cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-20533,https://securityvulnerability.io/vulnerability/CVE-2023-20533,Insufficient DRAM Address Validation in AMD System Management Unit,"The vulnerability involves insufficient validation of DRAM addresses within the System Management Unit (SMU) of AMD products. This flaw may enable an attacker to manipulate the system's memory by reading from or writing to unauthorized DRAM addresses, potentially leading to system instability or a denial-of-service condition. For detailed information on the implications and recommended mitigations, please refer to the official AMD security bulletins.",Amd,"Ryzen™ 3000 Series Desktop Processors “matisse"",Amd Ryzen™ 5000 Series Desktop Processors “vermeer”,Amd Ryzen™ Threadripper™ 3000 Series Processors “castle Peak” Hedt,Amd Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws Sp3,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors  “chagall” Ws,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors,Amd Epyc™  Embedded 7002,Amd Epyc™  Embedded 7003,Amd Ryzen™  Embedded 5000,Amd Epyc™ Embedded 7002,Amd Epyc™ Embedded 7003",7.5,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2023-11-14T19:15:00.000Z,0
CVE-2022-23821,https://securityvulnerability.io/vulnerability/CVE-2022-23821,Improper Access Control Vulnerability in AMD System Management Mode,"This vulnerability involves improper access control within System Management Mode (SMM), which may permit an attacker to write to the Serial Peripheral Interface (SPI) ROM. Exploitation of this vulnerability could potentially lead to arbitrary code execution, posing significant security risks to affected systems. It is crucial for users and administrators of AMD platforms to be aware of this issue and implement necessary security measures to safeguard their environments.",Amd,"Ryzen™ 3000 Series Desktop Processors “matisse”,Ryzen™ 5000 Series Desktop Processors “vermeer”,Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics  “cezanne”,Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics “picasso” Am4,Ryzen™ Threadripper™ 2000 Series Processors “colfax”,Ryzen™ Threadripper™ 3000 Series Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws Sp3,Ryzen™ Threadripper™ Pro 3000wx Series Processors  “chagall” Ws,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Fp5,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics “picasso” Fp5,Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics “renoir” Fp6,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “lucienne”,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “cezanne”,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics ""rembrandt"",Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics “rembrandt-r”,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics  “barcelo”,Amd Ryzen™ 7030 Series Mobile Processors With Radeon™ Graphics “barcelo-r”,Amd Ryzen™  Embedded R1000,Amd Ryzen™  Embedded R2000,Amd Ryzen™  Embedded 5000,Amd Ryzen™  Embedded V1000,Amd Ryzen™  Embedded V2000,Amd Ryzen™  Embedded V3000",9.8,CRITICAL,0.0028200000524520874,false,,false,false,false,,,false,false,,2023-11-14T18:54:32.952Z,0
CVE-2022-23820,https://securityvulnerability.io/vulnerability/CVE-2022-23820,Buffer Validation Flaw in AMD Products,"A buffer validation flaw in AMD's SMM communication buffer poses a security risk by allowing potential attackers to corrupt the SMRAM. This vulnerability enables the possibility of executing arbitrary code, which can lead to unauthorized access and manipulation of the system. To mitigate this risk, users are advised to apply the latest security patches from AMD.",Amd,"Ryzen™ 3000 Series Desktop Processors “matisse"",Amd Ryzen™ 5000 Series Desktop Processors “vermeer”,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics  “cezanne”,Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics “picasso” Am4,Amd Ryzen™ Threadripper™ 2000 Series Processors “colfax”,Amd Ryzen™ Threadripper™ 3000 Series Processors “castle Peak” Hedt,Amd Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws Sp3,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors  “chagall” Ws,Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics “picasso” Fp5,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics “renoir” Fp6,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “lucienne”,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “cezanne”,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics ""rembrandt"",Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics “rembrandt-r”,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics  “barcelo”,Amd Ryzen™ 7030 Series Mobile Processors With Radeon™ Graphics “barcelo-r”,3rd Gen Amd Epyc™ Processors,Amd Epyc™ Embedded 7003",7.5,HIGH,0.002240000059828162,false,,false,false,false,,,false,false,,2023-11-14T18:52:21.457Z,0
CVE-2021-46774,https://securityvulnerability.io/vulnerability/CVE-2021-46774,Insufficient DRAM Address Validation in AMD System Management Unit,"The vulnerability in the System Management Unit (SMU) manifests as an insufficient validation of DRAM addresses. This flaw allows an attacker to read or write to invalid memory addresses, which could lead to instability and potential denial-of-service conditions. The issue is critical for systems relying on this management component, as it can compromise the security and reliability of the affected products.",Amd,"Ryzen™ 3000 Series Desktop Processors “matisse"",Amd Ryzen™ 5000 Series Desktop Processors “vermeer”,Amd Ryzen™ Threadripper™ 3000 Series Processors “castle Peak” Hedt,Amd Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws Sp3,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors  “chagall” Ws,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,3rd Gen Amd Epyc™ Processors,4th Gen Amd Epyc™ Processors,Amd Epyc™ Embedded 3000,Amd Epyc™ Embedded 7002,Amd Epyc™ Embedded 7003,Amd Ryzen™  Embedded 5000",6.7,MEDIUM,0.0010400000028312206,false,,false,false,false,,,false,false,,2023-11-14T18:52:11.012Z,0
CVE-2021-46766,https://securityvulnerability.io/vulnerability/CVE-2021-46766,Improper Data Clearing in ASP Bootloader Affects AMD Products,"The ASP Bootloader from AMD has a vulnerability that arises from improper clearing of sensitive data. This flaw can allow a privileged attacker to access secret keys stored in the ASP SRAM, leading to potential confidentiality compromises. The issue underscores the importance of rigorous data management practices in hardware security to prevent unauthorized data access.",Amd,"Ryzen™ Threadripper™ Pro 3000wx Series Processors  “chagall” Ws,4th Gen Amd Epyc™ Processors,Amd Epyc™ Embedded 9003",2.5,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-11-14T18:51:58.036Z,0
CVE-2023-20594,https://securityvulnerability.io/vulnerability/CVE-2023-20594,Improper Variable Initialization in AMD DXE Driver,"The vulnerability arises from improper variable initialization in the DXE driver, which may enable a privileged user to exploit this flaw and potentially leak sensitive information through local access. Organizations using affected versions of the AMD DXE driver should apply the latest security patch to mitigate the risk of information exposure.",AMD,"Ryzen™ 3000 Series Desktop Processors “Matisse”,Ryzen™ 5000 Series Desktop Processors “Vermeer” ,Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics  “Cezanne” ,Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics “Renoir” AM4,Ryzen™ Threadripper™ 3000 Series Processors “Castle Peak” HEDT,Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS SP3,Ryzen™ Threadripper™ PRO 3000WX Series Processors “Chagall” WS SP3,Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics “Renoir” FP6,Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne” ,Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”,Ryzen™ 6000 Series Mobile Processors with Radeon™ Graphics ""Rembrandt"",Ryzen™ 7035 Series Mobile Processors with Radeon™ Graphics ""Rembrandt-R"",Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics ""Barcelo"",Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics “Barcelo-R” ,3rd Gen AMD EPYC™ Processors",4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-09-20T18:15:00.000Z,0
CVE-2023-20597,https://securityvulnerability.io/vulnerability/CVE-2023-20597,Improper Variable Initialization in AMD DXE Driver,"A vulnerability has been identified in the AMD DXE Driver due to improper initialization of variables. This flaw permits a privileged user to exploit local access, potentially allowing them to leak sensitive information. Addressing this issue is critical to maintaining data confidentiality and user trust.",Amd,"Ryzen™ 3000 Series Desktop Processors “matisse”,Ryzen™ 5000 Series Desktop Processors “vermeer”,Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics  “cezanne”,Ryzen™ Threadripper™ 3000 Series Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws Sp3,Ryzen™ Threadripper™ Pro 3000wx Series Processors “chagall” Ws Sp3,Ryzen™ 6000 Series Mobile Processors With Radeon™ Graphics ""rembrandt"",Ryzen™ 7035 Series Mobile Processors With Radeon™ Graphics ""rembrandt-r"",Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics ""barcelo"",Ryzen™ 7030 Series Mobile Processors With Radeon™ Graphics “barcelo-r”",5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-09-20T18:15:00.000Z,0