Skip to main content
CVE-2022-33209 HIGH PATCH This Week

Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Privilege Escalation Lapbc510 Firmware Lapbc710 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-28858 HIGH PATCH This Week

Improper buffer restriction in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Privilege Escalation Intel Buffer Overflow Lapbc510 Firmware Lapbc710 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-27493 HIGH PATCH This Week

Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable an escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Privilege Escalation Lapbc510 Firmware Lapbc710 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-28757 HIGH This Week

The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.6 contains a vulnerability in the auto update process. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Privilege Escalation Meetings
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-28696 HIGH PATCH This Week

Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Python Intel Privilege Escalation Distribution For Python
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-26844 HIGH This Week

Insufficiently protected credentials in the installation binaries for Intel(R) SEAPI in all versions may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Single Event Api
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-26374 HIGH This Week

Uncontrolled search path in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Single Event Api
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-26344 HIGH This Week

Incorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Single Event Api
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-25999 HIGH This Week

Uncontrolled search path element in the Intel(R) Enpirion(R) Digital Power Configurator GUI software, all versions may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Enpirion Digital Power Configurator Gui
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-25966 HIGH This Week

Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Edge Insights For Industrial
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-25841 HIGH This Week

Uncontrolled search path elements in the Intel(R) Datacenter Group Event Android application, all versions, may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Intel Privilege Escalation Datacenter Group Event
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-21812 HIGH This Week

Improper access control in the Intel(R) HAXM software before version 7.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Hardware Accelerated Execution Manager
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-21807 HIGH PATCH This Week

Uncontrolled search path elements in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Privilege Escalation Vtune Profiler
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-21229 HIGH This Week

Improper buffer restrictions for some Intel(R) NUC 9 Extreme Laptop Kit drivers before version 2.2.0.22 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Control Center
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-21181 HIGH PATCH This Week

Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Privilege Escalation Wireless Ac 9560 Firmware Wireless Ac 9462 Firmware Wireless Ac 9461 Firmware +4
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-21148 HIGH This Week

Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Edge Insights For Industrial
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-37025 HIGH PATCH This Week

An improper privilege management vulnerability in McAfee Security Scan Plus (MSS+) before 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Privilege Escalation Security Scan Plus
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-30296 HIGH This Week

Insufficiently protected credentials in the Intel(R) Datacenter Group Event iOS application, all versions, may allow an unauthenticated user to potentially enable information disclosure via network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Intel Datacenter Group Event
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-21197 HIGH PATCH This Week

Improper input validation for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Intel Denial Of Service Wireless Ac 9560 Firmware Wireless Ac 9462 Firmware Wireless Ac 9461 Firmware +6
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-21160 HIGH PATCH This Week

Improper buffer restrictions for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Intel Denial Of Service Buffer Overflow Wireless Ac 9560 Firmware Wireless Ac 9462 Firmware +7
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-37422 HIGH PATCH This Week

Payara through 5.2022.2 allows directory traversal without authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Payara
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-29549 HIGH This Week

An issue was discovered in Qualys Cloud Agent 4.8.0-49. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cloud Agent For Linux
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2022-32579 HIGH PATCH This Week

Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via physical access. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Intel Privilege Escalation Lapbc510 Firmware Lapbc710 Firmware
NVD
CVSS 3.1
7.2
EPSS
0.3%
CVE-2022-28697 MEDIUM This Month

Improper access control in firmware for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Privilege Escalation Standard Manageability Active Management Technology Firmware
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2022-21172 MEDIUM PATCH This Month

Out of bounds write for some Intel(R) PROSet/Wireless WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Privilege Escalation Intel Buffer Overflow Proset Wi Fi 6E Ax210 Firmware +2
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-21212 MEDIUM PATCH This Month

Improper input validation for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Intel Denial Of Service Wireless Ac 9560 Firmware Wireless Ac 9462 Firmware Wireless Ac 9461 Firmware +6
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-36024 MEDIUM PATCH This Month

py-cord is a an API wrapper for Discord written in Python. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Python Pycord
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-32453 MEDIUM This Month

HTTP header injection vulnerability in Cybozu Office 10.0.0 to 10.8.5 may allow a remote attacker to obtain and/or alter the data of the product via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Code Injection Office
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-34345 MEDIUM PATCH This Month

Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via physical access. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity.

Intel Privilege Escalation Lapbc510 Firmware Lapbc710 Firmware
NVD
CVSS 3.1
6.2
EPSS
0.3%
CVE-2022-35212 MEDIUM This Month

osCommerce2 before v2.3.4.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the function tep_db_error(). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Oscommerce
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-33151 MEDIUM This Month

Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows remote attackers to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft XSS Office
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-30604 MEDIUM This Month

Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft XSS Office
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-29487 MEDIUM This Month

Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft XSS Office
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-28715 MEDIUM This Month

Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft XSS Office
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-30944 MEDIUM This Month

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Standard Manageability Active Management Technology Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-29507 MEDIUM This Month

Insufficiently protected credentials in the Intel(R) Team Blue mobile application in all versions may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Team Blue
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-27500 MEDIUM This Month

Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Intel Privilege Escalation Support
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-26373 MEDIUM This Month

Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Debian Linux Core I5 9400F Firmware Xeon D 1649N Firmware Xeon D 1633N Firmware Xeon D 1637 Firmware +489
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-24378 MEDIUM This Month

Improper initialization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Data Center Manager
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-23403 MEDIUM This Month

Improper input validation in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Data Center Manager
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-21793 MEDIUM PATCH This Month

Insufficient control flow management in the Intel(R) Ethernet 500 Series Controller drivers for VMWare before version 1.11.4.0 and in the Intel(R) Ethernet 700 Series Controller drivers for VMWare. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel VMware Ixgben I40En
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-21233 MEDIUM This Month

Improper isolation of shared resources in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Pentium J4205 Firmware Pentium N4200 Firmware Pentium N4200E Firmware +331
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-21152 MEDIUM This Month

Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Edge Insights For Industrial
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-21140 MEDIUM PATCH This Month

Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Intel Wireless Ac 9560 Firmware Dual Band Wireless Ac 3165 Firmware Dual Band Wireless Ac 3168 Firmware +15
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-29550 MEDIUM This Month

An issue was discovered in Qualys Cloud Agent 4.8.0-49. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cloud Agent
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-36023 MEDIUM PATCH This Month

Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Fabric
NVD GitHub
CVSS 3.1
5.3
EPSS
0.9%
CVE-2022-30693 MEDIUM This Month

Information disclosure vulnerability in the system configuration of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to obtain the data of the product via unspecified vectors. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Office
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2022-28709 MEDIUM This Month

Improper access control in the firmware for some Intel(R) E810 Ethernet Controllers before version 1.6.1.9 may allow a privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Ethernet Controller E810 Firmware
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-26074 MEDIUM This Month

Incomplete cleanup in a firmware subsystem for Intel(R) SPS before versions SPS_E3_04.08.04.330.0 and SPS_E3_04.01.04.530.0 may allow a privileged user to potentially enable denial of service via. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Server Platform Services Firmware
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-21240 MEDIUM PATCH This Month

Out of bounds read for some Intel(R) PROSet/Wireless WiFi products may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Intel Buffer Overflow Proset Wi Fi 6E Ax210 Firmware Wi Fi 6E Ax211 Firmware +1
NVD
CVSS 3.1
4.4
EPSS
0.2%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy