Skip to main content
CVE-2020-8767 MEDIUM This Month

Uncaught exception in the Intel(R) 50GbE IP Core for Intel(R) Quartus Prime before version 20.2 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Quartus Prime
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8698 MEDIUM This Month

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Microcode Clustered Data Ontap Hci Compute Node Bios +14
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2020-8696 MEDIUM This Month

Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Microcode Clustered Data Ontap Hcl Compute Node Bios +4
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-8695 MEDIUM This Month

Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Core I7 8510Y Firmware Core I7 8500Y Firmware Core I5 8310Y Firmware +298
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-8694 MEDIUM This Month

Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Linux Intel Information Disclosure Core I7 8510Y Firmware Core I7 8500Y Firmware +297
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-0575 MEDIUM PATCH This Month

Improper buffer restrictions in the Intel(R) Unite Client for Windows* before version 4.2.13064 may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Microsoft Information Disclosure Unite
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-24441 MEDIUM PATCH This Month

Adobe Acrobat Reader for Android version 20.6.2 (and earlier) does not properly restrict access to directories created by the application. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Google Authentication Bypass Adobe Acrobat Reader
NVD
CVSS 3.1
5.5
EPSS
2.3%
CVE-2020-11123 MEDIUM This Month

u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +112
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-17494 MEDIUM PATCH This Month

Untangle Firewall NG before 16.0 uses MD5 for passwords. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Untangle Firewall Ng
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2020-28247 MEDIUM PATCH This Month

The lettre library through 0.10.0-alpha for Rust allows arbitrary sendmail option injection via transport/sendmail/mod.rs. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Code Injection Lettre
NVD GitHub
CVSS 3.1
5.3
EPSS
1.5%
CVE-2020-1999 MEDIUM This Month

A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2020-7333 MEDIUM This Month

Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows administrators to inject arbitrary web script or HTML. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Endpoint Security
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2020-8761 MEDIUM This Month

Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30.10 may allow an unauthenticated user to potentially enable information disclosure via physical access. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Converged Security And Manageability Engine
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2020-8751 MEDIUM This Month

Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, Intel(R) TXE versions before 3.1.80 may allow an unauthenticated user to potentially enable information. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Converged Security And Manageability Engine Trusted Execution Technology
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2020-12311 MEDIUM This Month

Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Ssd Pro 6000P Firmware Ssd Pro 5450S Firmware Ssd E 5100S Firmware +12
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2020-12310 MEDIUM This Month

Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Ssd Pro 6000P Firmware Ssd Pro 5450S Firmware Ssd E 5100S Firmware +12
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2020-12309 MEDIUM This Month

Insufficiently protected credentialsin subsystem in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Ssd Pro 6000P Firmware Ssd Pro 5450S Firmware Ssd E 5100S Firmware +12
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2020-12328 MEDIUM This Month

Protection mechanism failure in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Microsoft Information Disclosure Thunderbolt Dch Driver
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2020-12327 MEDIUM This Month

Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow a privileged user to potentially enable information disclosure via local. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Microsoft Information Disclosure Thunderbolt Dch Driver
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2020-8677 MEDIUM This Month

Improper access control in the Intel(R) Visual Compute Accelerator 2, all versions, may allow a privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Visual Compute Accelerator 2 Firmware
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2020-12356 MEDIUM This Month

Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable information disclosure via local. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Intel Information Disclosure Active Management Technology Firmware Cloud Backup
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2020-9128 MEDIUM This Month

FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Fusioncompute
NVD
CVSS 3.1
4.4
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy