CVE Tools

amd

Hardware FirmwareUScommercial

439

Cumulative CVEs

33

Monthly snapshots

#17

Peak rank

Top products

amd µprof2 amd epyc™ embedded 9004 series processors (formerly codenamed "genoa")1 amd epyc™ embedded 9005 series processors1

Latest CVEs

The 15 most recently published vulnerabilities affecting amd.

CVE-2024-21944Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root o...5.3Jun 10, 2026
CVE-2026-28237Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potentially leading to a loss of availability.5.5Jun 9, 2026
CVE-2026-0466Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service.5.5Jun 9, 2026
CVE-2026-49121AI Tensor Engine for ROCm (AITER) 0.1.14 Unauthenticated RCE via MessageQueue.recv() Pickle Deserialization8.1Jun 1, 2026
CVE-2025-54518Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially re...7.0May 15, 2026
CVE-2024-36333A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.7.8May 15, 2026
CVE-2025-54502Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resul...7.5Apr 16, 2026
CVE-2023-20585Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting ...5.3Apr 16, 2026
CVE-2024-21961Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service atta...6.3Feb 12, 2026
CVE-2025-54519A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.7.3Feb 12, 2026
CVE-2025-52533Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentiality or integrity.7.7Feb 12, 2026
CVE-2023-31313An unintended proxy or intermediary in the AMD power management firmware (PMFW) could allow a privileged attacker to send malformed messages to the system management unit (SMU) potentially resultin...7.2Feb 12, 2026
CVE-2025-52541A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.7.3Feb 11, 2026
CVE-2023-20548A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability.7.8Feb 11, 2026
CVE-2023-31324A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they ...7.8Feb 11, 2026