Every CVE whose affected-product data names Amd Radeon Software, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (52)
CVE-2023-20586 — CVSS 9.8 (critical): A potential vulnerability was reported in Radeon™ Software Crimson ReLive Edition which may allow escalation of privilege. Radeon™…
CVE-2020-12892 — CVSS 7.8 (high): An untrusted search path in AMD Radeon settings Installer may lead to a privilege escalation or unauthorized code execution.
CVE-2020-12893 — CVSS 7.8 (high): Stack Buffer Overflow in AMD Graphics Driver for Windows 10 in Escape 0x15002a may lead to escalation of privilege or denial of service.
CVE-2020-12895 — CVSS 7.8 (high): Pool/Heap Overflow in AMD Graphics Driver for Windows 10 in Escape 0x110037 may lead to escalation of privilege, information disclosure or…
CVE-2024-36333 — CVSS 7.8 (high): A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in…
CVE-2020-12903 — CVSS 7.8 (high): Out of Bounds Write and Read in AMD Graphics Driver for Windows 10 in Escape 0x6002d03 may lead to escalation of privilege or denial of…
CVE-2020-12929 — CVSS 7.8 (high): Improper parameters validation in some trusted applications of the PSP contained in the AMD Graphics Driver may allow a local attacker to…
CVE-2020-12930 — CVSS 7.8 (high): Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially…
CVE-2020-12931 — CVSS 7.8 (high): Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges…
CVE-2020-12963 — CVSS 7.8 (high): An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the…
CVE-2020-12964 — CVSS 7.8 (high): A potential privilege escalation/denial of service issue exists in the AMD Radeon Kernel Mode driver Escape 0x2000c00 Call handler. An…
CVE-2020-12980 — CVSS 7.8 (high): An out of bounds write and read vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of…
CVE-2020-12981 — CVSS 7.8 (high): An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially…
CVE-2020-12982 — CVSS 7.8 (high): An invalid object pointer free vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of…
CVE-2020-12983 — CVSS 7.8 (high): An out of bounds write vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privileges or denial of service.
CVE-2020-12985 — CVSS 7.8 (high): An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of…
CVE-2020-12986 — CVSS 7.8 (high): An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may cause arbitrary code execution in the…
CVE-2021-26317 — CVSS 7.8 (high): Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify SPI flash resulting in a potential arbitrary…
CVE-2021-26360 — CVSS 7.8 (high): An attacker with local access to the system can make unauthorized modifications of the security configuration of the SOC registers. This…
CVE-2021-26369 — CVSS 7.8 (high): A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in…
CVE-2021-26391 — CVSS 7.8 (high): Insufficient verification of multiple header signatures while loading a Trusted Application (TA) may allow an attacker with privileges to…
CVE-2021-26392 — CVSS 7.8 (high): Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with…
CVE-2023-20548 — CVSS 7.8 (high): A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting…
CVE-2023-20598 — CVSS 7.8 (high): An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain…
CVE-2023-31324 — CVSS 7.8 (high): A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global…
CVE-2020-12891 — CVSS 7.8 (high): AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL…
CVE-2020-12898 — CVSS 7.8 (high): Stack Buffer Overflow in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.
CVE-2020-12900 — CVSS 7.8 (high): An arbitrary write vulnerability in the AMD Radeon Graphics Driver for Windows 10 potentially allows unprivileged users to gain Escalation…
CVE-2020-12902 — CVSS 7.8 (high): Arbitrary Decrement Privilege Escalation in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.
CVE-2023-31320 — CVSS 7.5 (high): Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in…
CVE-2024-21937 — CVSS 7.3 (high): Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege escalation potentially…
CVE-2020-12899 — CVSS 7.1 (high): Arbitrary Read in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or denial of service.
CVE-2021-26362 — CVSS 7.1 (high): A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call which results in mapping sensitive…
CVE-2021-26366 — CVSS 7.1 (high): An attacker, who gained elevated privileges via some other vulnerability, may be able to read data from Boot ROM resulting in a loss of…
CVE-2020-12894 — CVSS 7.1 (high): Arbitrary Write in AMD Graphics Driver for Windows 10 in Escape 0x40010d may lead to arbitrary write to kernel memory or denial of service.
CVE-2023-20568 — CVSS 6.7 (medium): Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch…
CVE-2023-20567 — CVSS 6.7 (medium): Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch…
CVE-2021-26367 — CVSS 5.7 (medium): A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address…
CVE-2020-12987 — CVSS 5.5 (medium): A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass.
CVE-2020-12901 — CVSS 5.5 (medium): Arbitrary Free After Use in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or information disclosure.
CVE-2020-12904 — CVSS 5.5 (medium): Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004203 may lead to arbitrary information disclosure.
CVE-2020-12905 — CVSS 5.5 (medium): Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004403 may lead to arbitrary information disclosure.
CVE-2020-12920 — CVSS 5.5 (medium): A potential denial of service issue exists in the AMD Display driver Escape 0x130007 Call handler. An attacker with low privilege could…
CVE-2021-26361 — CVSS 5.5 (medium): A malicious or compromised User Application (UApp) or AGESA Boot Loader (ABL) could be used by an attacker to exfiltrate arbitrary memory…
CVE-2020-12960 — CVSS 5.5 (medium): AMD Graphics Driver for Windows 10, amdfender.sys may improperly handle input validation on InputBuffer which may result in a denial of…
CVE-2021-26393 — CVSS 5.5 (medium): Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE) may allow an authenticated attacker with…
CVE-2021-46748 — CVSS 5.5 (medium): Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is…
CVE-2023-20510 — CVSS 4.7 (medium): An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially…
CVE-2021-26363 — CVSS 4.4 (medium): A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the…
CVE-2023-31307 — CVSS 2.3 (low): Improper validation of array index in Power Management Firmware (PMFW) may allow a privileged attacker to cause an out-of-bounds memory…