Vulnerabilities > AMD > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-09 | CVE-2021-26391 | Unspecified vulnerability in AMD products Insufficient verification of multiple header signatures while loading a Trusted Application (TA) may allow an attacker with privileges to gain code execution in that TA or the OS/kernel. | 7.8 |
| 2022-11-09 | CVE-2021-26392 | Out-of-bounds Write vulnerability in AMD products Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA. | 7.8 |
| 2022-11-09 | CVE-2022-23831 | Unspecified vulnerability in AMD Uprof 3.4.494/3.4.502 Insufficient validation of the IOCTL input buffer in AMD µProf may allow an attacker to send an arbitrary buffer leading to a potential Windows kernel crash resulting in denial of service. | 7.5 |
| 2022-11-09 | CVE-2022-27673 | Unspecified vulnerability in AMD Link Insufficient access controls in the AMD Link Android app may potentially result in information disclosure. | 7.5 |
| 2022-11-09 | CVE-2022-27674 | Unspecified vulnerability in AMD Uprof 3.4.494/3.4.502 Insufficient validation in the IOCTL input/output buffer in AMD µProf may allow an attacker to bypass bounds checks potentially leading to a Windows kernel crash resulting in denial of service. | 7.5 |
| 2022-07-14 | CVE-2021-26384 | Out-of-bounds Write vulnerability in AMD products A malformed SMI (System Management Interface) command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentially leading to out-of-bounds memory reads and writes when triggering an SMI resulting in a potential loss of resources. | 7.8 |
| 2022-05-12 | CVE-2021-26317 | Unspecified vulnerability in AMD products Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify SPI flash resulting in a potential arbitrary code execution. | 7.8 |
| 2022-05-12 | CVE-2021-26386 | Out-of-bounds Write vulnerability in AMD products A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call to the Stage 2 Bootloader potentially leading to corrupt memory and code execution. | 7.8 |
| 2022-05-12 | CVE-2021-26366 | Unspecified vulnerability in AMD products An attacker, who gained elevated privileges via some other vulnerability, may be able to read data from Boot ROM resulting in a loss of system integrity. | 7.1 |
| 2022-05-10 | CVE-2021-26324 | Unspecified vulnerability in AMD products A bug with the SEV-ES TMR may lead to a potential loss of memory integrity for SNP-active VMs. | 7.2 |