Vulnerabilities > AMD
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-08 | CVE-2023-20555 | Out-of-bounds Write vulnerability in AMD products Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM. | 7.8 |
| 2023-08-08 | CVE-2023-20556 | Unspecified vulnerability in AMD Uprof 3.4.494/3.4.502 Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD µProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service. | 5.5 |
| 2023-08-08 | CVE-2023-20561 | Unspecified vulnerability in AMD Uprof 3.4.494/3.4.502 Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD µProf may allow an authenticated user to send an arbitrary address potentially resulting in a Windows crash leading to denial of service. | 5.5 |
| 2023-08-08 | CVE-2023-20562 | Unspecified vulnerability in AMD Uprof 3.4.494/3.4.502 Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution. | 7.8 |
| 2023-08-08 | CVE-2023-20569 | Information Exposure Through Discrepancy vulnerability in multiple products A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. | 4.7 |
| 2023-08-08 | CVE-2023-20586 | Unspecified vulnerability in AMD Radeon Software A potential vulnerability was reported in Radeon™ Software Crimson ReLive Edition which may allow escalation of privilege. | 9.8 |
| 2023-08-08 | CVE-2023-20588 | Divide By Zero vulnerability in multiple products A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. | 5.5 |
| 2023-08-08 | CVE-2023-20589 | Unspecified vulnerability in AMD products An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution. low complexity amd | 6.8 |
| 2023-08-01 | CVE-2023-20583 | Information Exposure Through Discrepancy vulnerability in AMD * A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information. | 4.7 |
| 2023-07-24 | CVE-2023-20593 | An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. | 5.5 |