Filtered by vendor Amd
Subscriptions
Total
389 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-0034 | 1 Amd | 2 Instinct Mi300x, Instinct Mi325x | 2026-04-15 | 4.7 Medium |
| Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service. | ||||
| CVE-2024-36342 | 1 Amd | 10 Athlon, Athlon 3000, Instinct Mi210 and 7 more | 2026-04-15 | 8.8 High |
| Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution. | ||||
| CVE-2025-0012 | 1 Amd | 2 Epyc 9005 Series Processors, Epyc Embedded 9005 Series Processors | 2026-04-15 | N/A |
| Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality. | ||||
| CVE-2025-29948 | 1 Amd | 2 Epyc 9005 Series Processors, Epyc Embedded 9005 Series Processors | 2026-04-15 | N/A |
| Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity. | ||||
| CVE-2024-21981 | 1 Amd | 3 Athlon, Epyc, Ryzen | 2026-04-15 | 5.7 Medium |
| Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to extract ASP cryptographic keys, potentially resulting in loss of confidentiality and integrity. | ||||
| CVE-2025-29939 | 1 Amd | 8 Epyc 7003 Series Processors, Epyc 8004 Series Processors, Epyc 9004 Series Processors and 5 more | 2026-04-15 | N/A |
| Improper access control in secure encrypted virtualization (SEV) could allow a privileged attacker to write to the reverse map page (RMP) during secure nested paging (SNP) initialization, potentially resulting in a loss of guest memory confidentiality and integrity. | ||||
| CVE-2025-48509 | 1 Amd | 8 Epyc 7003 Series Processors, Epyc 8004 Series Processors, Epyc 9004 Series Processors and 5 more | 2026-04-15 | N/A |
| Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity | ||||
| CVE-2025-0005 | 1 Amd | 1 Xilinx Run Time | 2026-04-15 | 7.3 High |
| Improper input validation within the XOCL driver may allow a local attacker to generate an integer overflow condition, potentially resulting in crash or denial of service. | ||||
| CVE-2025-54514 | 1 Amd | 10 Epyc 9005 Series Processors, Epyc Embedded 9005 Series Processors, Ryzen 5000 Series Desktop Processors and 7 more | 2026-04-15 | N/A |
| Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity. | ||||
| CVE-2025-29934 | 1 Amd | 8 Epyc, Epyc 8004, Epyc 9004 and 5 more | 2026-04-15 | 5.3 Medium |
| A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest using stale TLB entries, potentially resulting in loss of data integrity. | ||||
| CVE-2025-0010 | 1 Amd | 10 Athlon, Graphics Driver, Instinct Mi200 and 7 more | 2026-04-15 | 6.1 Medium |
| An out of bounds write in the Linux graphics driver could allow an attacker to overflow the buffer potentially resulting in loss of confidentiality, integrity, or availability. | ||||
| CVE-2025-54519 | 1 Amd | 1 Vivado™ Documentation Navigator Installation (windows) | 2026-04-15 | 7.3 High |
| A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | ||||
| CVE-2025-52534 | 1 Amd | 1 Epyc 9005 Series Processors | 2026-04-15 | N/A |
| Improper bound check within AMD CPU microcode can allow a malicious guest to write to host memory, potentially resulting in loss of integrity. | ||||
| CVE-2023-31323 | 1 Amd | 7 Instinct Mi210, Instinct Mi250, Instinct Mi300a and 4 more | 2026-04-15 | N/A |
| Type confusion in the AMD Secure Processor (ASP) could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent (XGMI TA) leading to a memory safety violation potentially resulting in loss of confidentiality, integrity, or availability. | ||||
| CVE-2025-52536 | 1 Amd | 8 Epyc 7003 Series Processors, Epyc 8004 Series Processors, Epyc 9004 Series Processors and 5 more | 2026-04-15 | N/A |
| Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity. | ||||
| CVE-2024-36346 | 1 Amd | 2 Instinct Mi300a, Instinct Mi300x | 2026-04-15 | 6 Medium |
| Improper input validation in AMD Power Management Firmware (PMFW) could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition. | ||||
| CVE-2024-2193 | 2 Amd, Xen | 2 Cpu, Xen | 2026-04-15 | 5.7 Medium |
| A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths. | ||||
| CVE-2025-54515 | 2 Amd, Arm | 4 Alveo, Versal, Cortex-a and 1 more | 2026-04-15 | N/A |
| The Secure Flag passed to Versal™ Adaptive SoC’s Trusted Firmware for Cortex®-A processors (TF-A) for Arm’s Power State Coordination Interface (PSCI) commands were incorrectly set to secure instead of using the processor’s actual security state. This would allow the PSCI requests to appear they were from processors in the secure state instead of the non-secure state. | ||||
| CVE-2024-21947 | 1 Amd | 8 Athlon, Athlon 3000, Ryzen and 5 more | 2026-04-15 | 7.5 High |
| Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level. | ||||
| CVE-2024-21977 | 1 Amd | 11 Epyc, Epyc 7003, Epyc 8004 and 8 more | 2026-04-15 | 3.2 Low |
| Incomplete cleanup after loading a CPU microcode patch may allow a privileged attacker to degrade the entropy of the RDRAND instruction, potentially resulting in loss of integrity for SEV-SNP guests. | ||||