Vulnerabilities in AMD
443 resultsCVE-2024-21925HIGHImproper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code exEPSS 0.2%CVE-2021-26384—A malformed SMI (System Management Interface) command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentEPSS 0.2%CVE-2022-23829HIGHA potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 (kernel mode) access to bypass the native SystEPSS 0.2%CVE-2025-0033MEDIUMImproper access control within AMD SEV-SNP could allow an admin privileged attacker to write to the RMP during SNP initialization, potentialEPSS 0.2%CVE-2025-54505LOWA transient execution vulnerability within AMD CPUs may allow a local user-privileged attacker to leak data via the floating point divisor uEPSS 0.2%CVE-2021-26409HIGHInsufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table (RMP) memory, potentially resulting in a loss of SEPSS 0.2%CVE-2021-26371MEDIUMA compromised or malicious ABL or UApp could
send a SHA256 system call to the bootloader, which may result in exposure of
ASP memory to userEPSS 0.2%CVE-2021-26347—Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in tEPSS 0.2%CVE-2024-21979MEDIUM
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformedEPSS 0.2%CVE-2024-21972MEDIUM
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformedEPSS 0.2%CVE-2024-36343MEDIUMImproper input validation in the System Management Mode (SMM) communications buffer could allow a privileged attacker to perform an out of bEPSS 0.2%CVE-2021-26404MEDIUMImproper input validation and bounds checking in SEV firmware may leak scratch buffer bytes leading to potential information disclosure.
EPSS 0.2%CVE-2021-26328MEDIUMFailure to verify the mode of CPU execution at the time of SNP_INIT may lead to a potential loss of memory integrity for SNP guests.
EPSS 0.2%CVE-2021-26407MEDIUMA randomly generated Initialization Vector (IV) may lead to a collision of IVs with the same key potentially resulting in information discloEPSS 0.2%CVE-2021-26343MEDIUMInsufficient validation in ASP BIOS and DRTM commands may allow malicious supervisor x86 software to disclose the contents of sensitive memoEPSS 0.2%CVE-2024-36321HIGHUnquoted search path within AIM-T Manageability Service can allow a local attacker to escalate privileges, potentially resulting in arbitrarEPSS 0.2%CVE-2025-0035HIGHUnquoted search path within AMD Cloud Manageability Service can allow a local attacker to escalate privileges, potentially resulting in arbiEPSS 0.2%CVE-2025-54520HIGHImproper Protection Against Voltage and Clock Glitches in FPGA devices, could allow an attacker with physical access to undervolt the platfoEPSS 0.2%CVE-2023-31348HIGHA DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code EPSS 0.2%CVE-2022-23817HIGHInsufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application toEPSS 0.2%