVEs

355
View all 355 CVEs →
  • CVE-2026-0481CriMay 15, 2026
    risk 0.60cvss epss 0.00

    Unrestricted IP address binding in the AMD Device Metrics Exporter (ROCm ecosystem) could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability

  • CVE-2018-6547CriApr 13, 2018
    risk 0.59cvss 9.1epss 0.01

    plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, contains an HTTP message parsing function that takes a user-defined path and writes non-user controlled data as SYSTEM to the file when the…

  • CVE-2018-8936CriMar 22, 2018
    risk 0.59cvss 9.0epss 0.02

    The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor (PSP) privilege escalation.

  • CVE-2018-8935CriMar 22, 2018
    risk 0.59cvss 9.0epss 0.02

    The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC, aka CHIMERA-HW.

  • CVE-2018-8934CriMar 22, 2018
    risk 0.59cvss 9.0epss 0.02

    The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in firmware, aka CHIMERA-FW.

  • CVE-2018-8933CriMar 22, 2018
    risk 0.59cvss 9.0epss 0.02

    The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and FALLOUT-3.

  • CVE-2018-8932CriMar 22, 2018
    risk 0.59cvss 9.0epss 0.02

    The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4.

  • CVE-2018-8931CriMar 22, 2018
    risk 0.59cvss 9.0epss 0.02

    The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1.

  • CVE-2018-8930CriMar 22, 2018
    risk 0.59cvss 9.0epss 0.02

    The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3.

  • CVE-2023-31317HigMay 15, 2026
    risk 0.57cvss epss 0.00

    Improper restriction of operations within the bounds of a memory buffer in the AMD secure processer (ASP) could allow an attacker to read or write to protected memory potentially resulting in arbitrary code execution.

  • CVE-2023-20514HigFeb 11, 2026
    risk 0.57cvss epss 0.00

    Improper handling of parameters in the AMD Secure Processor (ASP) could allow a privileged attacker to pass an arbitrary memory value to functions in the trusted execution environment resulting in arbitrary code execution

  • CVE-2023-31322HigSep 6, 2025
    risk 0.57cvss 8.7epss 0.00

    Type confusion in the ASP could allow an attacker to pass a malformed argument to the Reliability, Availability, and Serviceability trusted application (RAS TA) potentially leading to a read or write to shared memory resulting in loss of confidentiality, integrity, or…

  • CVE-2024-21962HigMay 15, 2026
    risk 0.56cvss epss 0.00

    Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially resulting in privilege escalation and arbitrary code execution.

  • CVE-2025-54517HigMay 15, 2026
    risk 0.55cvss epss 0.00

    Out of bounds write in AMD AMDGV_CMD_GET_DIAG_DATA ioctl handler could allow a local user to escalate privileges via remote code execution.

  • CVE-2025-29936HigMay 15, 2026
    risk 0.55cvss epss 0.00

    Improper input validation within the AMD Platform Management Framework (PMF) could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality.

  • CVE-2025-29935HigMay 15, 2026
    risk 0.55cvss epss 0.00

    An out of bounds write within the AMD Platform Management Framework (PMF) could allow an attacker to execute arbitrary code at an elevated privilege level potentially leading to loss of confidentiality integrity, or availability.

  • CVE-2026-0432HigMay 15, 2026
    risk 0.55cvss epss 0.00

    Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.

  • CVE-2025-52540HigMay 15, 2026
    risk 0.55cvss epss 0.00

    An improper input validation vulnerability within the AMD Platform Management Framework (PMF) Driver can allow a local attacker to write Out-of-Bounds, potentially resulting in privilege escalation.

  • CVE-2025-48519HigMay 15, 2026
    risk 0.55cvss epss 0.00

    An improper input validation vulnerability within the AMD Platform Management Framework (PMF) driver can allow a local attacker to read or write Out-of-Bounds, potentially resulting in privilege escalation

  • CVE-2025-61972HigMay 13, 2026
    risk 0.55cvss epss 0.00

    Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest's confidentiality…