|
2061
|
- |
|
-
|
-
|
Insufficient parameter sanitization in AMD Secure Processor (ASP) TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_LOAD_GFX_IP_FW SR-IOV command to cause out-of-bounds read,…
|
CWE-125
Out-of-bounds Read
|
CVE-2025-66664
|
2026-05-15 23:10 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2062
|
- |
|
-
|
-
|
Improper cleanup of shared register resources in GPU firmware could allow an admin-privileged attacker from a Guest Virtual machine (VM) to access these shared resources from another Guest VM, potent…
|
CWE-459
Incomplete Cleanup
|
CVE-2026-0427
|
2026-05-15 23:10 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2063
|
- |
|
-
|
-
|
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_COPY_VF_CHIPLET_REGS to write invalid data to a remote Die, potentially resulti…
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2026-0428
|
2026-05-15 23:10 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2064
|
- |
|
-
|
-
|
An out of bounds read in the remote management firmware could allow a privileged attacker read a limited section of memory outside of established bounds potentially resulting in loss of confidentiali…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-21950
|
2026-05-15 23:10 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2065
|
- |
|
-
|
-
|
Improper isolation of VCN-JPEG HW register space could allow a malicious Guest Virtual Machine (VM) or a process to perform unauthorized access to the register space of the JPEG cores assigned a vict…
|
CWE-284
Improper Access Control
|
CVE-2024-36323
|
2026-05-15 23:10 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2066
|
- |
|
-
|
-
|
Improper verification of cryptographic signature in the Radeon RGB tool could allow a malicious file placed in the installation directory to be run with elevated privileges potentially leading to arb…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2024-36334
|
2026-05-15 23:10 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2067
|
- |
|
-
|
-
|
A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgv_cmd in an unlocked ioctl handler could be exploited by an atta…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2025-52532
|
2026-05-15 23:10 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2068
|
- |
|
-
|
-
|
Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resu…
|
CWE-1189
|
CVE-2025-54518
|
2026-05-15 23:10 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2069
|
- |
|
-
|
-
|
Unrestricted IP address binding in the AMD Device Metrics Exporter (ROCm ecosystem) could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in lo…
|
CWE-1327
Binding to an Unrestricted IP Address
|
CVE-2026-0481
|
2026-05-15 23:10 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2070
|
6.8 |
MEDIUM
Network
|
pyload-ng_project
|
pyload-ng
|
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the set_config_value() API method (@permission(Perms.SETTINGS)) in src/pyload/core/api/__init__.py gates …
|
CWE-295
CWE-306
CWE-863
Improper Certificate Validation
Missing Authentication for Critical Function
Incorrect Authorization
|
CVE-2026-42312
|
2026-05-15 23:09 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
