CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36353
https://notcve.org/view.php?id=CVE-2024-36353
02 Mar 2025 — Insufficient clearing of GPU global memory could allow a malicious process running on the same GPU to read left over memory values, potentially leading to loss of confidentiality. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6019.html • CWE-459: Incomplete Cleanup •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-21971
https://notcve.org/view.php?id=CVE-2024-21971
12 Feb 2025 — Improper input validation in AMD Crash Defender could allow an attacker to provide the Windows® system process ID to a kernel-mode driver, resulting in an operating system crash, potentially leading to denial of service. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6008.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31345
https://notcve.org/view.php?id=CVE-2023-31345
11 Feb 2025 — Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-20508
https://notcve.org/view.php?id=CVE-2023-20508
11 Feb 2025 — Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidentiality, integrity, or availability. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6008.html • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31343
https://notcve.org/view.php?id=CVE-2023-31343
11 Feb 2025 — Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31342
https://notcve.org/view.php?id=CVE-2023-31342
11 Feb 2025 — Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html • CWE-20: Improper Input Validation •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-20515
https://notcve.org/view.php?id=CVE-2023-20515
11 Feb 2025 — Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21966
https://notcve.org/view.php?id=CVE-2024-21966
11 Feb 2025 — A DLL hijacking vulnerability in the AMD Ryzen™ Master Utility could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-9010.html • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21976
https://notcve.org/view.php?id=CVE-2024-21976
12 Nov 2024 — Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7017.html • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21975
https://notcve.org/view.php?id=CVE-2024-21975
12 Nov 2024 — Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7017.html • CWE-20: Improper Input Validation •