Filtered by vendor Intel
Subscribe
Total
1628 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-12126 | 2 Fedoraproject, Intel | 3 Fedora, Microarchitectural Store Buffer Data Sampling, Microarchitectural Store Buffer Data Sampling Firmware | 2023-11-07 | 4.7 MEDIUM | 5.6 MEDIUM |
| Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf | |||||
| CVE-2018-12127 | 2 Fedoraproject, Intel | 3 Fedora, Microarchitectural Load Port Data Sampling, Microarchitectural Load Port Data Sampling Firmware | 2023-11-07 | 4.7 MEDIUM | 5.6 MEDIUM |
| Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf | |||||
| CVE-2007-5938 | 1 Intel | 2 Pro Wireless 3945abg, Wireless Wifi Link 4965agn | 2023-11-07 | 5.0 MEDIUM | N/A |
| The iwl_set_rate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwl_get_hw_mode return value without checking for NULL, which might allow remote attackers to cause a denial of service (kernel panic) via unspecified vectors during module initialization. | |||||
| CVE-2023-32663 | 1 Intel | 1 Realsense Software Development Kit | 2023-08-21 | N/A | 7.8 HIGH |
| Incorrect default permissions in some Intel(R) RealSense(TM) SDKs in version 2.53.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2018-3657 | 2 Intel, Siemens | 25 Active Management Technology Firmware, Converged Security Management Engine Firmware, Manageability Engine Firmware and 22 more | 2023-08-17 | 7.2 HIGH | 6.7 MEDIUM |
| Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access. | |||||
| CVE-2018-3616 | 2 Intel, Siemens | 25 Active Management Technology Firmware, Converged Security Management Engine Firmware, Manageability Engine Firmware and 22 more | 2023-08-17 | 4.3 MEDIUM | 5.9 MEDIUM |
| Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network. | |||||
| CVE-2018-3658 | 2 Intel, Siemens | 25 Active Management Technology Firmware, Converged Security Management Engine Firmware, Manageability Engine Firmware and 22 more | 2023-08-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access. | |||||
| CVE-2017-5698 | 1 Intel | 3 Active Management Technology Firmware, Manageability Engine Firmware, Small Business Technology Firmware | 2023-08-17 | 4.9 MEDIUM | 4.4 MEDIUM |
| Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology firmware versions 11.0.25.3001 and 11.0.26.3000 anti-rollback will not prevent upgrading to firmware version 11.6.x.1xxx which is vulnerable to CVE-2017-5689 and can be performed by a local user with administrative privileges. | |||||
| CVE-2022-29470 | 1 Intel | 1 Dynamic Tuning Technology | 2023-08-17 | N/A | 7.8 HIGH |
| Improper access control in the Intel DTT Software before version 8.7.10400.15482 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-33104 | 1 Intel | 1 One Boot Flash Update | 2023-08-08 | N/A | 5.5 MEDIUM |
| Improper access control in the Intel(R) OFU software before version 14.1.28 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2021-0187 | 1 Intel | 106 Xeon Gold 5315y, Xeon Gold 5315y Firmware, Xeon Gold 5317 and 103 more | 2023-08-08 | N/A | 8.2 HIGH |
| Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. | |||||
| CVE-2022-31476 | 1 Intel | 1 System Usage Report | 2023-08-08 | N/A | 5.5 MEDIUM |
| Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2022-34854 | 1 Intel | 1 System Usage Report | 2023-08-08 | N/A | 7.8 HIGH |
| Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-34157 | 1 Intel | 2 Fpga Software Development Kit, Quartus Prime | 2023-08-08 | N/A | 7.8 HIGH |
| Improper access control in the Intel(R) FPGA SDK for OpenCL(TM) with Intel(R) Quartus(R) Prime Pro Edition software before version 22.1 may allow authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-29514 | 1 Intel | 1 System Usage Report | 2023-08-08 | N/A | 9.8 CRITICAL |
| Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2022-36369 | 1 Intel | 1 Qatzip | 2023-08-08 | N/A | 7.8 HIGH |
| Improper access control in some QATzip software maintained by Intel(R) before version 1.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26843 | 1 Intel | 2 Oneapi Dpc\+\+\/c\+\+ Compiler, Oneapi Toolkits | 2023-08-08 | N/A | 9.8 CRITICAL |
| Insufficient visual distinction of homoglyphs presented to user in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.1 for Intel(R) oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2022-21216 | 1 Intel | 132 Atom C5310, Atom C5310 Firmware, Atom C5315 and 129 more | 2023-08-08 | N/A | 6.8 MEDIUM |
| Insufficient granularity of access control in out-of-band management in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access. | |||||
| CVE-2022-29494 | 1 Intel | 58 C621a, C627a, C629a and 55 more | 2023-08-08 | N/A | 6.5 MEDIUM |
| Improper input validation in firmware for OpenBMC in some Intel(R) platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access. | |||||
| CVE-2022-36278 | 1 Intel | 1 Battery Life Diagnostic Tool | 2023-08-08 | N/A | 7.8 HIGH |
| Insufficient control flow management in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||