Shodan
Vulnerabilities
Vulnerable Software
Amd:  Security Vulnerabilities
CVE-2024-21946
Incorrect default permissions in the AMD RyzenTM Master Utility installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
CVSS Score
7.3
EPSS Score
0.002
Published
2024-11-12
CVE-2024-21949
Improper validation of user input in the NPU driver could allow an attacker to provide a buffer with unexpected size, potentially leading to system crash.
CVSS Score
5.5
EPSS Score
0.002
Published
2024-11-12
CVE-2024-21937
Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
CVSS Score
7.3
EPSS Score
0.003
Published
2024-11-12
CVE-2023-31341
Insufficient validation of the Input Output Control (IOCTL) input buffer in AMD μProf may allow an authenticated attacker to cause an out-of-bounds write, potentially causing a Windows® OS crash, resulting in denial of service.
CVSS Score
7.3
EPSS Score
0.001
Published
2024-08-13
CVE-2023-31348
A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
CVSS Score
7.3
EPSS Score
0.002
Published
2024-08-13
CVE-2023-31349
Incorrect default permissions in the AMD μProf installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
CVSS Score
7.3
EPSS Score
0.002
Published
2024-08-13
CVE-2023-31366
Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service.
CVSS Score
3.3
EPSS Score
0.002
Published
2024-08-13
CVE-2023-31307
Improper validation of array index in Power Management Firmware (PMFW) may allow a privileged attacker to cause an out-of-bounds memory read within PMFW, potentially leading to a denial of service.
CVSS Score
2.3
EPSS Score
0.002
Published
2024-08-13
CVE-2023-31339
Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.
CVSS Score
4.8
EPSS Score
0.002
Published
2024-08-13
CVE-2023-20578
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-08-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved