cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-31315,https://securityvulnerability.io/vulnerability/CVE-2023-31315,Potential vulnerability in MSR could lead to arbitrary code execution,"CVE-2023-31315 is a potential vulnerability in AMD's model specific register (MSR) that could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. The vulnerability affects the majority of AMD processors and has been patched by AMD in the Ryzen 3000 Series desktop processors. It has not been exploited by ransomware groups. Additionally, there are warnings about multiple cloud service provider attacks related to the Black Hat USA conference, and a potential vulnerability in Office that could lead to sensitive data leakage.",Amd,"3rd Gen Amd Epyc™ Processors,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,4th Gen Amd Epyc™ Processors,Amd Epyc™ Embedded 3000,Amd Epyc™ Embedded 7002,Amd Epyc™ Embedded 7003,Amd Epyc™ Embedded 9003,Amd Ryzen™ Embedded R1000,Amd Ryzen™ Embedded R2000,Amd Ryzen™ Embedded 5000,Amd Ryzen™ Embedded 7000,Amd Ryzen™ Embedded V1000,Amd Ryzen™ Embedded V2000,Amd Ryzen™ Embedded V3000,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 7000 Series Desktop Processors,Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ Threadripper™ 3000 Series Processors,Amd Ryzen™ Threadripper™ Pro Processors,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors,Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 7030 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 7040 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 7045 Series Mobile Processors,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics,Amd Ryzen™ 8000 Series Processors With Radeon™ Graphics",7.5,HIGH,0.0004299999854993075,false,true,false,false,,false,false,2024-08-12T13:38:00.000Z,0
CVE-2022-23829,https://securityvulnerability.io/vulnerability/CVE-2022-23829,Potential weakness in AMD SPI protection features may allow malicious attackers to bypass kernel mode protections,"A potential weakness in the SPI protection features of AMD systems enables a malicious actor with Ring0 (kernel mode) access to circumvent the built-in protections of the System Management Mode (SMM) ROM. This may lead to unauthorized access to critical system functions, potentially compromising the integrity of the entire system. Organizations utilizing affected AMD products should assess their security measures and enhance their defenses against potential exploitation.",Amd,"Amd Ryzen™ Threadripper™ Pro Processors 5900 Wx-series,Amd Ryzen™ 6000 Series Mobile Processors And Workstations,Amd Ryzen™ 7000 Series Desktop Processors,Amd Ryzen™ 5000 Series Mobile Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors,Amd Ryzen™ 3000 Series Mobile Processor / 2nd Gen Amd Ryzen™ Mobile Processor With Radeon™ Graphics,Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ Threadripper™ Pro Processor,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors,Amd Epyc™ Embedded 3000,Amd Epyc (tm) Embedded 7002,Amd Epyc™ Embedded 7003,Amd Ryzentm Embedded R1000,Amd Ryzentm Embedded R2000,Amd Ryzentm Embedded 5000,Amd Ryzentm Embedded V1000,Amd Ryzentm Embedded V2000,Amd Ryzentm Embedded V3000",8.2,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-06-18T19:01:24.315Z,0
CVE-2023-20587,https://securityvulnerability.io/vulnerability/CVE-2023-20587,"{""Arbitrary Code Execution Vulnerability in SMM's SPI Flash""}","An improper access control vulnerability in AMD's System Management Mode (SMM) may allow attackers unauthorized access to system components, specifically targeting the Serial Peripheral Interface (SPI) flash. This exploitation can potentially lead to arbitrary code execution, granting attackers elevated privileges and the ability to execute malicious code within the system. It is crucial for users and organizations utilizing AMD products to review their systems and apply necessary mitigations as outlined in AMD's security advisory.",AMD,"3rd Gen AMD EPYC™ Processors,4th Gen AMD EPYC™ Processors,1st Gen AMD EPYC™ Processors,2nd Gen AMD EPYC™ Processors,AMD EPYC(TM) Embedded 3000 ,AMD EPYC(TM) Embedded 7002 ,AMD EPYC(TM) Embedded 7003,AMD EPYC(TM) Embedded 9003",,,0.0004299999854993075,false,false,false,false,,false,false,2024-02-13T19:31:22.706Z,0
CVE-2023-20521,https://securityvulnerability.io/vulnerability/CVE-2023-20521,,"TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.",Amd,"Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics “picasso” Am4,Ryzen™ Threadripper™ 2000 Series Processors “colfax”,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Fp5,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics “picasso” Fp5,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors,Amd Epyc™ Embedded 3000,Amd Epyc™ Embedded 7002,Amd Epyc™ Embedded 7003,Amd Ryzen™ Embedded R1000,Amd Ryzen™ Embedded R2000,Amd Ryzen™ Embedded V1000",3.3,LOW,0.0005600000149570405,false,false,false,false,,false,false,2023-11-14T19:15:00.000Z,0
CVE-2023-20592,https://securityvulnerability.io/vulnerability/CVE-2023-20592,,"Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity.












",Amd,"1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors",6.5,MEDIUM,0.0005300000193528831,false,false,false,false,,false,false,2023-11-14T19:15:00.000Z,0
CVE-2023-20526,https://securityvulnerability.io/vulnerability/CVE-2023-20526,,Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.,Amd,"Amd Ryzen™ Threadripper™ 2000 Series Processors “colfax”,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors,Amd Epyc™  Embedded 3000,Amd Epyc™  Embedded 7002,Amd Epyc™  Embedded 7003",4.6,MEDIUM,0.0005699999746866524,false,false,false,false,,false,false,2023-11-14T19:15:00.000Z,0
CVE-2023-20533,https://securityvulnerability.io/vulnerability/CVE-2023-20533,,"Insufficient DRAM address validation in System
Management Unit (SMU) may allow an attacker to read/write from/to an invalid
DRAM address, potentially resulting in denial-of-service.",Amd,"Ryzen™ 3000 Series Desktop Processors “matisse"",Amd Ryzen™ 5000 Series Desktop Processors “vermeer”,Amd Ryzen™ Threadripper™ 3000 Series Processors “castle Peak” Hedt,Amd Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws Sp3,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors  “chagall” Ws,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors,Amd Epyc™  Embedded 7002,Amd Epyc™  Embedded 7003,Amd Ryzen™  Embedded 5000,Amd Epyc™ Embedded 7002,Amd Epyc™ Embedded 7003",7.5,HIGH,0.0010400000028312206,false,false,false,false,,false,false,2023-11-14T19:15:00.000Z,0
CVE-2021-26345,https://securityvulnerability.io/vulnerability/CVE-2021-26345,,Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.,Amd,"2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors,4th Gen Amd Epyc™ Processors,Amd Epyc™ Embedded 7002,Amd Epyc™ Embedded 7003",1.9,LOW,0.0007300000288523734,false,false,false,false,,false,false,2023-11-14T18:53:20.979Z,0
CVE-2021-46774,https://securityvulnerability.io/vulnerability/CVE-2021-46774,,"Insufficient DRAM address validation in System
Management Unit (SMU) may allow an attacker to read/write from/to an invalid
DRAM address, potentially resulting in denial-of-service.",Amd,"Ryzen™ 3000 Series Desktop Processors “matisse"",Amd Ryzen™ 5000 Series Desktop Processors “vermeer”,Amd Ryzen™ Threadripper™ 3000 Series Processors “castle Peak” Hedt,Amd Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws Sp3,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors  “chagall” Ws,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors,4th Gen Amd Epyc™ Processors,Amd Epyc™ Embedded 3000,Amd Epyc™ Embedded 7002,Amd Epyc™ Embedded 7003,Amd Ryzen™  Embedded 5000",6.7,MEDIUM,0.0010400000028312206,false,false,false,false,,false,false,2023-11-14T18:52:11.012Z,0
CVE-2023-20569,https://securityvulnerability.io/vulnerability/CVE-2023-20569,,"


A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.



















",Amd,"Ryzen™ 3000 Series Desktop Processors,Ryzen™ Pro 3000 Series Desktop Processors,Ryzen™ 3000 Series Desktop Processors With Radeon™ Graphics,Ryzen™ Pro 3000 Series Processors With Radeon™ Vega Graphics,Athlon™ 3000 Series Processors With Radeon™ Graphics,Athlon™ Pro 3000 Series Processors With Radeon™ Vega Graphics,Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics,Ryzen™ Pro 4000 Series Desktop Processors,Ryzen™ 5000 Series Desktop Processors,Ryzen™ 5000 Series Desktop Processors With Radeon™ Graphics,Ryzen™ Pro 5000 Series Desktop Processors,Ryzen™ Threadripper™ 2000 Series Processors,Ryzen™ Threadripper™ 5000 Series Processors,Ryzen™ Threadripper™ 3000 Series Processors,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics,Ryzen™ 5000 Series Processors With Radeon™ Graphics,Ryzen™ Pro 5000 Series Processors,Ryzen™ 6000 Series Processors With Radeon™ Graphics,Ryzen™ Pro 6000 Series Processors,Ryzen™ 7040 Series Processors With Radeon™ Graphics,Ryzen™ 7000 Series Processors,Ryzen™ 7000 Series Processors With Radeon™ Graphics,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™  Processors,4th Gen Amd Epyc™  Processors",4.7,MEDIUM,0.000699999975040555,false,false,false,false,,false,false,2023-08-08T18:15:00.000Z,0
CVE-2023-20593,https://securityvulnerability.io/vulnerability/CVE-2023-20593,,"
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.






",Amd,"Ryzen™ 3000 Series Desktop Processors “matisse” Am4,Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics “renoir” Am4,3rd Gen Amd Ryzen™ Threadripper™ Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws Sp3,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “lucienne”,Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics “renoir”,Ryzen™ 7020 Series Processors “mendocino” Ft6,2nd Gen Amd Epyc™ Processors",5.5,MEDIUM,0.0008900000248104334,false,true,false,true,true,false,false,2023-07-24T20:15:00.000Z,0
CVE-2023-20575,https://securityvulnerability.io/vulnerability/CVE-2023-20575,,"
A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM potentially resulting in a leak of sensitive information.









",Amd,"1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors,4th Gen Amd Epyc™ Processors",6.5,MEDIUM,0.0006399999838322401,false,false,false,false,,false,false,2023-07-11T19:15:00.000Z,0
CVE-2023-20520,https://securityvulnerability.io/vulnerability/CVE-2023-20520,,"Improper access control settings in ASP
Bootloader may allow an attacker to corrupt the return address causing a
stack-based buffer overrun potentially leading to arbitrary code execution.







",AMD,"1st Gen AMD EPYC™ ,2nd Gen AMD EPYC™ ,3rd Gen AMD EPYC™ ",9.8,CRITICAL,0.003100000089034438,false,false,false,false,,false,false,2023-05-09T19:15:00.000Z,0
CVE-2023-20524,https://securityvulnerability.io/vulnerability/CVE-2023-20524,,"An attacker with a compromised ASP could
possibly send malformed commands to an ASP on another CPU, resulting in an out
of bounds write, potentially leading to a loss a loss of integrity.







",AMD,"2nd Gen AMD EPYC™ ,3rd Gen AMD EPYC™ ",7.5,HIGH,0.0005699999746866524,false,false,false,false,,false,false,2023-05-09T19:15:00.000Z,0
CVE-2021-46756,https://securityvulnerability.io/vulnerability/CVE-2021-46756,Input Validation Flaw in AMD Secure Processor Bootloader,"The AMD Secure Processor bootloader exhibits an insufficient validation of user inputs in the SVC_MAP_USER_STACK. This flaw permits an attacker utilizing a compromised user application (Uapp) or a malicious ABL to issue malformed system calls to the bootloader, potentially leading to a denial of service and compromising the integrity of the system.",Amd,"Ryzen™ 2000 Series Desktop Processors “raven Ridge” Am4,Ryzen™ 2000 Series Desktop Processors “pinnacle Ridge”,Ryzen™ 3000 Series Desktop Processors “matisse” Am4,Amd Ryzen™ 5000 Series Desktop Processors “vermeer” Am4,Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics  “cezanne” Am4,2nd Gen Amd Ryzen™ Threadripper™ Processors “colfax”,3rd Gen Amd Ryzen™ Threadripper™ Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Ulp,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Ryzen™ 2000 Series Mobile Processors “raven Ridge” Fp5,Ryzen™ 3000 Series Mobile Processor, 2nd Gen Amd Ryzen™ Mobile Processors With Radeon™ Graphics “picasso”,Ryzen™ 3000 Series Mobile Processors With Radeon™ Graphics “renoir”,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “lucienne”,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “cezanne”,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors",9.1,CRITICAL,0.001019999966956675,false,false,false,false,,false,false,2023-05-09T19:00:35.599Z,0
CVE-2021-26406,https://securityvulnerability.io/vulnerability/CVE-2021-26406,Insufficient Validation in AMD Secure Encrypted Virtualization Products,"This vulnerability arises from insufficient validation in parsing Owner's Certificate Authority (OCA) certificates in AMD Secure Encrypted Virtualization (SEV) systems. It poses a risk of host crashes that may lead to denial-of-service conditions, affecting the stability and reliability of applications relying on these technologies. Ensuring proper validation of these certificates is essential to mitigate potential disruptions and safeguard system integrity.",Amd,"Ryzen™ 2000 Series Desktop Processors “raven Ridge” Am4,Ryzen™ 2000 Series Desktop Processors “pinnacle Ridge”,Ryzen™ 3000 Series Desktop Processors “matisse” Am4,Amd Ryzen™ 5000 Series Desktop Processors “vermeer” Am4,2nd Gen Amd Ryzen™ Threadripper™ Processors “colfax”,3rd Gen Amd Ryzen™ Threadripper™ Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Ulp,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Ryzen™ 2000 Series Mobile Processors “raven Ridge” Fp5,Ryzen™ 3000 Series Mobile Processor, 2nd Gen Amd Ryzen™ Mobile Processors With Radeon™ Graphics “picasso”,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors",7.5,HIGH,0.0009699999936856329,false,false,false,false,,false,false,2023-05-09T18:59:29.119Z,0
CVE-2021-26371,https://securityvulnerability.io/vulnerability/CVE-2021-26371,,"A compromised or malicious ABL or UApp could
send a SHA256 system call to the bootloader, which may result in exposure of
ASP memory to userspace, potentially leading to information disclosure.








",Amd,"Ryzen™ 2000 Series Desktop Processors “raven Ridge” Am4,Ryzen™ 3000 Series Desktop Processors “matisse” Am4,Amd Ryzen™ 5000 Series Desktop Processors “vermeer” Am4,3rd Gen Amd Ryzen™ Threadripper™ Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws,Ryzen™ Threadripper™ Pro Processors “chagall” Ws,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Ulp,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Ryzen™ 2000 Series Mobile Processors “raven Ridge” Fp5,Ryzen™ 3000 Series Mobile Processor, 2nd Gen Amd Ryzen™ Mobile Processors With Radeon™ Graphics “picasso”,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors",5.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2023-05-09T18:59:16.122Z,0
CVE-2021-26356,https://securityvulnerability.io/vulnerability/CVE-2021-26356,TOCTOU Vulnerability in AMD Bootloader Affects SPI ROM Integrity,"A time-of-check to time-of-use (TOCTOU) vulnerability exists in the AMD ASP bootloader. This issue may allow an attacker to manipulate the SPI ROM after reading data into memory, which can lead to potential S3 data corruption and unintended information disclosure.",Amd,"Ryzen™ 3000 Series Desktop Processors “matisse” Am4,Amd Ryzen™ 5000 Series Desktop Processors “vermeer” Am4,3rd Gen Amd Ryzen™ Threadripper™ Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws,Ryzen™ Threadripper™ Pro Processors “chagall” Ws,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors",7.4,HIGH,0.002520000096410513,false,false,false,false,,false,false,2023-05-09T18:58:48.108Z,0
CVE-2021-26354,https://securityvulnerability.io/vulnerability/CVE-2021-26354,,"Insufficient bounds checking in ASP may allow an
attacker to issue a system call from a compromised ABL which may cause
arbitrary memory values to be initialized to zero, potentially leading to a
loss of integrity.




",Amd,"Ryzen™ 2000 Series Desktop Processors “raven Ridge” Am4,Ryzen™ 2000 Series Desktop Processors “pinnacle Ridge”,Ryzen™ 3000 Series Desktop Processors “matisse” Am4,Amd Ryzen™ 5000 Series Desktop Processors “vermeer” Am4,Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics  “cezanne” Am4,2nd Gen Amd Ryzen™ Threadripper™ Processors “colfax”,3rd Gen Amd Ryzen™ Threadripper™ Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws,Ryzen™ Threadripper™ Pro Processors “chagall” Ws,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Ulp,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Ryzen™ 2000 Series Mobile Processors “raven Ridge” Fp5,Ryzen™ 3000 Series Mobile Processor, 2nd Gen Amd Ryzen™ Mobile Processors With Radeon™ Graphics “picasso”,Ryzen™ 3000 Series Mobile Processors With Radeon™ Graphics “renoir”,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “lucienne”,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “cezanne”,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors",5.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2023-05-09T18:58:37.664Z,0
CVE-2021-46775,https://securityvulnerability.io/vulnerability/CVE-2021-46775,,"Improper input validation in ABL may enable an
attacker with physical access, to perform arbitrary memory overwrites,
potentially leading to a loss of integrity and code execution.



 















",Amd,"2nd Gen Amd Epyc™,3rd Gen Amd Epyc™",6.8,MEDIUM,0.0006500000017695129,false,false,false,false,,false,false,2023-05-09T18:36:26.852Z,0
CVE-2021-46769,https://securityvulnerability.io/vulnerability/CVE-2021-46769,Insufficient Syscall Input Validation in AMD ASP Bootloader,"The ASP Bootloader from AMD exhibits insufficient validation of syscall inputs, potentially enabling a privileged attacker to perform unauthorized Direct Memory Access (DMA) operations. This vulnerability can facilitate the execution of arbitrary code, posing a significant risk to system integrity and security. Users are advised to review the latest security advisories and apply necessary updates to mitigate potential threats.",Amd,"2nd Gen Amd Epyc™,3rd Gen Amd Epyc™",8.8,HIGH,0.001019999966956675,false,false,false,false,,false,false,2023-05-09T18:36:25.695Z,0
CVE-2021-46764,https://securityvulnerability.io/vulnerability/CVE-2021-46764,Improper Memory Address Validation in AMD's System Management Unit,"The vulnerability in AMD's System Management Unit (SMU) stems from improper validation of DRAM addresses, which can be exploited by attackers to overwrite crucial memory locations. This flaw can potentially lead to a denial of service, disrupting the normal functioning of affected systems and exposing them to further risks. Users are encouraged to review security advisories and apply any necessary patches.",Amd,"2nd Gen Amd Epyc™,3rd Gen Amd Epyc™",7.5,HIGH,0.0008999999845400453,false,false,false,false,,false,false,2023-05-09T18:36:24.562Z,0
CVE-2021-46763,https://securityvulnerability.io/vulnerability/CVE-2021-46763,Insufficient Input Validation in AMD Software Management Utility,"The Software Management Utility from AMD suffers from insufficient input validation, which could allow a malicious actor to manipulate shared memory buffers. This may lead to writing beyond intended memory boundaries, increasing the risk of data integrity compromise and potential execution of unauthorized code.",Amd,"2nd Gen Amd Epyc™,3rd Gen Amd Epyc™",7.5,HIGH,0.0005699999746866524,false,false,false,false,,false,false,2023-05-09T18:36:23.834Z,0
CVE-2021-46762,https://securityvulnerability.io/vulnerability/CVE-2021-46762,,"Insufficient input validation in the SMU may
allow an attacker to corrupt SMU SRAM potentially leading to a loss of
integrity or denial of service.",Amd,"2nd Gen Amd Epyc™,3rd Gen Amd Epyc™,Amd Epyc™  Embedded 7002,Amd Epyc™  Embedded 7003",3.9,LOW,0.001019999966956675,false,false,false,false,,false,false,2023-05-09T18:36:23.081Z,0
CVE-2021-26379,https://securityvulnerability.io/vulnerability/CVE-2021-26379,Insufficient Input Validation in SMU of AMD Products,"The vulnerability arises from inadequate input validation of mailbox data within the System Management Unit (SMU), which may enable attackers to manipulate SMRAM, potentially compromising system integrity and allowing for privilege escalation.",Amd,"2nd Gen Amd Epyc™,3rd Gen Amd Epyc™",9.8,CRITICAL,0.0020099999383091927,false,false,false,false,,false,false,2023-05-09T18:36:18.303Z,0