Filtered by vendor Amd
Subscribe
Total
284 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-12893 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Stack Buffer Overflow in AMD Graphics Driver for Windows 10 in Escape 0x15002a may lead to escalation of privilege or denial of service. | |||||
| CVE-2020-12892 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| An untrusted search path in AMD Radeon settings Installer may lead to a privilege escalation or unauthorized code execution. | |||||
| CVE-2020-12891 | 1 Amd | 2 Radeon Pro Software, Radeon Software | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable. | |||||
| CVE-2020-12890 | 1 Amd | 1 Amd Generic Encapsulated Software Architecture | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
| Improper handling of pointers in the System Management Mode (SMM) handling code may allow for a privileged attacker with physical or administrative access to potentially manipulate the AMD Generic Encapsulated Software Architecture (AGESA) to execute arbitrary code undetected by the operating system. | |||||
| CVE-2020-12138 | 1 Amd | 1 Atillk64 | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space of the calling process. This could enable low-privileged users to achieve NT AUTHORITY\SYSTEM privileges via a DeviceIoControl call associated with MmMapIoSpace, IoAllocateMdl, MmBuildMdlForNonPagedPool, or MmMapLockedPages. | |||||
| CVE-2019-9836 | 2 Amd, Opensuse | 16 Epyc 7251, Epyc 7261, Epyc 7281 and 13 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation. | |||||
| CVE-2019-7247 | 1 Amd | 1 Overdrive | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in AODDriver2.sys in AMD OverDrive. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x81112ee0 and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges. | |||||
| CVE-2019-7246 | 1 Amd | 1 Atillk64 | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| An issue was discovered in atillk64.sys in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility 5.11.9.0. The vulnerable driver exposes a wrmsr instruction and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges. | |||||
| CVE-2019-5183 | 2 Amd, Vmware | 2 Atidxx64, Workstation | 2024-11-21 | 6.8 MEDIUM | 9.0 CRITICAL |
| An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.10003, 26.20.13031.15006 and 26.20.13031.18002. A specially crafted pixel shader can cause a type confusion issue, leading to potential code execution. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. | |||||
| CVE-2019-5147 | 2 Amd, Vmware | 2 Atidxx64, Workstation | 2024-11-21 | 7.8 HIGH | 8.6 HIGH |
| An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13003.1007. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. | |||||
| CVE-2019-5146 | 2 Amd, Vmware | 2 Atidxx64, Workstation | 2024-11-21 | 7.8 HIGH | 8.6 HIGH |
| An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13025.10004. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. | |||||
| CVE-2019-5124 | 2 Amd, Vmware | 2 Atidxx64, Workstation | 2024-11-21 | 7.8 HIGH | 8.6 HIGH |
| An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.50005. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. | |||||
| CVE-2019-5098 | 3 Amd, Microsoft, Vmware | 6 Radeon 550, Radeon 550 Firmware, Radeon Rx 550 and 3 more | 2024-11-21 | 5.0 MEDIUM | 8.6 HIGH |
| An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. A specially crafted pixel shader can cause out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. | |||||
| CVE-2019-5049 | 1 Amd | 6 Radeon 550, Radeon 550 Firmware, Radeon Rx 550 and 3 more | 2024-11-21 | 7.5 HIGH | 10.0 CRITICAL |
| An exploitable memory corruption vulnerability exists in AMD ATIDXX64.DLL driver, versions 25.20.15031.5004 and 25.20.15031.9002. A specially crafted pixel shader can cause an out-of-bounds memory write. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. | |||||
| CVE-2018-8936 | 1 Amd | 8 Epyc Server, Epyc Server Firmware, Ryzen and 5 more | 2024-11-21 | 9.3 HIGH | 9.0 CRITICAL |
| The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor (PSP) privilege escalation. | |||||
| CVE-2018-8935 | 1 Amd | 4 Ryzen, Ryzen Firmware, Ryzen Pro and 1 more | 2024-11-21 | 9.3 HIGH | 9.0 CRITICAL |
| The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC, aka CHIMERA-HW. | |||||
| CVE-2018-8934 | 1 Amd | 4 Ryzen, Ryzen Firmware, Ryzen Pro and 1 more | 2024-11-21 | 9.3 HIGH | 9.0 CRITICAL |
| The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in firmware, aka CHIMERA-FW. | |||||
| CVE-2018-8933 | 1 Amd | 2 Epyc Server, Epyc Server Firmware | 2024-11-21 | 9.3 HIGH | 9.0 CRITICAL |
| The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and FALLOUT-3. | |||||
| CVE-2018-8932 | 1 Amd | 4 Ryzen, Ryzen Firmware, Ryzen Pro and 1 more | 2024-11-21 | 9.3 HIGH | 9.0 CRITICAL |
| The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4. | |||||
| CVE-2018-8931 | 1 Amd | 6 Ryzen, Ryzen Firmware, Ryzen Mobile and 3 more | 2024-11-21 | 9.3 HIGH | 9.0 CRITICAL |
| The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1. | |||||