Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.8

HIGH

CVE-2021-26384

A malformed SMI (System Management Interface) command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentially leading to out-of-bounds memory reads and writes when triggering an SMI resulting in a potential loss of reso...

Affected Products : athlon_gold_3150u_firmware athlon_silver_3050u_firmware ryzen_3_2200u_firmware ryzen_3_2300u_firmware ryzen_3_5125c_firmware ryzen_3_5300g_firmware ryzen_3_5300ge_firmware ryzen_3_5400u_firmware ryzen_3_5425c_firmware ryzen_3_5425u_firmware +94 more products
EPSS Score: %0.14

Published: Jul. 14, 2022

Modified: Nov. 21, 2024
4.4

MEDIUM

CVE-2021-26382

An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor (ACP,) irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting...

Affected Products : ryzen_3_5125c_firmware ryzen_3_5300g_firmware ryzen_3_5300ge_firmware ryzen_3_5400u_firmware ryzen_3_5425c_firmware ryzen_3_5425u_firmware ryzen_5_5560u_firmware ryzen_5_5600g_firmware ryzen_5_5600ge_firmware ryzen_5_5600h_firmware +60 more products
EPSS Score: %0.12

Published: Jul. 14, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26378

Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service....

Affected Products : epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware epyc_7552_firmware epyc_7542_firmware +157 more products
EPSS Score: %0.07

Published: May. 11, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26376

Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features potentially resulting in denial of resources and/or denial of service....

Affected Products : epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware epyc_7552_firmware epyc_7542_firmware +157 more products
EPSS Score: %0.07

Published: May. 11, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26375

Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service....

Affected Products : epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware epyc_7552_firmware epyc_7542_firmware +157 more products
EPSS Score: %0.06

Published: May. 11, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26373

Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service....

Affected Products : epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware epyc_7552_firmware epyc_7542_firmware +165 more products
EPSS Score: %0.07

Published: May. 11, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26372

Insufficient bound checks related to PCIE in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service....

Affected Products : epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware epyc_7552_firmware epyc_7542_firmware +78 more products
EPSS Score: %0.07

Published: May. 11, 2022

Modified: Nov. 21, 2024
7.1

HIGH

CVE-2021-26370

Improper validation of destination address in SVC_LOAD_FW_IMAGE_BY_INSTANCE and SVC_LOAD_BINARY_BY_ATTRIB in a malicious UApp or ABL may allow an attacker to overwrite arbitrary bootloader memory with SPI ROM contents resulting in a loss of integrity and ...

Affected Products : epyc_7h12_firmware epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware epyc_7552_firmware +88 more products
EPSS Score: %0.13

Published: May. 10, 2022

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2021-26369

A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses....

Affected Products : athlon_3050ge_firmware athlon_3150g_firmware athlon_3150ge_firmware ryzen_3_2200u_firmware ryzen_3_2300u_firmware ryzen_3_5125c_firmware ryzen_3_5400u_firmware ryzen_3_5425c_firmware ryzen_3_5425u_firmware ryzen_5_2500u_firmware +89 more products
EPSS Score: %0.14

Published: May. 12, 2022

Modified: Nov. 21, 2024
4.9

MEDIUM

CVE-2021-26368

Insufficient check of the process type in Trusted OS (TOS) may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in a denial of service....

Affected Products : ryzen_3_2200u_firmware ryzen_3_2300u_firmware ryzen_3_5125c_firmware ryzen_3_5400u_firmware ryzen_3_5425c_firmware ryzen_3_5425u_firmware ryzen_5_2500u_firmware ryzen_5_2600_firmware ryzen_5_2600h_firmware ryzen_5_2600x_firmware +130 more products
EPSS Score: %0.06

Published: May. 12, 2022

Modified: Nov. 21, 2024
7.1

HIGH

CVE-2021-26366

An attacker, who gained elevated privileges via some other vulnerability, may be able to read data from Boot ROM resulting in a loss of system integrity....

Affected Products : athlon_3050ge_firmware athlon_3150g_firmware athlon_3150ge_firmware ryzen_3_2200u_firmware ryzen_3_2300u_firmware ryzen_3_5125c_firmware ryzen_3_5400u_firmware ryzen_3_5425c_firmware ryzen_3_5425u_firmware ryzen_5_2500u_firmware +115 more products
EPSS Score: %0.13

Published: May. 12, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26364

Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service....

Affected Products : epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware epyc_7552_firmware epyc_7542_firmware +78 more products
EPSS Score: %0.08

Published: May. 11, 2022

Modified: Nov. 21, 2024
4.4

MEDIUM

CVE-2021-26363

A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area, potentially leading to data exposure....

Affected Products : ryzen_3_5125c_firmware ryzen_3_5400u_firmware ryzen_3_5425c_firmware ryzen_3_5425u_firmware ryzen_5_5560u_firmware ryzen_5_5600h_firmware ryzen_5_5600hs_firmware ryzen_5_5600u_firmware ryzen_5_5600x_firmware ryzen_5_5625c_firmware +57 more products
EPSS Score: %0.12

Published: May. 12, 2022

Modified: Nov. 21, 2024
7.1

HIGH

CVE-2021-26362

A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call which results in mapping sensitive System Management Network (SMN) registers leading to a loss of integrity and availability....

Affected Products : athlon_3050ge_firmware athlon_3150g_firmware athlon_3150ge_firmware ryzen_3_2200u_firmware ryzen_3_2300u_firmware ryzen_3_5125c_firmware ryzen_3_5400u_firmware ryzen_3_5425c_firmware ryzen_3_5425u_firmware ryzen_5_2500u_firmware +61 more products
EPSS Score: %0.13

Published: May. 12, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26361

A malicious or compromised User Application (UApp) or AGESA Boot Loader (ABL) could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure....

Affected Products : athlon_3050ge_firmware athlon_3150g_firmware athlon_3150ge_firmware ryzen_3_2200u_firmware ryzen_3_2300u_firmware ryzen_3_5125c_firmware ryzen_3_5400u_firmware ryzen_3_5425c_firmware ryzen_3_5425u_firmware ryzen_5_2500u_firmware +61 more products
EPSS Score: %0.13

Published: May. 12, 2022

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2021-26353

Failure to validate inputs in SMM may allow an attacker to create a mishandled error leaving the DRTM UApp in a partially initialized state potentially resulting in loss of memory integrity. ...

Affected Products : epyc_72f3_firmware epyc_7313_firmware epyc_7313p_firmware epyc_7343_firmware epyc_7373x_firmware epyc_73f3_firmware epyc_7413_firmware epyc_7443_firmware epyc_7443p_firmware epyc_7453_firmware +36 more products
EPSS Score: %0.13

Published: May. 10, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26352

Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service....

Affected Products : ryzen_3_5300g_firmware ryzen_3_5300ge_firmware ryzen_5_2600_firmware ryzen_5_2600x_firmware ryzen_5_2700x_firmware ryzen_5_5600g_firmware ryzen_5_5600ge_firmware ryzen_5_5600x_firmware ryzen_7_5700g_firmware ryzen_7_5700ge_firmware +50 more products
EPSS Score: %0.13

Published: May. 10, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26351

Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA (Direct Memory Access) read/write from/to invalid DRAM address that could result in denial of service....

Affected Products : ryzen_3_5125c_firmware ryzen_3_5400u_firmware ryzen_3_5425c_firmware ryzen_3_5425u_firmware ryzen_5_5560u_firmware ryzen_5_5600h_firmware ryzen_5_5600hs_firmware ryzen_5_5600u_firmware ryzen_5_5600x_firmware ryzen_5_5625c_firmware +88 more products
EPSS Score: %0.13

Published: May. 12, 2022

Modified: Nov. 21, 2024
4.7

MEDIUM

CVE-2021-26350

A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a message port register which may result in a potential denial of service....

Affected Products : epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware epyc_7552_firmware epyc_7542_firmware +78 more products
EPSS Score: %0.05

Published: May. 11, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-26349

Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA)....

Affected Products : epyc_72f3_firmware epyc_7313_firmware epyc_7313p_firmware epyc_7343_firmware epyc_7373x_firmware epyc_73f3_firmware epyc_7413_firmware epyc_7443_firmware epyc_7443p_firmware epyc_7453_firmware +36 more products
EPSS Score: %0.07

Published: May. 11, 2022

Modified: Nov. 21, 2024

Showing 20 of 291401 Results

Latest CVE Feed

7.8

4.4

5.5

5.5

5.5

5.5

5.5

7.1

7.8

4.9

7.1

5.5

4.4

7.1

5.5

7.8

5.5

5.5

4.7

5.5

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable