cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-31315,https://securityvulnerability.io/vulnerability/CVE-2023-31315,Potential vulnerability in MSR could lead to arbitrary code execution,"CVE-2023-31315 is a potential vulnerability in AMD's model specific register (MSR) that could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. The vulnerability affects the majority of AMD processors and has been patched by AMD in the Ryzen 3000 Series desktop processors. It has not been exploited by ransomware groups. Additionally, there are warnings about multiple cloud service provider attacks related to the Black Hat USA conference, and a potential vulnerability in Office that could lead to sensitive data leakage.",Amd,"3rd Gen Amd Epyc™ Processors,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,4th Gen Amd Epyc™ Processors,Amd Epyc™ Embedded 3000,Amd Epyc™ Embedded 7002,Amd Epyc™ Embedded 7003,Amd Epyc™ Embedded 9003,Amd Ryzen™ Embedded R1000,Amd Ryzen™ Embedded R2000,Amd Ryzen™ Embedded 5000,Amd Ryzen™ Embedded 7000,Amd Ryzen™ Embedded V1000,Amd Ryzen™ Embedded V2000,Amd Ryzen™ Embedded V3000,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 7000 Series Desktop Processors,Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ Threadripper™ 3000 Series Processors,Amd Ryzen™ Threadripper™ Pro Processors,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors,Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 7030 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 7040 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 7045 Series Mobile Processors,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics,Amd Ryzen™ 8000 Series Processors With Radeon™ Graphics",7.5,HIGH,0.0004299999854993075,false,,true,false,false,,,false,false,,2024-08-12T13:38:00.000Z,0
CVE-2022-23829,https://securityvulnerability.io/vulnerability/CVE-2022-23829,Potential weakness in AMD SPI protection features may allow malicious attackers to bypass kernel mode protections,"A potential weakness in the SPI protection features of AMD systems enables a malicious actor with Ring0 (kernel mode) access to circumvent the built-in protections of the System Management Mode (SMM) ROM. This may lead to unauthorized access to critical system functions, potentially compromising the integrity of the entire system. Organizations utilizing affected AMD products should assess their security measures and enhance their defenses against potential exploitation.",Amd,"Amd Ryzen™ Threadripper™ Pro Processors 5900 Wx-series,Amd Ryzen™ 6000 Series Mobile Processors And Workstations,Amd Ryzen™ 7000 Series Desktop Processors,Amd Ryzen™ 5000 Series Mobile Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors,Amd Ryzen™ 3000 Series Mobile Processor / 2nd Gen Amd Ryzen™ Mobile Processor With Radeon™ Graphics,Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ Threadripper™ Pro Processor,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors,Amd Epyc™ Embedded 3000,Amd Epyc (tm) Embedded 7002,Amd Epyc™ Embedded 7003,Amd Ryzentm Embedded R1000,Amd Ryzentm Embedded R2000,Amd Ryzentm Embedded 5000,Amd Ryzentm Embedded V1000,Amd Ryzentm Embedded V2000,Amd Ryzentm Embedded V3000",8.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-18T19:01:24.315Z,0
CVE-2023-20587,https://securityvulnerability.io/vulnerability/CVE-2023-20587,"{""Arbitrary Code Execution Vulnerability in SMM's SPI Flash""}","An improper access control vulnerability in AMD's System Management Mode (SMM) may allow attackers unauthorized access to system components, specifically targeting the Serial Peripheral Interface (SPI) flash. This exploitation can potentially lead to arbitrary code execution, granting attackers elevated privileges and the ability to execute malicious code within the system. It is crucial for users and organizations utilizing AMD products to review their systems and apply necessary mitigations as outlined in AMD's security advisory.",AMD,"3rd Gen AMD EPYC™ Processors,4th Gen AMD EPYC™ Processors,1st Gen AMD EPYC™ Processors,2nd Gen AMD EPYC™ Processors,AMD EPYC(TM) Embedded 3000 ,AMD EPYC(TM) Embedded 7002 ,AMD EPYC(TM) Embedded 7003,AMD EPYC(TM) Embedded 9003",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-13T19:31:22.706Z,0
CVE-2023-20592,https://securityvulnerability.io/vulnerability/CVE-2023-20592,Cache Line Write-back Vulnerability in AMD CPUs Affected by Malicious Hypervisors,"A vulnerability exists within certain AMD CPUs due to improper behavior of the INVD instruction when controlled by a malicious hypervisor. This flaw allows attackers to manipulate the cache line write-back mechanisms of the CPU, potentially compromising the memory integrity of guest virtual machines. As a result, sensitive data within virtual environments may be exposed to unauthorized access, posing a serious risk to cloud services and virtualization platforms.",Amd,"1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors",6.5,MEDIUM,0.0005300000193528831,false,,false,false,false,,,false,false,,2023-11-14T19:15:00.000Z,0
CVE-2023-20526,https://securityvulnerability.io/vulnerability/CVE-2023-20526,Insufficient Input Validation in ASP Bootloader from AMD,"The ASP Bootloader by AMD is susceptible to a vulnerability that stems from insufficient input validation, allowing a privileged attacker with physical access to potentially access and expose sensitive ASP memory contents. This could result in a significant loss of confidentiality, making it crucial for users to prioritize security measures to mitigate the risk associated with this flaw.",Amd,"Amd Ryzen™ Threadripper™ 2000 Series Processors “colfax”,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors,Amd Epyc™  Embedded 3000,Amd Epyc™  Embedded 7002,Amd Epyc™  Embedded 7003",4.6,MEDIUM,0.0005699999746866524,false,,false,false,false,,,false,false,,2023-11-14T19:15:00.000Z,0
CVE-2023-20521,https://securityvulnerability.io/vulnerability/CVE-2023-20521,TOCTOU Vulnerability in ASP Bootloader of AMD Products,"A time-of-check to time-of-use (TOCTOU) vulnerability exists within the ASP Bootloader utilized in certain AMD products. This security flaw allows an attacker with physical access to exploit the race condition during memory content verification. By tampering with SPI ROM records after the integrity check, the attacker could compromise confidentiality or potentially initiate a denial of service, undermining the reliability of the affected devices.",Amd,"Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics “picasso” Am4,Ryzen™ Threadripper™ 2000 Series Processors “colfax”,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Fp5,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics “picasso” Fp5,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors,Amd Epyc™ Embedded 3000,Amd Epyc™ Embedded 7002,Amd Epyc™ Embedded 7003,Amd Ryzen™ Embedded R1000,Amd Ryzen™ Embedded R2000,Amd Ryzen™ Embedded V1000",3.3,LOW,0.0005600000149570405,false,,false,false,false,,,false,false,,2023-11-14T19:15:00.000Z,0
CVE-2021-46774,https://securityvulnerability.io/vulnerability/CVE-2021-46774,Insufficient DRAM Address Validation in AMD System Management Unit,"The vulnerability in the System Management Unit (SMU) manifests as an insufficient validation of DRAM addresses. This flaw allows an attacker to read or write to invalid memory addresses, which could lead to instability and potential denial-of-service conditions. The issue is critical for systems relying on this management component, as it can compromise the security and reliability of the affected products.",Amd,"Ryzen™ 3000 Series Desktop Processors “matisse"",Amd Ryzen™ 5000 Series Desktop Processors “vermeer”,Amd Ryzen™ Threadripper™ 3000 Series Processors “castle Peak” Hedt,Amd Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws Sp3,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors  “chagall” Ws,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors,4th Gen Amd Epyc™ Processors,Amd Epyc™ Embedded 3000,Amd Epyc™ Embedded 7002,Amd Epyc™ Embedded 7003,Amd Ryzen™  Embedded 5000",6.7,MEDIUM,0.0010400000028312206,false,,false,false,false,,,false,false,,2023-11-14T18:52:11.012Z,0
CVE-2023-20569,https://securityvulnerability.io/vulnerability/CVE-2023-20569,Side Channel Vulnerability Affecting AMD Processors,"A side channel vulnerability has been identified in certain AMD CPUs, enabling attackers to manipulate the return address prediction. This flaw can result in speculative execution at addresses controlled by the attacker, which may lead to unauthorized information disclosure. It highlights the critical need for robust defensive measures to mitigate potential risks associated with speculative execution on affected processors.",Amd,"Ryzen™ 3000 Series Desktop Processors,Ryzen™ Pro 3000 Series Desktop Processors,Ryzen™ 3000 Series Desktop Processors With Radeon™ Graphics,Ryzen™ Pro 3000 Series Processors With Radeon™ Vega Graphics,Athlon™ 3000 Series Processors With Radeon™ Graphics,Athlon™ Pro 3000 Series Processors With Radeon™ Vega Graphics,Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics,Ryzen™ Pro 4000 Series Desktop Processors,Ryzen™ 5000 Series Desktop Processors,Ryzen™ 5000 Series Desktop Processors With Radeon™ Graphics,Ryzen™ Pro 5000 Series Desktop Processors,Ryzen™ Threadripper™ 2000 Series Processors,Ryzen™ Threadripper™ 5000 Series Processors,Ryzen™ Threadripper™ 3000 Series Processors,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics,Ryzen™ 5000 Series Processors With Radeon™ Graphics,Ryzen™ Pro 5000 Series Processors,Ryzen™ 6000 Series Processors With Radeon™ Graphics,Ryzen™ Pro 6000 Series Processors,Ryzen™ 7040 Series Processors With Radeon™ Graphics,Ryzen™ 7000 Series Processors,Ryzen™ 7000 Series Processors With Radeon™ Graphics,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™  Processors,4th Gen Amd Epyc™  Processors",4.7,MEDIUM,0.000699999975040555,false,,false,false,false,,,false,false,,2023-08-08T18:15:00.000Z,0
CVE-2023-20575,https://securityvulnerability.io/vulnerability/CVE-2023-20575,Power Side-Channel Vulnerability in AMD Processors,"A power side-channel vulnerability exists in certain AMD processors that allows an authenticated attacker to leverage power reporting features. By monitoring the power consumption of a program's execution within an AMD Secure Encrypted Virtualization (SEV) virtual machine, the attacker could potentially extract sensitive information. This vulnerability highlights the risks associated with power monitoring capabilities in virtualized environments.",Amd,"1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors,4th Gen Amd Epyc™ Processors",6.5,MEDIUM,0.0006000000284984708,false,,false,false,false,,,false,false,,2023-07-11T19:15:00.000Z,0
CVE-2023-20520,https://securityvulnerability.io/vulnerability/CVE-2023-20520,Improper Access Control in ASP Bootloader Affects AMD Products,"A flaw in the ASP Bootloader's access control settings may allow an attacker to manipulate the return address. This could result in a stack-based buffer overrun, possibly enabling the execution of arbitrary code. Adequate security measures are essential to mitigate the risk associated with this vulnerability.",Amd,"1st Gen Amd Epyc™,2nd Gen Amd Epyc™,3rd Gen Amd Epyc™",9.8,CRITICAL,0.003100000089034438,false,,false,false,false,,,false,false,,2023-05-09T19:15:00.000Z,0
CVE-2021-46756,https://securityvulnerability.io/vulnerability/CVE-2021-46756,Input Validation Flaw in AMD Secure Processor Bootloader,"The AMD Secure Processor bootloader exhibits an insufficient validation of user inputs in the SVC_MAP_USER_STACK. This flaw permits an attacker utilizing a compromised user application (Uapp) or a malicious ABL to issue malformed system calls to the bootloader, potentially leading to a denial of service and compromising the integrity of the system.",Amd,"Ryzen™ 2000 Series Desktop Processors “raven Ridge” Am4,Ryzen™ 2000 Series Desktop Processors “pinnacle Ridge”,Ryzen™ 3000 Series Desktop Processors “matisse” Am4,Amd Ryzen™ 5000 Series Desktop Processors “vermeer” Am4,Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics  “cezanne” Am4,2nd Gen Amd Ryzen™ Threadripper™ Processors “colfax”,3rd Gen Amd Ryzen™ Threadripper™ Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Ulp,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Ryzen™ 2000 Series Mobile Processors “raven Ridge” Fp5,Ryzen™ 3000 Series Mobile Processor, 2nd Gen Amd Ryzen™ Mobile Processors With Radeon™ Graphics “picasso”,Ryzen™ 3000 Series Mobile Processors With Radeon™ Graphics “renoir”,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “lucienne”,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “cezanne”,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors",9.1,CRITICAL,0.001019999966956675,false,,false,false,false,,,false,false,,2023-05-09T19:00:35.599Z,0
CVE-2021-26406,https://securityvulnerability.io/vulnerability/CVE-2021-26406,Insufficient Validation in AMD Secure Encrypted Virtualization Products,"This vulnerability arises from insufficient validation in parsing Owner's Certificate Authority (OCA) certificates in AMD Secure Encrypted Virtualization (SEV) systems. It poses a risk of host crashes that may lead to denial-of-service conditions, affecting the stability and reliability of applications relying on these technologies. Ensuring proper validation of these certificates is essential to mitigate potential disruptions and safeguard system integrity.",Amd,"Ryzen™ 2000 Series Desktop Processors “raven Ridge” Am4,Ryzen™ 2000 Series Desktop Processors “pinnacle Ridge”,Ryzen™ 3000 Series Desktop Processors “matisse” Am4,Amd Ryzen™ 5000 Series Desktop Processors “vermeer” Am4,2nd Gen Amd Ryzen™ Threadripper™ Processors “colfax”,3rd Gen Amd Ryzen™ Threadripper™ Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Ulp,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Ryzen™ 2000 Series Mobile Processors “raven Ridge” Fp5,Ryzen™ 3000 Series Mobile Processor, 2nd Gen Amd Ryzen™ Mobile Processors With Radeon™ Graphics “picasso”,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors",7.5,HIGH,0.0009699999936856329,false,,false,false,false,,,false,false,,2023-05-09T18:59:29.119Z,0
CVE-2021-26371,https://securityvulnerability.io/vulnerability/CVE-2021-26371,Information Disclosure in AMD Bootloader due to Malicious Applications,"A vulnerability exists in the AMD bootloader, where a compromised or malicious ABL (Application Boot Loader) or UApp (User Application) can exploit the system by sending a SHA256 system call to the bootloader. This improper handling may expose sensitive ASP (Application State Protocol) memory to userspace, potentially allowing unauthorized users to access confidential information stored within the system.",Amd,"Ryzen™ 2000 Series Desktop Processors “raven Ridge” Am4,Ryzen™ 3000 Series Desktop Processors “matisse” Am4,Amd Ryzen™ 5000 Series Desktop Processors “vermeer” Am4,3rd Gen Amd Ryzen™ Threadripper™ Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws,Ryzen™ Threadripper™ Pro Processors “chagall” Ws,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Ulp,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Ryzen™ 2000 Series Mobile Processors “raven Ridge” Fp5,Ryzen™ 3000 Series Mobile Processor, 2nd Gen Amd Ryzen™ Mobile Processors With Radeon™ Graphics “picasso”,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors",5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-05-09T18:59:16.122Z,0
CVE-2021-26356,https://securityvulnerability.io/vulnerability/CVE-2021-26356,TOCTOU Vulnerability in AMD Bootloader Affects SPI ROM Integrity,"A time-of-check to time-of-use (TOCTOU) vulnerability exists in the AMD ASP bootloader. This issue may allow an attacker to manipulate the SPI ROM after reading data into memory, which can lead to potential S3 data corruption and unintended information disclosure.",Amd,"Ryzen™ 3000 Series Desktop Processors “matisse” Am4,Amd Ryzen™ 5000 Series Desktop Processors “vermeer” Am4,3rd Gen Amd Ryzen™ Threadripper™ Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws,Ryzen™ Threadripper™ Pro Processors “chagall” Ws,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors",7.4,HIGH,0.002520000096410513,false,,false,false,false,,,false,false,,2023-05-09T18:58:48.108Z,0
CVE-2022-27672,https://securityvulnerability.io/vulnerability/CVE-2022-27672,Information Disclosure Vulnerability in AMD Processors with SMT Enabled,"This vulnerability allows certain AMD processors, when Simultaneous Multithreading (SMT) is enabled, to potentially disclose sensitive information. During a mode switch in SMT, instructions may be speculatively executed using a target from a sibling thread. This behavior poses a risk of information leakage, making it critical for users to implement the appropriate mitigations and stay informed about updates from AMD.",Amd,"1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,Athlon™ X4 Processor,Ryzen™ Threadripper™ Pro Processor,2nd Gen Amd Ryzen™ Threadripper™ Processors,3rd Gen Amd Ryzen™ Threadripper™ Processors,7th Generation Amd A-series Apus,Ryzen™ 2000 Series Processors,Ryzen™ 3000 Series Processors,Ryzen™ 4000 Series Processors,Ryzen™ 5000 Series Processors,Athlon™ Mobile Processors",4.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-03-01T08:15:00.000Z,0
CVE-2021-26408,https://securityvulnerability.io/vulnerability/CVE-2021-26408,Insufficient Validation in Elliptic Curve Points in SEV-Legacy Firmware by AMD,"The SEV-legacy firmware from AMD exhibits insufficient validation of elliptic curve points, which can lead to compromised migration processes for SEV-legacy guests. This vulnerability poses potential risks to both the integrity and confidentiality of guest systems, allowing attackers to exploit the flaw and threaten the secure operation of virtualized environments.",Amd,"1st Gen Amd Epyc™,2nd Gen Amd Epyc™",7.1,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-05-10T19:15:00.000Z,0
CVE-2021-26320,https://securityvulnerability.io/vulnerability/CVE-2021-26320,Insufficient Validation Vulnerability in AMD SEV Firmware,"A vulnerability exists in the AMD SEV Firmware due to insufficient validation of the AMD SEV Signing Key (ASK) during the SEND_START command. This security flaw could allow a local authenticated attacker to execute a denial of service attack against the Platform Security Processor (PSP), potentially impacting system availability and integrity. Users are advised to review security advisories and apply necessary patches to their systems.",Amd,"1st Gen Amd Epyc™,2nd Gen Amd Epyc™,3rd Gen Amd Epyc™",5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-11-16T19:15:00.000Z,0
CVE-2020-12954,https://securityvulnerability.io/vulnerability/CVE-2020-12954,Chipset Vulnerability in AMD Products,"A vulnerability exists in certain AMD integrated chipsets that could allow attackers to bypass protections on SPI ROM. This can lead to unauthorized modifications of the SPI ROM, potentially compromising the integrity and security of the system. It is crucial for users and organizations relying on affected AMD products to implement the necessary security measures and updates to safeguard their systems.",Amd,"1st Gen Amd Epyc™,2nd Gen Amd Epyc™,3rd Gen Amd Epyc™",5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-11-16T19:15:00.000Z,0
CVE-2021-26321,https://securityvulnerability.io/vulnerability/CVE-2021-26321,Denial of Service Vulnerability in SEV Firmware by AMD,"A vulnerability exists in the SEV Firmware due to insufficient validation of ID commands, which can potentially allow a local authenticated attacker to execute a denial of service against the Platform Security Processor (PSP). This flaw poses risks to system availability and could affect the overall integrity of the platform.",Amd,"1st Gen Amd Epyc™,2nd Gen Amd Epyc™,3rd Gen Amd Epyc™",5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-11-16T19:15:00.000Z,0
CVE-2021-26331,https://securityvulnerability.io/vulnerability/CVE-2021-26331,Arbitrary Code Execution Vulnerability in AMD System Management Unit,"The AMD System Management Unit (SMU) has a flaw that might allow a malicious actor to interfere with mailbox entries, potentially leading to unauthorized arbitrary code execution. This vulnerability poses significant security risks as it can be exploited to gain control of affected systems. It is crucial for users and organizations utilizing AMD products to remain vigilant and apply necessary updates.",Amd,"1st Gen Amd Epyc™,2nd Gen Amd Epyc™,3rd Gen Amd Epyc™",7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-11-16T19:15:00.000Z,0
CVE-2021-26330,https://securityvulnerability.io/vulnerability/CVE-2021-26330,Heap Overflow Vulnerability in AMD System Management Unit,"The AMD System Management Unit (SMU) has a vulnerability that can lead to a heap-based overflow. This issue may potentially result in resource loss, impacting the stability and functionality of affected systems. It is essential for users of AMD products to apply any available security updates to mitigate the risks associated with this vulnerability.",Amd,"1st Gen Amd Epyc™,2nd Gen Amd Epyc™,3rd Gen Amd Epyc™",5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-11-16T19:15:00.000Z,0
CVE-2021-26322,https://securityvulnerability.io/vulnerability/CVE-2021-26322,Security Flaw in AMD's Platform Private Key Management,"A security vulnerability in AMD's Platform Private Key Management could expose the persistent private key due to inadequate protection by a non-random initialization vector (IV). This flaw may allow attackers to perform a two time pad attack, potentially compromising the confidentiality of sensitive data. It is essential for users of this product to be aware of this issue and apply the necessary security measures outlined in the vendor's advisory.",Amd,"1st Gen Amd Epyc™,2nd Gen Amd Epyc™,3rd Gen Amd Epyc™",7.5,HIGH,0.0016799999866634607,false,,false,false,false,,,false,false,,2021-11-16T18:15:00.000Z,0
CVE-2021-26329,https://securityvulnerability.io/vulnerability/CVE-2021-26329,Integer Overflow Vulnerability in AMD System Management Unit,"The AMD System Management Unit (SMU) is susceptible to an integer overflow error when an invalid length is supplied. This flaw may lead to resource exhaustion, posing potential risks to system stability and security. It underscores the importance of validating input parameters to prevent such vulnerabilities from being exploited.",Amd,"1st Gen Amd Epyc™,2nd Gen Amd Epyc™,3rd Gen Amd Epyc™",5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-11-16T18:15:00.000Z,0