VYPR

Vendor CVEs

AMD

All CVEs

355 total · sorted by risk
  • CVE-2020-12901Nov 15, 2021
    risk 0.00cvss epss 0.00

    Arbitrary Free After Use in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or information disclosure.

  • CVE-2020-12898Nov 15, 2021
    risk 0.00cvss epss 0.00

    Stack Buffer Overflow in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.

  • CVE-2020-12892Nov 15, 2021
    risk 0.00cvss epss 0.00

    An untrusted search path in AMD Radeon settings Installer may lead to a privilege escalation or unauthorized code execution.

  • CVE-2020-12963Nov 15, 2021
    risk 0.00cvss epss 0.00

    An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the system.

  • CVE-2020-12895Nov 15, 2021
    risk 0.00cvss epss 0.00

    Pool/Heap Overflow in AMD Graphics Driver for Windows 10 in Escape 0x110037 may lead to escalation of privilege, information disclosure or denial of service.

  • CVE-2020-12929Nov 15, 2021
    risk 0.00cvss epss 0.00

    Improper parameters validation in some trusted applications of the PSP contained in the AMD Graphics Driver may allow a local attacker to bypass security restrictions and achieve arbitrary code execution .

  • CVE-2020-12920Nov 15, 2021
    risk 0.00cvss epss 0.00

    A potential denial of service issue exists in the AMD Display driver Escape 0x130007 Call handler. An attacker with low privilege could potentially induce a Windows BugCheck.

  • CVE-2020-12902Nov 15, 2021
    risk 0.00cvss epss 0.00

    Arbitrary Decrement Privilege Escalation in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.

  • CVE-2020-12897Nov 15, 2021
    risk 0.00cvss epss 0.00

    Kernel Pool Address disclosure in AMD Graphics Driver for Windows 10 may lead to KASLR bypass.

  • CVE-2020-12899Nov 15, 2021
    risk 0.00cvss epss 0.00

    Arbitrary Read in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or denial of service.

  • CVE-2020-12900Nov 15, 2021
    risk 0.00cvss epss 0.00

    An arbitrary write vulnerability in the AMD Radeon Graphics Driver for Windows 10 potentially allows unprivileged users to gain Escalation of Privileges and cause Denial of Service.

  • CVE-2020-12904Nov 15, 2021
    risk 0.00cvss epss 0.00

    Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004203 may lead to arbitrary information disclosure.

  • CVE-2020-12964Nov 15, 2021
    risk 0.00cvss epss 0.00

    A potential privilege escalation/denial of service issue exists in the AMD Radeon Kernel Mode driver Escape 0x2000c00 Call handler. An attacker with low privilege could potentially induce a Windows BugCheck or write to leak information.

  • CVE-2021-26318Oct 13, 2021
    risk 0.00cvss epss 0.00

    A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD CPUs could potentially result in leaked kernel address space information.

  • CVE-2021-26333Sep 21, 2021
    risk 0.00cvss epss 0.01

    An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset driver. The discretionary access control list (DACL) may allow low privileged users to open a handle and send requests to the driver resulting in a potential data leak from…

  • CVE-2020-12987Jun 11, 2021
    risk 0.00cvss epss 0.00

    A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass.

  • CVE-2020-12986Jun 11, 2021
    risk 0.00cvss epss 0.00

    An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may cause arbitrary code execution in the kernel, leading to escalation of privilege or denial of service.

  • CVE-2020-12985Jun 11, 2021
    risk 0.00cvss epss 0.00

    An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.

  • CVE-2020-12983Jun 11, 2021
    risk 0.00cvss epss 0.00

    An out of bounds write vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privileges or denial of service.

  • CVE-2020-12982Jun 11, 2021
    risk 0.00cvss epss 0.00

    An invalid object pointer free vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.

  • CVE-2020-12981Jun 11, 2021
    risk 0.00cvss epss 0.00

    An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially causing memory corruptions in high privileged processes, which can lead to escalation of privileges or denial of service.

  • CVE-2020-12980Jun 11, 2021
    risk 0.00cvss epss 0.00

    An out of bounds write and read vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.

  • CVE-2021-26311May 13, 2021
    risk 0.00cvss epss 0.02

    In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has…

  • CVE-2020-12967May 13, 2021
    risk 0.00cvss epss 0.02

    The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.

  • CVE-2021-27208Mar 15, 2021
    risk 0.00cvss epss 0.00

    When booting a Zync-7000 SOC device from nand flash memory, the nand driver in the ROM does not validate the inputs when reading in any parameters in the nand’s parameter page. IF a field read in from the parameter page is too large, this causes a buffer overflow that could…

  • CVE-2020-12927Nov 12, 2020
    risk 0.00cvss epss 0.00

    A potential vulnerability in a dynamically loaded AMD driver in AMD VBIOS Flash Tool SDK may allow any authenticated user to escalate privileges to NT authority system.

  • CVE-2020-12926Nov 12, 2020
    risk 0.00cvss epss 0.00

    The Trusted Platform Modules (TPM) reference software may not properly track the number of times a failed shutdown happens. This can leave the TPM in a state where confidential key material in the TPM may be able to be compromised. AMD believes that the attack requires physical…

  • CVE-2020-12911Oct 13, 2020
    risk 0.00cvss epss 0.00

    A denial of service vulnerability exists in the D3DKMTCreateAllocation handler functionality of AMD ATIKMDAG.SYS (e.g. version 26.20.15029.27017). A specially crafted D3DKMTCreateAllocation API request can cause an out-of-bounds read and denial of service (BSOD). This…

  • CVE-2020-12928Oct 13, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master V15 may allow any authenticated user to escalate privileges to NT authority system.

  • CVE-2020-12933Oct 13, 2020
    risk 0.00cvss epss 0.00

    A denial of service vulnerability exists in the D3DKMTEscape handler functionality of AMD ATIKMDAG.SYS (e.g. version 26.20.15029.27017). A specially crafted D3DKMTEscape API request can cause an out-of-bounds read in Windows OS kernel memory area. This vulnerability can be…

  • CVE-2020-6103Jul 20, 2020
    risk 0.00cvss epss 0.03

    An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability…

  • CVE-2020-6102Jul 20, 2020
    risk 0.00cvss epss 0.03

    An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability…

  • CVE-2020-6101Jul 20, 2020
    risk 0.00cvss epss 0.03

    An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability…

  • CVE-2020-6100Jul 20, 2020
    risk 0.00cvss epss 0.02

    An exploitable memory corruption vulnerability exists in AMD atidxx64.dll 26.20.15019.19000 graphics driver. A specially crafted pixel shader can cause memory corruption vulnerability. An attacker can provide a specially crafted shader file to trigger this vulnerability. This…

  • CVE-2019-7246May 18, 2020
    risk 0.00cvss epss 0.00

    An issue was discovered in atillk64.sys in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility 5.11.9.0. The vulnerable driver exposes a wrmsr instruction and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to…

  • CVE-2019-7247May 18, 2020
    risk 0.00cvss epss 0.02

    An issue was discovered in AODDriver2.sys in AMD OverDrive. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x81112ee0 and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of…

  • CVE-2020-12138Apr 27, 2020
    risk 0.00cvss epss 0.03

    AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space of the calling process. This could enable low-privileged users to achieve NT…

  • CVE-2020-8950Feb 12, 2020
    risk 0.00cvss epss 0.01

    The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\AMD\PPC\temp that points to an arbitrary…

  • CVE-2019-5183Jan 25, 2020
    risk 0.00cvss epss 0.02

    An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.10003, 26.20.13031.15006 and 26.20.13031.18002. A specially crafted pixel shader can cause a type confusion issue, leading to potential code execution. An attacker can provide a…

  • CVE-2019-5146Jan 25, 2020
    risk 0.00cvss epss 0.02

    An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13025.10004. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability…

  • CVE-2019-5147Jan 25, 2020
    risk 0.00cvss epss 0.02

    An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13003.1007. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability…

  • CVE-2019-5124Jan 25, 2020
    risk 0.00cvss epss 0.02

    An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.50005. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability…

  • CVE-2019-5098Dec 5, 2019
    risk 0.00cvss epss 0.02

    An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. A specially crafted pixel shader can cause out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this vulnerability. This…

  • CVE-2019-5049Oct 31, 2019
    risk 0.00cvss epss 0.02

    An exploitable memory corruption vulnerability exists in AMD ATIDXX64.DLL driver, versions 25.20.15031.5004 and 25.20.15031.9002. A specially crafted pixel shader can cause an out-of-bounds memory write. An attacker can provide a specially crafted shader file to trigger this…

  • CVE-2019-5478Sep 3, 2019
    risk 0.00cvss epss 0.00

    A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior.

  • CVE-2019-9836Jun 25, 2019
    risk 0.00cvss epss 0.02

    Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.

  • CVE-2018-12211Mar 14, 2019
    risk 0.00cvss epss 0.00

    Insufficient input validation in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an…

  • CVE-2018-12209Mar 14, 2019
    risk 0.00cvss epss 0.00

    Insufficient access control in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an…

  • CVE-2018-12216Mar 14, 2019
    risk 0.00cvss epss 0.00

    Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a…

  • CVE-2018-12217Mar 14, 2019
    risk 0.00cvss epss 0.00

    Insufficient access control in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a…

Page 7 of 8