Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351254 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-36310 | 1 Amd | 15 Epyc 9004 Series Processors, Epyc 9005 Series Processors, Epyc Embedded 9004 Series Processors and 12 more | 2026-04-15 | N/A |
| Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or integrity. | ||||
| CVE-2024-36311 | 1 Amd | 5 Ryzen 5000 Series Desktop Processors, Ryzen 7000 Series Desktop Processors, Ryzen 7040 Series Mobile Processors With Radeon Graphics and 2 more | 2026-04-15 | N/A |
| A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability. | ||||
| CVE-2024-36316 | 1 Amd | 19 Radeon Pro V520, Radeon Pro V620, Radeon Pro V710 and 16 more | 2026-04-15 | 5.5 Medium |
| The integer overflow vulnerability within AMD Graphics driver could allow an attacker to bypass size checks potentially resulting in a denial of service | ||||
| CVE-2024-36328 | 2026-04-15 | 7.3 High | ||
| Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of integrity or availability. | ||||
| CVE-2024-36319 | 1 Amd | 14 Instinct Mi300a, Instinct Mi300x, Instinct Mi308x and 11 more | 2026-04-15 | N/A |
| Debug code left active in AMD's Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system. | ||||
| CVE-2024-36320 | 1 Amd | 28 Radeon Pro Vii, Radeon Pro W5000 Series, Radeon Pro W6000 Series and 25 more | 2026-04-15 | N/A |
| Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability | ||||
| CVE-2024-36321 | 2026-04-15 | 7.3 High | ||
| Unquoted search path within AIM-T Manageability Service can allow a local attacker to escalate privileges, potentially resulting in arbitrary code execution. | ||||
| CVE-2024-36324 | 1 Amd | 25 Amd Ryzen™ Ai 300 Series Processors, Radeon Pro V520, Radeon Pro V620 and 22 more | 2026-04-15 | 8.8 High |
| Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution. | ||||
| CVE-2024-36331 | 1 Amd | 3 Epyc, Epyc 9004, Epyc Embedded 9004 | 2026-04-15 | 3.2 Low |
| Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. | ||||
| CVE-2024-36336 | 2026-04-15 | 7.9 High | ||
| Integer overflow within the AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to a loss of confidentiality, integrity, or availability. | ||||
| CVE-2024-36337 | 2026-04-15 | 7.9 High | ||
| Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of confidentiality, integrity or availability. | ||||
| CVE-2024-36339 | 2026-04-15 | 7.3 High | ||
| A DLL hijacking vulnerability in the AMD Optimizing CPU Libraries could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | ||||
| CVE-2024-36342 | 1 Amd | 10 Athlon, Athlon 3000, Instinct Mi210 and 7 more | 2026-04-15 | 8.8 High |
| Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution. | ||||
| CVE-2024-36346 | 1 Amd | 2 Instinct Mi300a, Instinct Mi300x | 2026-04-15 | 6 Medium |
| Improper input validation in AMD Power Management Firmware (PMFW) could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition. | ||||
| CVE-2024-36347 | 2026-04-15 | 6.4 Medium | ||
| Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment. | ||||
| CVE-2024-36348 | 2026-04-15 | 3.8 Low | ||
| A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage. | ||||
| CVE-2024-36350 | 2026-04-15 | 5.6 Medium | ||
| A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. | ||||
| CVE-2024-36352 | 1 Amd | 11 Athlon, Athlon 3000, Radeon Instinct Mi25 and 8 more | 2026-04-15 | 8.4 High |
| Improper input validation in the AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary writes or denial of service. | ||||
| CVE-2024-36353 | 2026-04-15 | 6.5 Medium | ||
| Insufficient clearing of GPU global memory could allow a malicious process running on the same GPU to read left over memory values potentially leading to loss of confidentiality. | ||||
| CVE-2024-36354 | 1 Amd | 11 Athlon, Athlon 3000, Epyc and 8 more | 2026-04-15 | 7.5 High |
| Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to bypass SMM isolation potentially resulting in arbitrary code execution at the SMM level. | ||||