Vulnerabilities > AMD
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-20 | CVE-2023-20594 | Improper Initialization vulnerability in AMD products Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | 4.4 |
| 2023-09-20 | CVE-2023-20597 | Improper Initialization vulnerability in AMD products Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | 5.5 |
| 2023-08-15 | CVE-2023-20560 | Improper Input Validation vulnerability in AMD Ryzen Master and Ryzen Master Monitoring SDK Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service. | 4.4 |
| 2023-08-15 | CVE-2023-20564 | Improper Input Validation vulnerability in AMD Ryzen Master and Ryzen Master Monitoring SDK Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution. | 6.7 |
| 2023-08-08 | CVE-2023-20555 | Out-of-bounds Write vulnerability in AMD products Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM. | 7.8 |
| 2023-08-08 | CVE-2023-20556 | Unspecified vulnerability in AMD Uprof 3.4.494/3.4.502 Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD ?Prof may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service. | 5.5 |
| 2023-08-08 | CVE-2023-20561 | Unspecified vulnerability in AMD Uprof 3.4.494/3.4.502 Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD ?Prof may allow an authenticated user to send an arbitrary address potentially resulting in a Windows crash leading to denial of service. | 5.5 |
| 2023-08-08 | CVE-2023-20562 | Unspecified vulnerability in AMD Uprof 3.4.494/3.4.502 Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution. | 7.8 |
| 2023-08-08 | CVE-2023-20569 | Information Exposure Through Discrepancy vulnerability in multiple products A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. | 4.7 |
| 2023-08-08 | CVE-2023-20586 | Unspecified vulnerability in AMD Radeon Software A potential vulnerability was reported in Radeon™ Software Crimson ReLive Edition which may allow escalation of privilege. | 9.8 |