What is the AMD CNA?
AMD is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 382 CVE records since 2020.
How many CVEs has AMD published?
AMD has published 382 CVE records, including 168 in the last two years.
What is AMD's CVE data quality grade?
RadicalNotion.AI grades AMD's CVE data quality as C, with an overall completeness score of 77.2%. This reflects how consistently its CVE records include vendor (98.4%), product (100%), CVSS (45%), and CWE (65.2%) information.
What products does AMD publish CVEs for?
AMD most frequently publishes CVEs for epyc 7643, epyc 7513, epyc 7543p, epyc 7313p, epyc 7343.
Which vendors does AMD cover?
AMD publishes CVEs across 5 distinct vendors, most often AMD, microsoft, debian, fedoraproject, linux.
Is AMD actively publishing CVEs?
AMD is currently active, based on 168 CVEs in the last two years.
What is the average severity of AMD's CVEs?
The average CVSS base score across AMD's scored CVEs is 5.8.
How many critical CVEs has AMD published?
AMD has published 6 critical-severity CVEs and 136 high-severity CVEs.
Are any of AMD's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of AMD's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in AMD's CVEs?
AMD's CVEs most often map to these CWE weakness types: CWE-20 (Improper Input Validation), CWE-787 (Out-of-bounds Write), CWE-276 (Incorrect Default Permissions), CWE-1284 (Improper Validation of Specified Quantity in Input).
How does AMD rank among CNAs?
By total CVE volume, AMD ranks #63 of 370 CNAs, and it reports more complete CVE records than 27% of all CNAs.
