Vulnerabilities > AMD > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-11 | CVE-2020-12982 | Release of Invalid Pointer or Reference vulnerability in AMD Radeon PRO Software and Radeon Software An invalid object pointer free vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | 7.8 |
| 2021-06-11 | CVE-2020-12983 | Out-of-bounds Write vulnerability in AMD Radeon PRO Software and Radeon Software An out of bounds write vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privileges or denial of service. | 7.8 |
| 2021-06-11 | CVE-2020-12985 | Improper Input Validation vulnerability in AMD Radeon PRO Software and Radeon Software An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | 7.8 |
| 2021-06-11 | CVE-2020-12986 | Improper Input Validation vulnerability in AMD Radeon PRO Software and Radeon Software An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may cause arbitrary code execution in the kernel, leading to escalation of privilege or denial of service. | 7.8 |
| 2021-05-13 | CVE-2020-12967 | Command Injection vulnerability in AMD products The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor. | 7.2 |
| 2021-05-13 | CVE-2021-26311 | Command Injection vulnerability in AMD products In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor. | 7.2 |
| 2020-11-12 | CVE-2020-12927 | Unspecified vulnerability in AMD Vbios Flash Tool Software Development KIT A potential vulnerability in a dynamically loaded AMD driver in AMD VBIOS Flash Tool SDK may allow any authenticated user to escalate privileges to NT authority system. | 7.8 |
| 2020-10-13 | CVE-2020-12928 | Unspecified vulnerability in AMD Ryzen Master A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master V15 may allow any authenticated user to escalate privileges to NT authority system. | 7.8 |
| 2020-04-27 | CVE-2020-12138 | Missing Authorization vulnerability in AMD Atillk64 5.11.9.0 AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space of the calling process. | 8.8 |
| 2020-02-12 | CVE-2020-8950 | Link Following vulnerability in AMD User Experience Program 1.0.0.1 The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\AMD\PPC\temp that points to an arbitrary folder with an arbitrary file name. | 7.8 |