CVSS: 7.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36336
https://notcve.org/view.php?id=CVE-2024-36336
02 Apr 2025 — Integer overflow within the AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to a loss of confidentiality, integrity, or availability. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7037.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36328
https://notcve.org/view.php?id=CVE-2024-36328
02 Apr 2025 — Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of integrity or availability. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7037.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36337
https://notcve.org/view.php?id=CVE-2024-36337
02 Apr 2025 — Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of confidentiality, integrity or availability. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7037.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0014
https://notcve.org/view.php?id=CVE-2025-0014
02 Apr 2025 — Incorrect default permissions on the AMD Ryzen(TM) AI installation folder could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7037.html • CWE-276: Incorrect Default Permissions •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-20515
https://notcve.org/view.php?id=CVE-2023-20515
11 Feb 2025 — Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21966
https://notcve.org/view.php?id=CVE-2024-21966
11 Feb 2025 — A DLL hijacking vulnerability in the AMD Ryzen™ Master Utility could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-9010.html • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21976
https://notcve.org/view.php?id=CVE-2024-21976
12 Nov 2024 — Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7017.html • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21975
https://notcve.org/view.php?id=CVE-2024-21975
12 Nov 2024 — Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7017.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21974
https://notcve.org/view.php?id=CVE-2024-21974
12 Nov 2024 — Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7017.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21949
https://notcve.org/view.php?id=CVE-2024-21949
12 Nov 2024 — Improper validation of user input in the NPU driver could allow an attacker to provide a buffer with unexpected size, potentially leading to system crash. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7017.html • CWE-20: Improper Input Validation •