Vulnerabilidades em AMD
443 resultadosCVE-2024-36346MEDIUMImproper input validation in AMD Power Management Firmware (PMFW) could allow a privileged attacker from Guest VM to send arbitrary input daEPSS 0.1%CVE-2024-21923HIGHIncorrect default permissions in AMD StoreMI™ could allow an attacker to achieve privilege escalation potentially resulting in arbitrary codEPSS 0.1%CVE-2024-21922HIGHA DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary coEPSS 0.1%CVE-2024-36326HIGHMissing authorization in AMD RomArmor could allow an attacker to bypass ROMArmor protections during system resume from a standby state, poteEPSS 0.1%CVE-2025-0036LOWIn AMD Versal Adaptive SoC devices, the incorrect configuration of the SSS during runtime (post-boot) cryptographic operations could cause dEPSS 0.1%CVE-2021-26403MEDIUMInsufficient checks in SEV may lead to a malicious hypervisor disclosing the launch secret potentially resulting in compromise of VM confideEPSS 0.1%CVE-2024-36352HIGHImproper input validation in the AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to aEPSS 0.1%CVE-2024-36311MEDIUMA Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validEPSS 0.1%CVE-2025-54519HIGHA DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary coEPSS 0.1%CVE-2024-36333HIGHA DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arEPSS 0.1%CVE-2025-0009MEDIUMA NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a sysEPSS 0.1%CVE-2023-31330LOWAn out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memorEPSS 0.1%CVE-2025-0034MEDIUMInsufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART and cauEPSS 0.1%CVE-2023-31351MEDIUMImproper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory resulting in loss of integEPSS 0.1%CVE-2025-61971MEDIUMMissing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentiaEPSS 0.1%CVE-2023-20578HIGHA TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow
an attacker with ring0 privileges and access to the
BIOS menu or UEFI shell to modify EPSS 0.1%CVE-2025-0029LOWImproper handling of error condition during host-induced faults can allow a local high-privileged attack to selectively drop guest DMA writeEPSS 0.1%CVE-2025-52538HIGHImproper input validation within the XOCL driver may allow a local attacker to generate an integer overflow condition, potentially resultingEPSS 0.1%CVE-2025-48509LOWMissing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of EPSS 0.1%CVE-2025-0038MEDIUMIn AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow accesEPSS 0.1%