CVSS: 7.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36336
https://notcve.org/view.php?id=CVE-2024-36336
02 Apr 2025 — Integer overflow within the AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to a loss of confidentiality, integrity, or availability. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7037.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36328
https://notcve.org/view.php?id=CVE-2024-36328
02 Apr 2025 — Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of integrity or availability. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7037.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36337
https://notcve.org/view.php?id=CVE-2024-36337
02 Apr 2025 — Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of confidentiality, integrity or availability. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7037.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0014
https://notcve.org/view.php?id=CVE-2025-0014
02 Apr 2025 — Incorrect default permissions on the AMD Ryzen(TM) AI installation folder could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7037.html • CWE-276: Incorrect Default Permissions •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36353
https://notcve.org/view.php?id=CVE-2024-36353
02 Mar 2025 — Insufficient clearing of GPU global memory could allow a malicious process running on the same GPU to read left over memory values, potentially leading to loss of confidentiality. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6019.html • CWE-459: Incomplete Cleanup •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-21971
https://notcve.org/view.php?id=CVE-2024-21971
12 Feb 2025 — Improper input validation in AMD Crash Defender could allow an attacker to provide the Windows® system process ID to a kernel-mode driver, resulting in an operating system crash, potentially leading to denial of service. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6008.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31345
https://notcve.org/view.php?id=CVE-2023-31345
11 Feb 2025 — Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-20508
https://notcve.org/view.php?id=CVE-2023-20508
11 Feb 2025 — Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidentiality, integrity, or availability. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6008.html • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31343
https://notcve.org/view.php?id=CVE-2023-31343
11 Feb 2025 — Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31342
https://notcve.org/view.php?id=CVE-2023-31342
11 Feb 2025 — Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html • CWE-20: Improper Input Validation •