cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-31345,https://securityvulnerability.io/vulnerability/CVE-2023-31345,Improper Input Validation in AMD Products Leading to Potential Code Execution,"An improper input validation issue exists in the System Management Mode (SMM) handler of certain AMD processors. This vulnerability may allow a privileged attacker to manipulate the System Management RAM (SMRAM), which can potentially lead to unauthorized execution of arbitrary code. Attackers exploiting this flaw could gain increased privileges and perform malicious activities, making it crucial for users and organizations to apply the latest security patches and mitigate risks.",Amd,"Amd Epyc™ 7003 Processors,Amd Epyc™ 9004 Processors,Amd Instinct™ Mi300a,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 7000 Series Desktop Processors,Amd Ryzen™ 4000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 8000 Series Processor With Radeon™ Graphics,Amd Ryzen™ Threadripper™ Pro 5000wx- Series Desktop Processors,Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics,Amd Ryzen™ 6000 Series Processor With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processor With Radeon™ Graphics,Amd Ryzen™ 7040 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7000 Series Mobile Processors,Amd Epyc™ Embedded 7003,Amd Epyc™ Embedded 9004,Amd Ryzen™ Embedded 5000,Amd Ryzen™ Embedded 7000,Amd Ryzen™ Embedded V2000,Amd Ryzen™ Embedded V3000",7.5,HIGH,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-02-12T00:15:00.000Z,0
CVE-2023-31343,https://securityvulnerability.io/vulnerability/CVE-2023-31343,Improper Input Validation in SMM Handler on AMD Products,"The vulnerability arises from improper input validation in the System Management Mode (SMM) handler of various AMD processors, which could be exploited by a privileged attacker. If successfully exploited, this flaw allows the attacker to overwrite the System Management RAM (SMRAM), possibly enabling arbitrary code execution. This opens up significant security risks for systems utilizing these AMD products, making it critical to maintain up-to-date firmware and apply recommended security updates promptly.",Amd,"Amd Epyc™ 7003 Processors,Amd Epyc™ 9004 Processors,Amd Instinct™ Mi300a,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 7000 Series Desktop Processors,Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ 4000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 8000 Series Processor With Radeon™ Graphics,Amd Ryzen™ Threadripper™ Pro 5000wx- Series Desktop Processors,Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics,Amd Ryzen™ 6000 Series Processor With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processor With Radeon™ Graphics,Amd Ryzen™ 7040 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7000 Series Mobile Processors,Amd Epyc™ Embedded 7003,Amd Epyc™ Embedded 9004,Amd Ryzen™ Embedded R1000,Amd Ryzen™ Embedded R2000,Amd Ryzen™ Embedded 5000,Amd Ryzen™ Embedded 7000,Amd Ryzen™ Embedded V2000,Amd Ryzen™ Embedded V3000",7.5,HIGH,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-02-11T22:35:04.110Z,0
CVE-2023-31342,https://securityvulnerability.io/vulnerability/CVE-2023-31342,Improper Input Validation in SMM Handler Affects AMD Products,"A vulnerability exists in the System Management Mode (SMM) handler of certain AMD processors due to improper input validation. This security flaw enables a privileged attacker to overwrite System Management RAM (SMRAM), which may potentially lead to arbitrary code execution. It is essential for users and administrators of affected AMD products to apply security best practices and updates to mitigate this risk.",Amd,"Amd Epyc™ 7003 Processors,Amd Epyc™ 9004 Processors,Amd Instinct™ Mi300a,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 7000 Series Desktop Processors,Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ 4000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 8000 Series Processor With Radeon™ Graphics,Amd Ryzen™ Threadripper™ Pro 5000wx- Series Desktop Processors,Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics,Amd Ryzen™ 6000 Series Processor With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processor With Radeon™ Graphics,Amd Ryzen™ 7040 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7000 Series Mobile Processors,Amd Epyc™ Embedded 7003,Amd Epyc™ Embedded 9004,Amd Ryzen™ Embedded R1000,Amd Ryzen™ Embedded R2000,Amd Ryzen™ Embedded 5000,Amd Ryzen™ Embedded 7000,Amd Ryzen™ Embedded V2000,Amd Ryzen™ Embedded V3000",7.5,HIGH,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-02-11T22:24:02.153Z,0
CVE-2024-21925,https://securityvulnerability.io/vulnerability/CVE-2024-21925,Improper Input Validation in AmdPspP2CmboxV2 Driver by AMD,"The AmdPspP2CmboxV2 driver from AMD contains an improper input validation issue that could allow a privileged attacker to manipulate system memory. By exploiting this vulnerability, an attacker may overwrite SMRAM, leading to potential arbitrary code execution and compromising system integrity. This flaw underscores the importance of rigorous input validation processes in driver development to ensure system security.",Amd,"Amd Epyc™ 7001 Processors,Amd Epyc™ 7002 Processors,Amd Epyc™ 9004 Processors,Amd Epyc™ 7003 Processors,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 7000 Series Desktop Processors,Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ 4000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 8000 Series Processor With Radeon™ Graphics,Amd Ryzen™ Threadripper™ 3000 Series Processors,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors,Amd Ryzen™ Threadripper™ Pro 5000wx- Series Desktop Processors,Amd Ryzen™ Threadripper™ Pro 7000 Wx-series Processors,Amd Athlon™ 3000 Series Mobile  Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics,Amd Ryzen™ 6000 Series Processor With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processor With Radeon™ Graphics,Amd Ryzen™ 7040 Series Processors With Radeon™ Graphics,Amd Ryzen™ 8040 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 7000 Series Mobile Processors,Amd Epyc™ Embedded 3000,Amd Epyc™ Embedded 7002,Amd Epyc™ Embedded 7003,Amd Epyc™ Embedded 9004,Amd Ryzen™ Embedded 5000,Amd Ryzen™ Embedded 7000,Amd Ryzen™ Embedded V2000,Amd Ryzen™ Embedded V3000,Amd Ryzen™ Embedded 8000",8.2,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-11T20:39:03.746Z,0
CVE-2024-56161,https://securityvulnerability.io/vulnerability/CVE-2024-56161,Improper Signature Verification in AMD CPU Microcode Patch Loader,"A vulnerability exists in the AMD CPU ROM microcode patch loader, where improper signature verification can enable an attacker with local administrator privileges to load malicious microcode. This can compromise the confidentiality and integrity of sensitive information handled by a confidential guest operating within the Secure Encrypted Virtualization-Static Non-Precision (SEV-SNP) framework.",Amd,"Amd Epyc™ 7001 Series,Amd Epyc™ 7002 Series,Amd Epyc™ 7003 Series,Amd Epyc™ 9004 Series",7.2,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-03T17:24:01.185Z,974
CVE-2023-20591,https://securityvulnerability.io/vulnerability/CVE-2023-20591,Persistence of Untrusted Platform Configuration Risks Memory Access,"The vulnerability arises from the improper re-initialization of the Input/Output Memory Management Unit (IOMMU) during the Dynamic Root of Trust for Measurement (DRTM) event. This flaw may enable an untrusted platform configuration to persist, which could allow attackers to read or modify hypervisor memory. The repercussions of this vulnerability include potential threats to the confidentiality, integrity, and availability of the affected systems, marking significant concerns for users relying on AMD hypervisor technologies.",Amd,"Amd Epyc™ 7003  Series Processors,Amd Epyc™ 9004 Series Processors,Amd Epyc™ Embedded 7003 Series Processors,Amd Epyc™ Embedded 9003 Series Processors",10,CRITICAL,0.000910000002477318,false,,false,false,false,,,false,false,,2024-08-13T16:53:23.681Z,0
CVE-2023-20578,https://securityvulnerability.io/vulnerability/CVE-2023-20578,Attackers Can Modify Communications Buffer for Arbitrary Code Execution,"A vulnerability exists in the AMD BIOS stemming from a Time-of-Check Time-of-Use (TOCTOU) issue. This flaw can be exploited by attackers who have ring0 privileges and access to critical system components such as the BIOS menu or UEFI shell. By leveraging this vulnerability, an attacker could potentially alter the communications buffer, leading to the execution of arbitrary code. This capability raises significant security concerns as it may allow unauthorized access and control over affected systems.",Amd,"Amd Epyc™ 7001 Processors,Amd Epyc™ 7002 Processors,Amd Epyc™ 7003 Processors,Amd Epyc™ 9004 Processors,Amd Ryzen™ 7000 Series Desktop Processors,Amd Ryzen™ Threadripper™ Pro 5000wx Processors,Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics,Amd Epyc™ Embedded 3000,Amd Epyc™ Embedded 7002,Amd Epyc™ Embedded 7003,Amd Epyc™ Embedded 9003,Amd Ryzen™ Embedded 7000,Amd Ryzentm Embedded V3000",6.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-13T16:52:58.457Z,0
CVE-2023-20518,https://securityvulnerability.io/vulnerability/CVE-2023-20518,Potential Loss of Confidentiality Due to Incomplete BIOS Menu or UEFI Shell Cleanup,"A vulnerability exists in AMD's Advanced Security Platform due to incomplete cleanup processes. This flaw allows a privileged attacker, who has access to the BIOS menu or UEFI shell, to potentially expose the Master Encryption Key (MEK). The risk of memory exfiltration associated with this vulnerability may lead to a significant loss of confidentiality, allowing unauthorized access to sensitive information. Organizations using affected AMD products are urged to review their security measures and apply any available patches to mitigate the risks.",Amd,"Amd Epyc™ 9004 Series Processors,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 7000 Series Desktop Processors,Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ Threadripper™ 3000 Series Processors,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors,Amd Ryzen™ Threadripper™ Pro 5000wx Processors,Amd Athlon™ 3000 Series Mobile  Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Processors With Radeon™ Graphics,Amd Ryzen™ Embedded R1000 Series Processors,Amd Ryzen™ Embedded R2000 Series Processors,Amd Ryzen™ Embedded 5000 Series Processors,Amd Ryzen™ Embedded 7000 Series Processors,Amd Ryzen™ Embedded V1000 Series Processors,Amd Ryzen™ Embedded V2000 Series Processors,Amd Ryzen™ Embedded V3000 Series Processors",1.9,LOW,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-13T16:52:55.976Z,0
CVE-2021-46746,https://securityvulnerability.io/vulnerability/CVE-2021-46746,Potential Security Vulnerability in TEE Could Lead to Denial of Service,"A vulnerability exists in the ASP Secure OS Trusted Execution Environment (TEE) due to inadequate stack protection mechanisms. This flaw could be exploited by a privileged attacker who has access to AMD signing keys to manipulate the return address, leading to a stack-based buffer overrun. Such an attack may result in a denial of service, compromising the security and functionality of the affected systems. Organizations using AMD's TEE should implement necessary mitigations to protect against potential exploitation.",Amd,"Amd Epyc™ 7001 Processors,Amd Epyc™ 7002 Processors,Amd Epyc™ 7003 Processors,Amd Epyc™ 9004 Processors,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 7000 Series Desktop Processors,Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ Threadripper™ 3000 Series Processors,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors,Amd Ryzen™ Threadripper™ Pro 5000wx Processors,Amd Athlon™ 3000 Series Mobile  Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7045 Series Mobile Processors,Amd Epyc™ Embedded 3000 Series Processors,Amd Epyc™ Embedded 7002 Series Processors,Amd Epyc™ Embedded 7003 Series Processors,Amd Epyc™ Embedded 9003 Series Processors,Amd Ryzen™ Embedded R1000 Series Processors,Amd Ryzen™ Embedded R2000 Series Processors,Amd Ryzen™ Embedded 5000 Series Processors,Amd Ryzen™ Embedded 7000 Series Processors,Amd Ryzen™ Embedded V1000 Series Processors,Amd Ryzen™ Embedded V2000 Series Processors,Amd Ryzen™ Embedded V3000 Series Processors",5.2,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-13T16:50:51.023Z,0
CVE-2021-26387,https://securityvulnerability.io/vulnerability/CVE-2021-26387,Potential Mapping of DRAM Regions in Protected Areas Could Lead to Loss of Platform Integrity,"An access control vulnerability within the ASP kernel of AMD products can be exploited by an attacker with privileged access. This scenario involves the attacker having access to AMD signing keys and the BIOS menu or UEFI shell. By leveraging this access, the attacker could potentially map DRAM regions in protected areas, which may compromise the integrity of the platform. It highlights a significant concern for users relying on AMD technologies who must ensure proper access controls are enforced to mitigate risks.",Amd,"Amd Epyc™ 7001 Series Processors,Amd Epyc™ 7002 Series Processors,Amd Epyc™ 7003 Series Processors,Amd Epyc™ 9004 Series Processors,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 7000 Series Desktop Processors,Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ Threadripper™ 3000 Series Processors,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors,Amd Ryzen™ Threadripper™ Pro 5000wx Processors,Amd Athlon™ 3000 Series Mobile  Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Processors With Radeon™ Graphics,Amd Epyc™ Embedded 3000 Series Processors,Amd Epyc™ Embedded 7002 Series Processors,Amd Epyc™ Embedded 7003 Series Processors,Amd Epyc™ Embedded 9003 Series Processors,Amd Ryzen™ Embedded R1000 Series Processors,Amd Ryzen™ Embedded R2000 Series Processors,Amd Ryzen™ Embedded 5000 Series Processors,Amd Ryzen™ Embedded V1000 Series Processors,Amd Ryzen™ Embedded V2000 Series Processors,Amd Ryzen™ Embedded V3000 Series Processors",3.9,LOW,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-13T16:50:22.151Z,0