Vulnerabilities > AMD

DATE CVE VULNERABILITY TITLE RISK
2021-05-13 CVE-2020-12967 Command Injection vulnerability in AMD products
The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.
network
low complexity
amd CWE-77
critical
9.0
2021-05-13 CVE-2021-26311 Command Injection vulnerability in AMD products
In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.
network
low complexity
amd CWE-77
critical
9.0
2020-11-12 CVE-2020-12927 Unspecified vulnerability in AMD Vbios Flash Tool Software Development KIT
A potential vulnerability in a dynamically loaded AMD driver in AMD VBIOS Flash Tool SDK may allow any authenticated user to escalate privileges to NT authority system.
local
low complexity
amd
7.2
2020-11-12 CVE-2020-12926 Time-Of-Check Time-Of-Use (Toctou) Race Condition vulnerability in AMD Trusted Platform Modules Reference
The Trusted Platform Modules (TPM) reference software may not properly track the number of times a failed shutdown happens.
local
amd CWE-367
4.4
2020-11-12 CVE-2020-12912 Information Exposure Through Discrepancy vulnerability in AMD Energy Driver for Linux
A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to use the Linux-based Running Average Power Limit (RAPL) interface to show various side channel attacks.
local
low complexity
amd CWE-203
2.1
2020-10-13 CVE-2020-12928 Improper Privilege Management vulnerability in AMD Ryzen Master
A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master V15 may allow any authenticated user to escalate privileges to NT authority system.
local
low complexity
amd CWE-269
7.2
2020-10-13 CVE-2020-12933 Out-Of-Bounds Read vulnerability in AMD Atikmdag.Sys 26.20.15029.27017
A denial of service vulnerability exists in the D3DKMTEscape handler functionality of AMD ATIKMDAG.SYS (e.g.
local
low complexity
amd CWE-125
4.9
2020-10-13 CVE-2020-12911 Out-Of-Bounds Read vulnerability in AMD Atikmdag.Sys 26.20.15029.27017
A denial of service vulnerability exists in the D3DKMTCreateAllocation handler functionality of AMD ATIKMDAG.SYS (e.g.
local
low complexity
amd CWE-125
4.9
2020-07-20 CVE-2020-6103 Out-Of-Bounds Write vulnerability in AMD Radeon Directx 11 Driver Atidxx64.Dll 26.20.15019.19000
An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000.
network
low complexity
amd CWE-787
6.5
2020-07-20 CVE-2020-6102 Improper Input Validation vulnerability in AMD Radeon Directx 11 Driver Atidxx64.Dll 26.20.15019.19000
An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000.
network
low complexity
amd CWE-20
6.5