Vulnerabilities > AMD > Ryzen Threadripper PRO 3795Wx Firmware > High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-14	CVE-2021-46774	Unspecified vulnerability in AMD products Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service. network low complexity amd	7.5
2023-04-02	CVE-2023-20558	Unspecified vulnerability in AMD products Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of privileges. network low complexity amd	8.8
2023-04-02	CVE-2023-20559	Unspecified vulnerability in AMD products Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges. network low complexity amd	8.8
2023-01-11	CVE-2021-26316	Improper Input Validation vulnerability in AMD products Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution. local low complexity amd CWE-20	7.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.