Skip to main content

Amd

Vendor security scorecard – 459 CVEs in the selected period

Period: 30d 90d 6m 1y All
Risk 979
459
CVEs
18
Critical
151
High
1
KEV
18
PoC
89
Unpatched C/H
67.8%
Patch Rate
0.6%
Avg EPSS

Severity Breakdown

CRITICAL
18
HIGH
151
MEDIUM
278
LOW
6

Monthly CVE Trend

Top Risky CVEs

CVE Summary Severity CVSS EPSS Priority Signals
CVE-2021-22986 On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3 amd BIG-IQ 7.1.0.x before 7.1.0.3 and 7.0.0.x before. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. CRITICAL 9.8 99.9% 84
KEV PoC No patch
CVE-2020-6100 An exploitable memory corruption vulnerability exists in AMD atidxx64.dll 26.20.15019.19000 graphics driver. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. CRITICAL 9.9 2.1% 70
PoC No patch
CVE-2020-6101 An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. CRITICAL 9.9 2.8% 70
PoC No patch
CVE-2020-6102 An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. CRITICAL 9.9 2.8% 70
PoC No patch
CVE-2020-6103 An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. CRITICAL 9.9 2.8% 70
PoC No patch
CVE-2018-6546 plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, executes code at a user-defined (local or SMB) path as. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. CRITICAL 9.8 18.1% 69
PoC No patch
CVE-2020-12138 AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. HIGH 8.8 3.3% 64
PoC No patch
CVE-2021-3653 A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available. HIGH 8.8 0.4% 64
PoC
CVE-2019-5098 An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. HIGH 8.6 2.0% 63
PoC No patch
CVE-2015-7723 AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available. HIGH 7.8 0.0% 59
PoC No patch
CVE-2015-7724 AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available. HIGH 7.8 0.0% 59
PoC No patch
CVE-2020-8950 The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available. HIGH 7.8 1.0% 59
PoC No patch
CVE-2023-1048 A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM Calculator 1.2.0.5.sys. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available. HIGH 7.8 0.6% 59
PoC No patch
CVE-2017-5926 Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. HIGH 7.5 0.4% 58
PoC No patch
CVE-2021-29657 arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests, aka. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. Public exploit code available. HIGH 7.4 0.4% 57
PoC

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy