Vulnerabilities > AMD > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-15 | CVE-2023-20564 | Improper Input Validation vulnerability in AMD Ryzen Master and Ryzen Master Monitoring SDK Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution. | 6.7 |
| 2023-08-08 | CVE-2023-20556 | Unspecified vulnerability in AMD Uprof 3.4.494/3.4.502 Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD µProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service. | 5.5 |
| 2023-08-08 | CVE-2023-20561 | Unspecified vulnerability in AMD Uprof 3.4.494/3.4.502 Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD µProf may allow an authenticated user to send an arbitrary address potentially resulting in a Windows crash leading to denial of service. | 5.5 |
| 2023-08-08 | CVE-2023-20569 | Information Exposure Through Discrepancy vulnerability in multiple products A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. | 4.7 |
| 2023-08-08 | CVE-2023-20588 | Divide By Zero vulnerability in multiple products A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. | 5.5 |
| 2023-08-08 | CVE-2023-20589 | Unspecified vulnerability in AMD products An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution. low complexity amd | 6.8 |
| 2023-08-01 | CVE-2023-20583 | Information Exposure Through Discrepancy vulnerability in AMD * A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information. | 4.7 |
| 2023-07-24 | CVE-2023-20593 | An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. | 5.5 |
| 2023-07-11 | CVE-2023-20575 | Information Exposure Through Discrepancy vulnerability in AMD products A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM potentially resulting in a leak of sensitive information. | 6.5 |
| 2023-05-09 | CVE-2021-46759 | Out-of-bounds Write vulnerability in AMD products Improper syscall input validation in AMD TEE (Trusted Execution Environment) may allow an attacker with physical access and control of a Uapp that runs under the bootloader to reveal the contents of the ASP (AMD Secure Processor) bootloader accessible memory to a serial port, resulting in a potential loss of integrity. | 6.1 |