cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-20521,https://securityvulnerability.io/vulnerability/CVE-2023-20521,,"TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.",Amd,"Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics “picasso” Am4,Ryzen™ Threadripper™ 2000 Series Processors “colfax”,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Fp5,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics “picasso” Fp5,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors,Amd Epyc™ Embedded 3000,Amd Epyc™ Embedded 7002,Amd Epyc™ Embedded 7003,Amd Ryzen™ Embedded R1000,Amd Ryzen™ Embedded R2000,Amd Ryzen™ Embedded V1000",3.3,LOW,0.0005600000149570405,false,false,false,false,,false,false,2023-11-14T19:15:00.000Z,0
CVE-2023-20526,https://securityvulnerability.io/vulnerability/CVE-2023-20526,,Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.,Amd,"Amd Ryzen™ Threadripper™ 2000 Series Processors “colfax”,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors,Amd Epyc™  Embedded 3000,Amd Epyc™  Embedded 7002,Amd Epyc™  Embedded 7003",4.6,MEDIUM,0.0005699999746866524,false,false,false,false,,false,false,2023-11-14T19:15:00.000Z,0
CVE-2022-23821,https://securityvulnerability.io/vulnerability/CVE-2022-23821,Improper Access Control Vulnerability in AMD System Management Mode,"This vulnerability involves improper access control within System Management Mode (SMM), which may permit an attacker to write to the Serial Peripheral Interface (SPI) ROM. Exploitation of this vulnerability could potentially lead to arbitrary code execution, posing significant security risks to affected systems. It is crucial for users and administrators of AMD platforms to be aware of this issue and implement necessary security measures to safeguard their environments.",Amd,"Ryzen™ 3000 Series Desktop Processors “matisse”,Ryzen™ 5000 Series Desktop Processors “vermeer”,Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics  “cezanne”,Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics “picasso” Am4,Ryzen™ Threadripper™ 2000 Series Processors “colfax”,Ryzen™ Threadripper™ 3000 Series Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws Sp3,Ryzen™ Threadripper™ Pro 3000wx Series Processors  “chagall” Ws,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Fp5,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics “picasso” Fp5,Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics “renoir” Fp6,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “lucienne”,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “cezanne”,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics ""rembrandt"",Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics “rembrandt-r”,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics  “barcelo”,Amd Ryzen™ 7030 Series Mobile Processors With Radeon™ Graphics “barcelo-r”,Amd Ryzen™  Embedded R1000,Amd Ryzen™  Embedded R2000,Amd Ryzen™  Embedded 5000,Amd Ryzen™  Embedded V1000,Amd Ryzen™  Embedded V2000,Amd Ryzen™  Embedded V3000",9.8,CRITICAL,0.0028200000524520874,false,false,false,false,,false,false,2023-11-14T18:54:32.952Z,0
CVE-2022-23820,https://securityvulnerability.io/vulnerability/CVE-2022-23820,,"Failure to validate the AMD SMM communication buffer
may allow an attacker to corrupt the SMRAM potentially leading to arbitrary
code execution.",Amd,"Ryzen™ 3000 Series Desktop Processors “matisse"",Amd Ryzen™ 5000 Series Desktop Processors “vermeer”,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics  “cezanne”,Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics “picasso” Am4,Amd Ryzen™ Threadripper™ 2000 Series Processors “colfax”,Amd Ryzen™ Threadripper™ 3000 Series Processors “castle Peak” Hedt,Amd Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws Sp3,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors  “chagall” Ws,Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics “picasso” Fp5,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics “renoir” Fp6,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “lucienne”,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “cezanne”,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics ""rembrandt"",Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics “rembrandt-r”,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics  “barcelo”,Amd Ryzen™ 7030 Series Mobile Processors With Radeon™ Graphics “barcelo-r”,3rd Gen Amd Epyc™ Processors,Amd Epyc™ Embedded 7003",7.5,HIGH,0.002240000059828162,false,false,false,false,,false,false,2023-11-14T18:52:21.457Z,0
CVE-2021-46756,https://securityvulnerability.io/vulnerability/CVE-2021-46756,Input Validation Flaw in AMD Secure Processor Bootloader,"The AMD Secure Processor bootloader exhibits an insufficient validation of user inputs in the SVC_MAP_USER_STACK. This flaw permits an attacker utilizing a compromised user application (Uapp) or a malicious ABL to issue malformed system calls to the bootloader, potentially leading to a denial of service and compromising the integrity of the system.",Amd,"Ryzen™ 2000 Series Desktop Processors “raven Ridge” Am4,Ryzen™ 2000 Series Desktop Processors “pinnacle Ridge”,Ryzen™ 3000 Series Desktop Processors “matisse” Am4,Amd Ryzen™ 5000 Series Desktop Processors “vermeer” Am4,Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics  “cezanne” Am4,2nd Gen Amd Ryzen™ Threadripper™ Processors “colfax”,3rd Gen Amd Ryzen™ Threadripper™ Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Ulp,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Ryzen™ 2000 Series Mobile Processors “raven Ridge” Fp5,Ryzen™ 3000 Series Mobile Processor, 2nd Gen Amd Ryzen™ Mobile Processors With Radeon™ Graphics “picasso”,Ryzen™ 3000 Series Mobile Processors With Radeon™ Graphics “renoir”,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “lucienne”,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “cezanne”,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors",9.1,CRITICAL,0.001019999966956675,false,false,false,false,,false,false,2023-05-09T19:00:35.599Z,0
CVE-2021-26406,https://securityvulnerability.io/vulnerability/CVE-2021-26406,Insufficient Validation in AMD Secure Encrypted Virtualization Products,"This vulnerability arises from insufficient validation in parsing Owner's Certificate Authority (OCA) certificates in AMD Secure Encrypted Virtualization (SEV) systems. It poses a risk of host crashes that may lead to denial-of-service conditions, affecting the stability and reliability of applications relying on these technologies. Ensuring proper validation of these certificates is essential to mitigate potential disruptions and safeguard system integrity.",Amd,"Ryzen™ 2000 Series Desktop Processors “raven Ridge” Am4,Ryzen™ 2000 Series Desktop Processors “pinnacle Ridge”,Ryzen™ 3000 Series Desktop Processors “matisse” Am4,Amd Ryzen™ 5000 Series Desktop Processors “vermeer” Am4,2nd Gen Amd Ryzen™ Threadripper™ Processors “colfax”,3rd Gen Amd Ryzen™ Threadripper™ Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Ulp,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Ryzen™ 2000 Series Mobile Processors “raven Ridge” Fp5,Ryzen™ 3000 Series Mobile Processor, 2nd Gen Amd Ryzen™ Mobile Processors With Radeon™ Graphics “picasso”,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors",7.5,HIGH,0.0009699999936856329,false,false,false,false,,false,false,2023-05-09T18:59:29.119Z,0
CVE-2021-26354,https://securityvulnerability.io/vulnerability/CVE-2021-26354,,"Insufficient bounds checking in ASP may allow an
attacker to issue a system call from a compromised ABL which may cause
arbitrary memory values to be initialized to zero, potentially leading to a
loss of integrity.


",Amd,"Ryzen™ 2000 Series Desktop Processors “raven Ridge” Am4,Ryzen™ 2000 Series Desktop Processors “pinnacle Ridge”,Ryzen™ 3000 Series Desktop Processors “matisse” Am4,Amd Ryzen™ 5000 Series Desktop Processors “vermeer” Am4,Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics  “cezanne” Am4,2nd Gen Amd Ryzen™ Threadripper™ Processors “colfax”,3rd Gen Amd Ryzen™ Threadripper™ Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws,Ryzen™ Threadripper™ Pro Processors “chagall” Ws,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Ulp,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Ryzen™ 2000 Series Mobile Processors “raven Ridge” Fp5,Ryzen™ 3000 Series Mobile Processor, 2nd Gen Amd Ryzen™ Mobile Processors With Radeon™ Graphics “picasso”,Ryzen™ 3000 Series Mobile Processors With Radeon™ Graphics “renoir”,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “lucienne”,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “cezanne”,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors",5.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2023-05-09T18:58:37.664Z,0