VYPR

Vendor CVEs

AMD

All CVEs

355 total · sorted by risk
  • CVE-2024-21935MedSep 23, 2025
    risk 0.33cvss 5.0epss 0.00

    Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to manipulate Redfish® API commands to remove files from the local root directory, potentially resulting in data corruption.

  • CVE-2024-21927MedSep 23, 2025
    risk 0.33cvss 5.0epss 0.00

    Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to use certain special characters in manipulated Redfish® API commands, causing service processes like OpenBMC to crash and reset, potentially resulting in denial of service.

  • CVE-2023-20508MedFeb 12, 2025
    risk 0.33cvss 5.0epss 0.00

    Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidentiality, integrity, or availability.

  • CVE-2023-31310MedAug 13, 2024
    risk 0.33cvss 5.0epss 0.00

    Improper input validation in Power Management Firmware (PMFW) may allow an attacker with privileges to send a malformed input for the "set temperature input selection" command, potentially resulting in a loss of integrity and/or availability.

  • CVE-2025-29949MedFeb 10, 2026
    risk 0.31cvss epss 0.00

    Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service.

  • CVE-2025-0034MedSep 6, 2025
    risk 0.31cvss 4.7epss 0.00

    Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service.

  • CVE-2023-31339MedAug 13, 2024
    risk 0.31cvss 4.8epss 0.00

    Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.

  • CVE-2022-27672MedMar 1, 2023
    risk 0.31cvss 4.7epss 0.00

    When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.

  • CVE-2025-66664MedMay 15, 2026
    risk 0.30cvss epss 0.00

    Insufficient parameter sanitization in AMD Secure Processor (ASP) TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_LOAD_GFX_IP_FW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception

  • CVE-2024-36345MedMay 15, 2026
    risk 0.30cvss epss 0.00

    Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality.

  • CVE-2023-20601MedFeb 12, 2026
    risk 0.30cvss epss 0.00

    Improper input validation within RAS TA Driver can allow a local attacker to access out-of-bounds memory, potentially resulting in a denial-of-service condition.

  • CVE-2025-48517MedFeb 10, 2026
    risk 0.30cvss epss 0.00

    Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality.

  • CVE-2025-0031MedFeb 10, 2026
    risk 0.30cvss epss 0.00

    A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity.

  • CVE-2025-29943MedJan 16, 2026
    risk 0.30cvss epss 0.00

    Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest.

  • CVE-2025-29946MedFeb 10, 2026
    risk 0.29cvss epss 0.00

    Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory.

  • CVE-2023-31356MedAug 13, 2024
    risk 0.29cvss 4.4epss 0.00

    Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity.

  • CVE-2021-26377MedSep 6, 2025
    risk 0.27cvss 4.1epss 0.00

    Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service.

  • CVE-2025-54509MedJun 9, 2026
    risk 0.26cvss epss 0.00

    Improper access control for register interface in the input-output memory management unit (IOMMU) could allow a privileged attacker to cause non-coherent accesses by the AMD secure processor (ASP) potentially resulting in loss of integrity.

  • CVE-2025-48514MedFeb 10, 2026
    risk 0.26cvss epss 0.00

    Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality.

  • CVE-2021-46772LowAug 13, 2024
    risk 0.25cvss 3.9epss 0.00

    Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service.

  • CVE-2021-26387LowAug 13, 2024
    risk 0.25cvss 3.9epss 0.00

    Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.

  • CVE-2025-0011LowSep 6, 2025
    risk 0.21cvss 3.3epss 0.00

    Improper removal of sensitive information before storage or transfer in AMD Crash Defender could allow an attacker to obtain kernel address information potentially resulting in loss of confidentiality.

  • CVE-2025-0036LowJun 10, 2025
    risk 0.21cvss 3.2epss 0.00

    In AMD Versal Adaptive SoC devices, the incorrect configuration of the SSS during runtime (post-boot) cryptographic operations could cause data to be incorrectly written to and read from invalid locations as well as returning incorrect cryptographic data.

  • CVE-2023-20513LowAug 13, 2024
    risk 0.21cvss 3.3epss 0.00

    An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize a malicious VF (virtualization function) to send a malformed message, potentially resulting in a denial of service.

  • CVE-2023-31331LowFeb 11, 2025
    risk 0.20cvss 3.0epss 0.00

    Improper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stack memory corruption that could potentially lead to loss of integrity or availability.

  • CVE-2025-54505LowApr 27, 2026
    risk 0.13cvss epss 0.00

    A transient execution vulnerability within AMD CPUs may allow a local user-privileged attacker to leak data via the floating point divisor unit, potentially resulting in loss of confidentiality.

  • CVE-2024-2502LowAug 29, 2024
    risk 0.13cvss 2.0epss 0.00

    An application can be configured to block boot attempts after consecutive tamper resets are detected, which may not occur as expected. This is possible because the TAMPERRSTCAUSE register may not be properly updated when a level 4 tamper event (a tamper reset) occurs. This…

  • CVE-2025-66660LowMay 15, 2026
    risk 0.12cvss epss 0.00

    Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT to cause incorrect shared memory mapping, potentially resulting in unexpected behavior.

  • CVE-2025-0029LowFeb 10, 2026
    risk 0.12cvss epss 0.00

    Improper handling of error condition during host-induced faults can allow a local high-privileged attack to selectively drop guest DMA writes, potentially resulting in a loss of SEV-SNP guest memory integrity

  • CVE-2023-31305LowAug 13, 2024
    risk 0.12cvss 1.9epss 0.00

    Generation of weak and predictable Initialization Vector (IV) in PMFW (Power Management Firmware) may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially resulting in information disclosure.

  • CVE-2023-20518LowAug 13, 2024
    risk 0.12cvss 1.9epss 0.00

    Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.

  • CVE-2005-2127Aug 19, 2005
    risk 0.08cvss epss 0.64

    Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet…

  • CVE-2025-54515LowNov 23, 2025
    risk 0.07cvss epss 0.00

    The Secure Flag passed to Versal™ Adaptive SoC’s Trusted Firmware for Cortex®-A processors (TF-A) for Arm’s Power State Coordination Interface (PSCI) commands were incorrectly set to secure instead of using the processor’s actual security state. This would allow the…

  • CVE-2019-1125Sep 3, 2019
    risk 0.05cvss epss 0.05

    An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would…

  • CVE-2023-6538Dec 11, 2023
    risk 0.03cvss epss 0.02

    SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to…

  • CVE-1999-1442Jun 22, 1998
    risk 0.03cvss epss 0.01

    Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments.

  • CVE-2023-20562Aug 8, 2023
    risk 0.01cvss epss 0.01

    Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution.

  • CVE-2023-20593Jul 24, 2023
    risk 0.01cvss epss 0.06

    An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.

  • CVE-2026-45853May 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpu_gmc_get_nps_memranges() amdgpu_discovery_get_nps_info() internally allocates memory for ranges using kvcalloc(), which may use vmalloc() for large allocation.…

  • CVE-2023-20548Feb 11, 2026
    risk 0.00cvss epss 0.00

    A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability.

  • CVE-2023-31324Feb 11, 2026
    risk 0.00cvss epss 0.00

    A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or…

  • CVE-2025-71195Feb 4, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap max_register The max_register field is assigned the size of the register memory region instead of the offset of the last register. The result is that reading from the regmap…

  • CVE-2025-68793Jan 13, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix a job->pasid access race in gpu recovery Avoid a possible UAF in GPU recovery due to a race between the sched timeout callback and the tdr work queue. The gpu recovery function calls…

  • CVE-2025-68313Dec 16, 2025
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Add RDSEED fix for Zen5 There's an issue with RDSEED's 16-bit and 32-bit register output variants on Zen5 which return a random value of 0 "at a rate inconsistent with randomness while incorrectly…

  • CVE-2025-29933Nov 24, 2025
    risk 0.00cvss epss 0.00

    Improper input validation within AMD uProf can allow a local attacker to write out of bounds, potentially resulting in a crash or denial of service

  • CVE-2025-48511Nov 24, 2025
    risk 0.00cvss epss 0.00

    Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service.

  • CVE-2025-48510Nov 24, 2025
    risk 0.00cvss epss 0.00

    Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confidentiality or availability.

  • CVE-2025-48502Nov 21, 2025
    risk 0.00cvss epss 0.00

    Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service.

  • CVE-2025-38583Aug 19, 2025
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: clk: xilinx: vcu: unregister pll_post only if registered correctly If registration of pll_post is failed, it will be set to NULL or ERR, unregistering same will fail with following call trace: Unable to…

  • CVE-2023-31359May 13, 2025
    risk 0.00cvss epss 0.00

    Incorrect default permissions in the AMD Manageability API could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

Page 3 of 8