CVE-2023-31317

Improper restriction of operations within the bounds of a memory buffer in the AMD secure processer ASP could allow an attacker to read or write to protected memory potentially resulting in arbitrary code execution...

EUVD-2024-55590

A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...

EUVD-2025-209879

Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...

CVE-2025-66664

AMD Secure Processor (ASP) TEE SOC Driver is affected by CVE-2025-66664 due to insufficient parameter sanitization, enabling a local attacker to issue a malformed DRV_SOC_CMD_ID_LOAD_GFX_IP_FW SR-IOV command and trigger an out-of-bounds read, potentially exposing SOC Driver memory contents or cau...

CVE-2025-0040

CVE-2025-0040 describes an improper access control between JTAG and AXI that could let an attacker with physical access read or overwrite cross-chip debug (XCD) registers, potentially affecting data integrity and confidentiality. The vulnerability affects the AMD ecosystem context referenced in A...

CVE-2025-0040

Improper access control between the Joint Test Action Group JTAG and Advanced Extensible Interface AXI could allow an attacker with physical access to read or overwrite the contents of cross-chip debug XCD registers potentially resulting in loss of data integrity or confidentiality...

CVE-2025-0040

Improper access control between the Joint Test Action Group JTAG and Advanced Extensible Interface AXI could allow an attacker with physical access to read or overwrite the contents of cross-chip debug XCD registers potentially resulting in loss of data integrity or confidentiality...

CVE-2025-0040

Improper access control between the Joint Test Action Group JTAG and Advanced Extensible Interface AXI could allow an attacker with physical access to read or overwrite the contents of cross-chip debug XCD registers potentially resulting in loss of data integrity or confidentiality...

EUVD-2025-209873

Improper access control between the Joint Test Action Group JTAG and Advanced Extensible Interface AXI could allow an attacker with physical access to read or overwrite the contents of cross-chip debug XCD registers potentially resulting in loss of data integrity or confidentiality...

EUVD-2025-209874

An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to write to an arbitrary memory address resulting in denial of service or arbitrary code execution...

CVE-2025-0028

An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability...

CVE-2025-29936

Improper input validation within the AMD Platform Management Framework PMF could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality...

CVE-2025-52540

An improper input validation vulnerability within the AMD Platform Management Framework PMF Driver can allow a local attacker to write Out-of-Bounds, potentially resulting in privilege escalation...

CVE-2025-52540

The CVE-2025-52540 entry concerns the AMD Platform Management Framework (PMF) Driver. The issue is an improper input validation that allows a local attacker to perform an Out-of-Bounds write, potentially enabling privilege escalation. According to the referenced AMD security bulletin, this vulner...

EUVD-2025-209866

An improper input validation vulnerability within the AMD Platform Management Framework PMF driver can allow a local attacker to read or write Out-of-Bounds, potentially resulting in privilege escalation...

CVE-2025-48519

An improper input validation vulnerability within the AMD Platform Management Framework PMF driver can allow a local attacker to read or write Out-of-Bounds, potentially resulting in privilege escalation...

EUVD-2026-30497

Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...

CVE-2025-48512

CVE-2025-48512 affects the AMD GPIO installation directory where incorrect default permissions could enable local privilege escalation and arbitrary code execution. Root cause: improper default permissions. Impact: local attacker could escalate privileges; CVSS 4.0/7.0 high. Affected: AMD GPIO/in...

EUVD-2024-55585

Improper input validation in the AMD OverDrive AOD System Management Mode SMM module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality...

CVE-2024-36345

CVE-2024-36345 concerns the AMD OverDrive (AOD) System Management Mode (SMM) module. The issue is described as improper input validation in the AOD SMM, enabling a privileged attacker to perform an out-of-bounds read and potentially cause loss of confidentiality. Affected component: AMD OverDrive...