Filtered by vendor Amd
Subscribe
Total
294 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-36333 | 1 Amd | 18 Cleanup Utility, Radeon Pro Vii, Radeon Pro W5500 and 15 more | 2026-05-18 | N/A | 7.8 HIGH |
| A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. | |||||
| CVE-2017-5925 | 5 Allwinner, Amd, Intel and 2 more | 20 A64, Athlon Ii 640 X4, E-350 and 17 more | 2026-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. | |||||
| CVE-2015-7723 | 1 Amd | 1 Fglrx-driver | 2026-05-13 | 7.2 HIGH | 7.8 HIGH |
| AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. | |||||
| CVE-2017-5926 | 5 Allwinner, Amd, Intel and 2 more | 20 A64, Athlon Ii 640 X4, E-350 and 17 more | 2026-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. | |||||
| CVE-2017-5927 | 5 Allwinner, Amd, Intel and 2 more | 20 A64, Athlon Ii 640 X4, E-350 and 17 more | 2026-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. | |||||
| CVE-2015-7724 | 1 Amd | 1 Fglrx-driver | 2026-05-13 | 7.2 HIGH | 7.8 HIGH |
| AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. NOTE: This vulnerability exists due to an incomplete fix for CVE-2015-7723. | |||||
| CVE-2017-7262 | 1 Amd | 1 Ryzen | 2026-05-13 | 4.9 MEDIUM | 5.5 MEDIUM |
| The AMD Ryzen processor with AGESA microcode through 2017-01-27 allows local users to cause a denial of service (system hang) via an application that makes a long series of FMA3 instructions, as demonstrated by the Flops test suite. | |||||
| CVE-2013-6885 | 1 Amd | 3 16h Model 00h Processor, 16h Model 0fh Processor, 16h Model Processor Firmware | 2026-04-29 | 4.7 MEDIUM | N/A |
| The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of service (system hang) via a crafted application, aka the errata 793 issue. | |||||
| CVE-2008-3890 | 2 Amd, Freebsd | 2 Amd64, Freebsd | 2026-04-23 | 7.2 HIGH | N/A |
| The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an extra swapgs call after a General Protection Fault (GPF), which allows local users to gain privileges by triggering a GPF during the kernel's return from (1) an interrupt, (2) a trap, or (3) a system call. | |||||
| CVE-2007-4315 | 3 Amd, Ati, Microsoft | 3 Catalyst Driver, Catalyst Driver, Windows Vista | 2026-04-23 | 6.9 MEDIUM | N/A |
| The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows local users to bypass the driver signing policy, write to arbitrary kernel memory locations, and thereby gain privileges via unspecified vectors, as demonstrated by "Purple Pill". | |||||
| CVE-2007-4574 | 3 Amd, Intel, Redhat | 3 Amd64, Ia64, Enterprise Linux | 2026-04-23 | 4.7 MEDIUM | N/A |
| Unspecified vulnerability in the "stack unwinder fixes" in kernel in Red Hat Enterprise Linux 5, when running on AMD64 and Intel 64, allows local users to cause a denial of service via unknown vectors. | |||||
| CVE-2008-1615 | 2 Amd, Redhat | 3 Amd64, Enterprise Linux, Enterprise Linux Desktop | 2026-04-23 | 4.9 MEDIUM | N/A |
| Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls. | |||||
| CVE-2005-1036 | 2 Amd, Freebsd | 2 Amd64, Freebsd | 2026-04-16 | 7.2 HIGH | 7.8 HIGH |
| FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges. | |||||
| CVE-2022-27672 | 1 Amd | 330 A10-9600p, A10-9600p Firmware, A10-9630p and 327 more | 2026-04-13 | N/A | 4.7 MEDIUM |
| When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure. | |||||
| CVE-2023-31324 | 1 Amd | 26 Instinct Mi210, Instinct Mi250, Instinct Mi300a and 23 more | 2026-03-05 | N/A | 7.8 HIGH |
| A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability. | |||||
| CVE-2023-20548 | 1 Amd | 26 Instinct Mi210, Instinct Mi250, Instinct Mi300a and 23 more | 2026-03-05 | N/A | 7.8 HIGH |
| A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability. | |||||
| CVE-2021-26353 | 1 Amd | 46 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 43 more | 2026-02-24 | 7.2 HIGH | 7.8 HIGH |
| Failure to validate inputs in SMM may allow an attacker to create a mishandled error leaving the DRTM UApp in a partially initialized state potentially resulting in loss of memory integrity. | |||||
| CVE-2024-36340 | 1 Amd | 1 Uprof | 2025-11-26 | N/A | 6.6 MEDIUM |
| A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points, potentially resulting in arbitrary file deletion or disclosure. | |||||
| CVE-2025-29933 | 1 Amd | 1 Uprof | 2025-11-26 | N/A | 5.5 MEDIUM |
| Improper input validation within AMD uProf can allow a local attacker to write out of bounds, potentially resulting in a crash or denial of service | |||||
| CVE-2025-48502 | 1 Amd | 1 Uprof | 2025-11-26 | N/A | 5.5 MEDIUM |
| Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service. | |||||