Vulnerabilities > AMD > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-14 | CVE-2023-20526 | Unspecified vulnerability in AMD products Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality. low complexity amd | 4.6 |
| 2023-11-14 | CVE-2023-20567 | Improper Verification of Cryptographic Signature vulnerability in multiple products Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature potentially leading to arbitrary code execution. | 6.7 |
| 2023-11-14 | CVE-2023-20568 | Improper Verification of Cryptographic Signature vulnerability in multiple products Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potentially leading to arbitrary code execution. | 6.7 |
| 2023-11-14 | CVE-2023-20592 | Unspecified vulnerability in AMD products Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity. | 6.5 |
| 2023-09-27 | CVE-2023-44216 | Information Exposure Through Discrepancy vulnerability in multiple products PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. | 5.3 |
| 2023-09-20 | CVE-2023-20594 | Improper Initialization vulnerability in AMD products Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | 4.4 |
| 2023-09-20 | CVE-2023-20597 | Improper Initialization vulnerability in AMD products Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | 5.5 |
| 2023-08-15 | CVE-2023-20560 | Improper Input Validation vulnerability in AMD Ryzen Master and Ryzen Master Monitoring SDK Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service. | 4.4 |
| 2023-08-15 | CVE-2023-20564 | Improper Input Validation vulnerability in AMD Ryzen Master and Ryzen Master Monitoring SDK Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution. | 6.7 |
| 2023-08-08 | CVE-2023-20556 | Unspecified vulnerability in AMD Uprof 3.4.494/3.4.502 Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD µProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service. | 5.5 |