Filtered by vendor Amd
Subscribe
Total
182 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5183 | 2 Amd, Vmware | 2 Atidxx64, Workstation | 2020-01-30 | 6.8 MEDIUM | 9.0 CRITICAL |
| An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.10003, 26.20.13031.15006 and 26.20.13031.18002. A specially crafted pixel shader can cause a type confusion issue, leading to potential code execution. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. | |||||
| CVE-2019-5146 | 2 Amd, Vmware | 2 Atidxx64, Workstation | 2020-01-27 | 7.8 HIGH | 8.6 HIGH |
| An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13025.10004. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. | |||||
| CVE-2019-5124 | 2 Amd, Vmware | 2 Atidxx64, Workstation | 2020-01-27 | 7.8 HIGH | 8.6 HIGH |
| An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.50005. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. | |||||
| CVE-2019-5147 | 2 Amd, Vmware | 2 Atidxx64, Workstation | 2020-01-27 | 7.8 HIGH | 8.6 HIGH |
| An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13003.1007. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. | |||||
| CVE-2019-5098 | 3 Amd, Microsoft, Vmware | 6 Radeon 550, Radeon 550 Firmware, Radeon Rx 550 and 3 more | 2019-12-17 | 5.0 MEDIUM | 8.6 HIGH |
| An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. A specially crafted pixel shader can cause out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. | |||||
| CVE-2019-5049 | 1 Amd | 6 Radeon 550, Radeon 550 Firmware, Radeon Rx 550 and 3 more | 2019-11-07 | 7.5 HIGH | 10.0 CRITICAL |
| An exploitable memory corruption vulnerability exists in AMD ATIDXX64.DLL driver, versions 25.20.15031.5004 and 25.20.15031.9002. A specially crafted pixel shader can cause an out-of-bounds memory write. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. | |||||
| CVE-2018-8932 | 1 Amd | 4 Ryzen, Ryzen Firmware, Ryzen Pro and 1 more | 2019-10-02 | 9.3 HIGH | 9.0 CRITICAL |
| The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4. | |||||
| CVE-2018-8934 | 1 Amd | 4 Ryzen, Ryzen Firmware, Ryzen Pro and 1 more | 2019-10-02 | 9.3 HIGH | 9.0 CRITICAL |
| The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in firmware, aka CHIMERA-FW. | |||||
| CVE-2018-8933 | 1 Amd | 2 Epyc Server, Epyc Server Firmware | 2019-10-02 | 9.3 HIGH | 9.0 CRITICAL |
| The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and FALLOUT-3. | |||||
| CVE-2018-8931 | 1 Amd | 6 Ryzen, Ryzen Firmware, Ryzen Mobile and 3 more | 2019-10-02 | 9.3 HIGH | 9.0 CRITICAL |
| The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1. | |||||
| CVE-2018-8936 | 1 Amd | 8 Epyc Server, Epyc Server Firmware, Ryzen and 5 more | 2019-10-02 | 9.3 HIGH | 9.0 CRITICAL |
| The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor (PSP) privilege escalation. | |||||
| CVE-2018-8935 | 1 Amd | 4 Ryzen, Ryzen Firmware, Ryzen Pro and 1 more | 2019-10-02 | 9.3 HIGH | 9.0 CRITICAL |
| The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC, aka CHIMERA-HW. | |||||
| CVE-2015-7724 | 1 Amd | 1 Fglrx-driver | 2018-10-09 | 7.2 HIGH | 7.8 HIGH |
| AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. NOTE: This vulnerability exists due to an incomplete fix for CVE-2015-7723. | |||||
| CVE-2015-7723 | 1 Amd | 1 Fglrx-driver | 2018-10-09 | 7.2 HIGH | 7.8 HIGH |
| AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. | |||||
| CVE-2008-1615 | 2 Amd, Redhat | 3 Amd64, Enterprise Linux, Enterprise Linux Desktop | 2017-09-28 | 4.9 MEDIUM | N/A |
| Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls. | |||||
| CVE-2007-4574 | 3 Amd, Intel, Redhat | 3 Amd64, Ia64, Enterprise Linux | 2017-09-28 | 4.7 MEDIUM | N/A |
| Unspecified vulnerability in the "stack unwinder fixes" in kernel in Red Hat Enterprise Linux 5, when running on AMD64 and Intel 64, allows local users to cause a denial of service via unknown vectors. | |||||
| CVE-2008-3890 | 2 Amd, Freebsd | 2 Amd64, Freebsd | 2017-08-07 | 7.2 HIGH | N/A |
| The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an extra swapgs call after a General Protection Fault (GPF), which allows local users to gain privileges by triggering a GPF during the kernel's return from (1) an interrupt, (2) a trap, or (3) a system call. | |||||
| CVE-2017-7262 | 1 Amd | 1 Ryzen | 2017-03-29 | 4.9 MEDIUM | 5.5 MEDIUM |
| The AMD Ryzen processor with AGESA microcode through 2017-01-27 allows local users to cause a denial of service (system hang) via an application that makes a long series of FMA3 instructions, as demonstrated by the Flops test suite. | |||||
| CVE-2017-5925 | 5 Allwinner, Amd, Intel and 2 more | 20 A64, Athlon Ii 640 X4, E-350 and 17 more | 2017-03-01 | 5.0 MEDIUM | 7.5 HIGH |
| Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. | |||||
| CVE-2017-5926 | 5 Allwinner, Amd, Intel and 2 more | 20 A64, Athlon Ii 640 X4, E-350 and 17 more | 2017-03-01 | 5.0 MEDIUM | 7.5 HIGH |
| Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. | |||||