Skip to main content
CVE-2020-8708 HIGH This Week

Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Authentication Bypass Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-8707 HIGH This Week

Buffer overflow in daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-8706 HIGH This Week

Buffer overflow in a daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-12301 HIGH PATCH This Week

Improper initialization in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Intel S2600Wftr Firmware S2600Wf0R Firmware S2600Wfqr Firmware +5
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2020-12300 HIGH PATCH This Week

Uninitialized pointer in BIOS firmware for Intel(R) Server Board Families S2600CW, S2600KP, S2600TP, and S2600WT may allow a privileged user to potentially enable escalation of privilege via local. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Intel Memory Corruption S2600Cw2 Firmware S2600Cw2S Firmware +21
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2020-12299 HIGH PATCH This Week

Improper input validation in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Intel S2600Stqr Firmware S2600Stbr Firmware S2600Bpsr Firmware +5
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2020-8722 HIGH This Week

Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2020-8721 HIGH This Week

Improper input validation for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware Server System R2000Wt Firmware +15
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2020-8719 HIGH This Week

Buffer overflow in subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2020-0261 HIGH This Week

In C2 flame devices, there is a possible bypass of seccomp due to a missing configuration file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-8687 HIGH PATCH This Week

Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Rste Software Raid
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8681 HIGH PATCH This Week

Out of bounds write in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Privilege Escalation Intel Memory Corruption Graphics Drivers
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-0559 HIGH PATCH This Week

Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 8.1 before version 21.40.5.1 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Privilege Escalation Intel Microsoft Ac 3165 Firmware Ac 3168 Firmware +74
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-0555 HIGH PATCH This Week

Improper input validation for some Intel(R) Wireless Bluetooth(R) products may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Ax201 Firmware Ax200 Firmware Ac 9560 Firmware +8
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-0513 HIGH PATCH This Week

Out of bounds write for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Privilege Escalation Intel Memory Corruption Graphics Drivers
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-0510 HIGH PATCH This Week

Out of bounds read in some Intel(R) Graphics Drivers before versions 15.45.31.5127 and 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Privilege Escalation Intel Information Disclosure Graphics Drivers
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8763 HIGH PATCH This Week

Improper permissions in the installer for the Intel(R) RealSense(TM) D400 Series UWP driver for Windows* 10 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Intel Privilege Escalation Microsoft Realsense D415 Firmware Realsense D435 Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8743 HIGH This Week

Improper permissions in the installer for the Intel(R) Mailbox Interface driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Mailbox Interface Driver
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8736 HIGH This Week

Improper access control in subsystem for the Intel(R) Computing Improvement Program before version 2.4.5718 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Computing Improvement Program
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8729 HIGH This Week

Buffer copy without checking size of input for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8714 HIGH This Week

Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Authentication Bypass Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8712 HIGH This Week

Buffer overflow in a verification process for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-12287 HIGH This Week

Incorrect permissions in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2020.2 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Distribution Of Openvino Toolkit
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-7304 HIGH This Week

Cross site request forgery vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attacker to embed a CRSF script via adding a new label. Rated high severity (CVSS 7.6), this vulnerability is low attack complexity. No vendor patch available.

CSRF Data Loss Prevention
NVD
CVSS 3.1
7.6
EPSS
0.5%
CVE-2020-8688 HIGH PATCH This Week

Improper input validation in the Intel(R) RAID Web Console 3 for Windows* may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Intel Microsoft Raid Web Console 3
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-8680 HIGH PATCH This Week

Race condition in some Intel(R) Graphics Drivers before version 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.0).

Race Condition Privilege Escalation Intel Graphics Drivers
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2020-0554 HIGH PATCH This Week

Race condition in software installer for some Intel(R) Wireless Bluetooth(R) products on Windows* 7, 8.1 and 10 may allow an unprivileged user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Race Condition Privilege Escalation Intel Microsoft Ac 3165 Firmware +10
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2020-11733 MEDIUM This Month

An issue was discovered on Spirent TestCenter and Avalanche appliance admin interface firmware. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Avalanche Testcenter
NVD GitHub
CVSS 3.1
6.7
EPSS
1.6%
CVE-2020-8684 MEDIUM PATCH This Month

Improper access control in firmware for Intel(R) PAC with Arria(R) 10 GX FPGA before Intel Acceleration Stack version 1.2.1 may allow a privileged user to potentially enable escalation of privilege. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel Acceleration Stack
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8759 MEDIUM PATCH This Month

Improper access control in the installer for Intel(R) SSD DCT versions before 3.0.23 may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel Ssd Data Center Tool
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8742 MEDIUM PATCH This Month

Improper input validation in the firmware for Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel Nuc8I7Behga Firmware Nuc8I7Bekqa Firmware Nuc8I3Behfa Firmware +70
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8733 MEDIUM PATCH This Month

Improper buffer restrictions in the firmware for Intel(R) Server Board M10JNP2SB before version 7.210 may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel M10Jnp2Sb Firmware
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8711 MEDIUM This Month

Improper access control in the bootloader for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware Server System R2000Wt Firmware +15
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8710 MEDIUM This Month

Buffer overflow in the bootloader for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of privilege via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2020-13281 MEDIUM This Month

For GitLab before 13.0.12, 13.1.6, 13.2.3 a denial of service exists in the project import feature. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Denial Of Service
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2020-8689 MEDIUM PATCH This Month

Improper buffer restrictions in the Intel(R) Wireless for Open Source before version 1.5 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Intel Inet Wireless Daemon
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2020-7305 MEDIUM This Month

Privilege escalation vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows a low privileged remote attacker to create new rule sets via incorrect validation of user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Data Loss Prevention
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2020-7302 MEDIUM This Month

Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Data Loss Prevention
NVD
CVSS 3.1
6.4
EPSS
0.7%
CVE-2020-8723 MEDIUM This Month

Cross-site scripting for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
6.3
EPSS
0.6%
CVE-2020-8720 MEDIUM This Month

Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable denial of service via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8683 MEDIUM PATCH This Month

Improper buffer restrictions in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Graphics Drivers
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8682 MEDIUM PATCH This Month

Out of bounds read in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Intel Information Disclosure Graphics Drivers
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8679 MEDIUM PATCH This Month

Out-of-bounds write in Kernel Mode Driver for some Intel(R) Graphics Drivers before version 26.20.100.7755 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Intel Memory Corruption Graphics Drivers
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-0512 MEDIUM PATCH This Month

Uncaught exception in the system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Graphics Drivers
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8717 MEDIUM This Month

Improper input validation in a subsystem for some Intel Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware Server System R2000Wt Firmware +15
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8716 MEDIUM This Month

Improper access control for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable denial of service via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware Server System R2000Wt Firmware +15
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8715 MEDIUM This Month

Invalid pointer for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware Server System R2000Wt Firmware +15
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-13285 MEDIUM This Month

For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting (XSS) vulnerability exists in the issue reference number tooltip. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Gitlab
NVD
CVSS 3.1
5.4
EPSS
1.0%
CVE-2020-13283 MEDIUM This Month

For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting vulnerability exists in the issues list via milestone title. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Gitlab
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2020-7307 MEDIUM This Month

Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Data Loss Prevention
NVD
CVSS 3.1
5.2
EPSS
0.3%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy