Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Amd Subscribe
Filtered by product Ryzen
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-26318 1 Amd 10 Athlon, Athlon Firmware, Athlon Pro and 7 more 2021-10-20 1.9 LOW 4.7 MEDIUM
A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD CPUs could potentially result in leaked kernel address space information.
CVE-2018-8930 1 Amd 8 Epyc Server, Epyc Server Firmware, Ryzen and 5 more 2020-08-24 9.3 HIGH 9.0 CRITICAL
The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3.
CVE-2018-8936 1 Amd 8 Epyc Server, Epyc Server Firmware, Ryzen and 5 more 2019-10-02 9.3 HIGH 9.0 CRITICAL
The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor (PSP) privilege escalation.
CVE-2018-8932 1 Amd 4 Ryzen, Ryzen Firmware, Ryzen Pro and 1 more 2019-10-02 9.3 HIGH 9.0 CRITICAL
The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4.
CVE-2018-8934 1 Amd 4 Ryzen, Ryzen Firmware, Ryzen Pro and 1 more 2019-10-02 9.3 HIGH 9.0 CRITICAL
The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in firmware, aka CHIMERA-FW.
CVE-2018-8931 1 Amd 6 Ryzen, Ryzen Firmware, Ryzen Mobile and 3 more 2019-10-02 9.3 HIGH 9.0 CRITICAL
The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1.
CVE-2018-8935 1 Amd 4 Ryzen, Ryzen Firmware, Ryzen Pro and 1 more 2019-10-02 9.3 HIGH 9.0 CRITICAL
The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC, aka CHIMERA-HW.
CVE-2017-7262 1 Amd 1 Ryzen 2017-03-29 4.9 MEDIUM 5.5 MEDIUM
The AMD Ryzen processor with AGESA microcode through 2017-01-27 allows local users to cause a denial of service (system hang) via an application that makes a long series of FMA3 instructions, as demonstrated by the Flops test suite.