Vulnerabilities > AMD > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-13 | CVE-2022-23815 | Out-of-bounds Write vulnerability in AMD products Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution. | 8.2 |
| 2024-08-13 | CVE-2023-31348 | Uncontrolled Search Path Element vulnerability in AMD Uprof A DLL hijacking vulnerability in AMD µProf could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | 7.8 |
| 2024-08-13 | CVE-2023-31349 | Incorrect Default Permissions vulnerability in AMD Uprof Incorrect default permissions in the AMD µProf installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | 7.8 |
| 2024-08-05 | CVE-2024-21978 | Unspecified vulnerability in AMD products Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption. | 7.9 |
| 2024-08-05 | CVE-2024-21980 | Out-of-bounds Write vulnerability in AMD products Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity. | 7.9 |
| 2024-02-13 | CVE-2021-46757 | Unspecified vulnerability in AMD products Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space potentially leading to privilege escalation. | 7.8 |
| 2023-11-14 | CVE-2021-46774 | Unspecified vulnerability in AMD products Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service. | 7.5 |
| 2023-11-14 | CVE-2023-20533 | Unspecified vulnerability in AMD products Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service. | 7.5 |
| 2023-11-14 | CVE-2023-20563 | Improper Privilege Management vulnerability in AMD products Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-11-14 | CVE-2023-20565 | Improper Privilege Management vulnerability in AMD products Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. | 7.8 |