Skip to main content
CVE-2022-27874 HIGH This Week

Improper authentication in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Intel Authentication Bypass Privilege Escalation Xmm 7560 Firmware
NVD
CVSS 3.1
7.2
EPSS
0.2%
CVE-2022-26045 HIGH This Week

Improper buffer restrictions in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Buffer Overflow Xmm 7560 Firmware
NVD
CVSS 3.1
7.2
EPSS
0.2%
CVE-2022-35276 MEDIUM PATCH This Month

Improper access control in BIOS firmware for some Intel(R) NUC 8 Compute Elements before version CBWHL357.0096 may allow a privileged user to potentially enable escalation of privilege via local. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Intel Authentication Bypass Privilege Escalation Nuc 8 Compute Element Cm8I7Cb Firmware Nuc 8 Compute Element Cm8I3Cb Firmware +3
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-34152 MEDIUM PATCH This Month

Improper input validation in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Kits before version TY0070 may allow a privileged user to potentially enable escalation of privilege via local. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Intel Privilege Escalation Nuc Board De3815Tybe Firmware Nuc Kit De3815Tykhe Firmware
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-33176 MEDIUM PATCH This Month

Improper input validation in BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Intel Privilege Escalation Nuc 11 Performance Kit Nuc11Pahi30Z Firmware Nuc 11 Performance Kit Nuc11Pahi50Z Firmware Nuc 11 Performance Kit Nuc11Pahi70Z Firmware +8
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-32569 MEDIUM PATCH This Month

Improper buffer restrictions in BIOS firmware for some Intel(R) NUC M15 Laptop Kits before version BCTGL357.0074 may allow a privileged user to potentially enable escalation of privilege via local. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Intel Privilege Escalation Buffer Overflow Nuc M15 Laptop Kit Lapbc510 Firmware Nuc M15 Laptop Kit Lapbc710 Firmware
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-30542 MEDIUM PATCH This Month

Improper input validation in the firmware for some Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families before version R02.01.0014 may allow a. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Intel Privilege Escalation S2600Wf Firmware R1000Wf Firmware R2000Wf Firmware
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-26006 MEDIUM This Month

Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Core I5 7640X Firmware Core I7 3820 Firmware Core I7 3920Xm Firmware +127
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-21794 MEDIUM This Month

Improper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067 may allow a privileged user to. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Intel Authentication Bypass Privilege Escalation Nuc Kit Nuc8I7Hnk Firmware Nuc Kit Nuc8I7Hvk Firmware +3
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-41904 MEDIUM This Month

Element iOS is an iOS Matrix client provided by Element. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Code Injection Element
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-31772 MEDIUM PATCH This Month

IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service to the MQTT channels. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

IBM Denial Of Service Mq
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-3957 MEDIUM PATCH This Month

A vulnerability classified as problematic was found in GPAC. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Gpac
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-28667 MEDIUM This Month

Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi software before version 22.140 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Memory Corruption Denial Of Service Buffer Overflow Wi Fi 6E Ax411 Firmware +13
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-26047 MEDIUM This Month

Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Denial Of Service Killer Wifi Software Proset Wireless Wifi Uefi Wifi Driver +339
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-21198 MEDIUM This Month

Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.4). No vendor patch available.

Intel Privilege Escalation Celeron 1000M Firmware Celeron 1005M Firmware Celeron 1007U Firmware +444
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-41905 MEDIUM PATCH This Month

WsgiDAV is a generic and extendable WebDAV server based on WSGI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Wsgidav
NVD GitHub
CVSS 3.1
6.1
EPSS
0.3%
CVE-2022-3950 MEDIUM PATCH This Month

A vulnerability, which was classified as problematic, was found in sanluan PublicCMS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Publiccms
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-3949 MEDIUM This Month

A vulnerability, which was classified as problematic, has been found in Sourcecodester Simple Cashiering System. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Simple Cashiering System
NVD VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-3942 MEDIUM This Month

A vulnerability was found in SourceCodester Sanitization Management System and classified as problematic. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Sanitization Management System
NVD VulDB
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-36349 MEDIUM PATCH This Month

Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow an authenticated user to potentially enable denial of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Denial Of Service Nuc Board Nuc5I3Mybe Firmware Nuc Kit Nuc5I3Myhe Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-30691 MEDIUM This Month

Uncontrolled resource consumption in the Intel(R) Support Android application before version 22.02.28 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Google Denial Of Service Support
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-29515 MEDIUM This Month

Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Server Platform Services Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-29466 MEDIUM This Month

Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700.0 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Server Platform Services Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-40750 MEDIUM PATCH This Month

IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

IBM XSS Websphere Application Server
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-36776 MEDIUM PATCH This Month

IBM Cloud Pak for Security (CP4S) 1.10.0.0 79and 1.10.2.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

IBM XSS Cloud Pak For Security
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-3943 MEDIUM This Month

A vulnerability was found in ForU CMS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Foru Cms
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.3%
CVE-2022-41873 MEDIUM PATCH This Month

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Contiki Ng
NVD GitHub
CVSS 3.1
5.4
EPSS
0.2%
CVE-2022-3959 MEDIUM PATCH This Month

A vulnerability, which was classified as problematic, has been found in drogon up to 1.8.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Drogon
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
1.0%
CVE-2022-36367 MEDIUM This Month

Incorrect default permissions in the Intel(R) Support Android application before version v22.02.28 may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Google Privilege Escalation Support
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-27499 MEDIUM PATCH This Month

Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Intel Information Disclosure Sgx Sdk
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2022-25917 MEDIUM PATCH This Month

Uncaught exception in the firmware for some Intel(R) Server Board M50CYP Family before version R01.01.0005 may allow a privileged user to potentially enable a denial of service via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Intel Denial Of Service M50Cyp1Ur204 Firmware M50Cyp1Ur212 Firmware M50Cyp2Ur208 Firmware +1
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-33973 LOW Monitor

Improper access control in the Intel(R) WAPI Security software for Windows 10/11 before version 22.2150.0.1 may allow an authenticated user to potentially enable information disclosure via local. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Microsoft Wlan Authentication And Privacy Infrastructure
NVD
CVSS 3.1
3.3
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy