Skip to main content

Intel

1699 CVEs vendor

Monthly

CVE-2019-11147 HIGH This Week

Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Intel Sa 00125 Detection Tool Sa 00086 Detection Tool Converged Security Management Engine Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-11132 HIGH This Week

Cross site scripting in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow a privileged user to potentially enable escalation of privilege via network access. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Intel Privilege Escalation Active Management Technology Firmware
NVD
CVSS 3.1
8.4
EPSS
1.3%
CVE-2019-11131 CRITICAL Act Now

Logic issue in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Active Management Technology Firmware
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2019-11110 MEDIUM This Month

Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Intel Converged Security Management Engine Firmware Trusted Execution Engine Firmware
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2019-11109 MEDIUM This Month

Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0 may allow a privileged user to potentially enable denial of. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Server Platform Services Firmware Big Ip B2250 Firmware Big Ip B4300 Firmware +31
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-11108 MEDIUM This Month

Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Converged Security Management Engine Firmware
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2019-11107 CRITICAL Act Now

Insufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Active Management Technology Firmware
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2019-11106 MEDIUM This Month

Insufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Converged Security Management Engine Firmware Trusted Execution Engine Firmware
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2019-11105 MEDIUM This Month

Logic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13.0.10 and 14.0.10 may allow a privileged user to potentially enable escalation of privilege and information disclosure via local. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Information Disclosure Converged Security Management Engine Firmware
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2019-11104 HIGH This Week

Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Converged Security Management Engine Firmware Trusted Execution Engine Firmware
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-11103 HIGH This Week

Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Converged Security Management Engine Firmware
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-11102 MEDIUM This Month

Insufficient input validation in Intel(R) DAL software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Dynamic Application Loader Trusted Execution Engine Firmware
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-11101 MEDIUM This Month

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Converged Security Management Engine Firmware Trusted Execution Engine Firmware
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-11100 MEDIUM This Month

Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Active Management Technology Firmware
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2019-11097 HIGH This Week

Improper directory permissions in the installer for Intel(R) Management Engine Consumer Driver for Windows before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45,13.0.10 and 14.0.10; Intel(R) TXE. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Intel Trusted Execution Engine Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-11090 MEDIUM This Month

Cryptographic timing conditions in the subsystem for Intel(R) PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; Intel(R) TXE 3.1.70 and 4.0.20; Intel(R) SPS before. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Intel Information Disclosure Platform Trust Technology Firmware Server Platform Services Firmware +1
NVD
CVSS 3.1
5.9
EPSS
2.3%
CVE-2019-11088 HIGH This Week

Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Active Management Technology Firmware
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2019-11087 MEDIUM This Month

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Intel Information Disclosure Converged Security Management Engine Firmware +1
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2019-11086 MEDIUM This Month

Insufficient input validation in subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Active Management Technology Firmware
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2019-0169 HIGH This Week

Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Buffer Overflow Intel Memory Corruption +2
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2019-0168 MEDIUM This Month

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Converged Security Management Engine Firmware Trusted Execution Engine Firmware
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-0166 HIGH This Week

Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Active Management Technology Firmware
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2019-0165 MEDIUM This Month

Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Converged Security Management Engine Firmware
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-0131 HIGH This Week

Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable denial of service or. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Information Disclosure Active Management Technology Firmware
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2019-14612 MEDIUM PATCH This Month

Out of bounds write in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Privilege Escalation Buffer Overflow Intel Memory Corruption Nuc 8 Mainstream Game Kit Firmware +18
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2019-14611 MEDIUM PATCH This Month

Integer overflow in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Integer Overflow Intel Nuc 8 Mainstream Game Kit Firmware Nuc 8 Mainstream Game Mini Computer Firmware +17
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2019-14610 HIGH PATCH This Week

Improper access control in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Nuc 8 Mainstream Game Kit Firmware Nuc 8 Mainstream Game Mini Computer Firmware Nuc8I7Bek Firmware +16
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-14609 MEDIUM PATCH This Month

Improper input validation in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel Nuc 8 Mainstream Game Kit Firmware Nuc 8 Mainstream Game Mini Computer Firmware Nuc8I7Bek Firmware +16
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2019-14608 HIGH PATCH This Week

Improper buffer restrictions in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Privilege Escalation Buffer Overflow Intel Nuc 8 Mainstream Game Kit Firmware Nuc 8 Mainstream Game Mini Computer Firmware +17
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-14607 MEDIUM This Month

Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Intel Information Disclosure Xeon Platinum 9282 Firmware +377
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2019-14605 HIGH This Week

Improper permissions in the installer for the Intel(R) SCS Platform Discovery Utility, all versions, may allow an authenticated user to potentially enable escalation of privilege via local attack. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Setup And Configuration Software Platform Discovery Utility
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-14604 MEDIUM PATCH This Month

Null pointer dereference in the FPGA kernel driver for Intel(R) Quartus(R) Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable denial of service via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Null Pointer Dereference Denial Of Service Intel Quartus Prime
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-14603 HIGH PATCH This Week

Improper permissions in the installer for the License Server software for Intel® Quartus® Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Intel Quartus Prime
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-14568 HIGH PATCH This Week

Improper permissions in the executable for Intel(R) RST before version 17.7.0.1006 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Intel Rapid Storage Technology
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-11165 MEDIUM PATCH This Month

Improper conditions check in the Linux kernel driver for the Intel(R) FPGA SDK for OpenCL(TM) Pro Edition before version 19.4 may allow an authenticated user to potentially enable denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Intel Field Programmable Gate Array Software Development Kit For Opencl
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-11157 MEDIUM This Month

Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Information Disclosure Xeon E3 1585 Firmware Xeon E3 1585L Firmware +262
NVD
CVSS 3.1
6.7
EPSS
0.7%
CVE-2019-11096 MEDIUM PATCH This Month

Insufficient memory protection for Intel(R) Ethernet I218 Adapter driver for Windows* 10 before version 24.1 may allow an authenticated user to potentially enable information disclosure via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Intel Ethernet I218 Adapter Driver
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-0159 HIGH PATCH This Week

Insufficient memory protection in the Linux Administrative Tools for Intel(R) Network Adapters before version 24.3 may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Administrative Tools For Intel Network Adapters
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-0134 HIGH This Week

Improper permissions in the Intel(R) Dynamic Platform and Thermal Framework v8.3.10208.5643 and before may allow an authenticated user to potentially execute code at an elevated level of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Dynamic Platform And Thermal Framework
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-19583 HIGH PATCH This Week

An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service (guest OS crash) because VMX VMEntry checks mishandle a certain case. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Intel Amd Xen Fedora +2
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2019-19577 HIGH PATCH This Week

An issue was discovered in Xen through 4.12.x allowing x86 AMD HVM guest OS users to cause a denial of service or possibly gain privileges by triggering data-structure access during pagetable-height. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Privilege Escalation Denial Of Service Intel Amd Xen +1
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2019-19059 MEDIUM PATCH This Month

Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Intel Linux Kernel Ubuntu Linux +1
NVD GitHub
CVSS 3.1
4.7
EPSS
0.4%
CVE-2019-19058 MEDIUM PATCH This Month

A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Intel Linux Kernel Ubuntu Linux +2
NVD GitHub
CVSS 3.1
4.7
EPSS
0.4%
CVE-2019-19043 MEDIUM PATCH This Month

A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Intel Linux Kernel Ubuntu Linux +1
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2019-14591 MEDIUM This Month

Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Graphics Driver Cloud Backup Data Availability Services +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-14590 MEDIUM This Month

Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Information Disclosure Graphics Driver Cloud Backup +3
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-14574 MEDIUM This Month

Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Intel Information Disclosure Graphics Driver +4
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-11113 MEDIUM This Month

Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Intel Information Disclosure Graphics Driver Cloud Backup +3
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2019-11111 HIGH This Week

Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Privilege Escalation Denial Of Service Intel Graphics Driver +4
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-11089 MEDIUM This Month

Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Graphics Driver Cloud Backup Data Availability Services +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-0184 MEDIUM This Month

Insufficient access control in protected memory subsystem for Intel(R) TXT for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Intel Core I7 8700B Firmware Intel Core I7 8850H Firmware Core I9 9880H Firmware +125
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-0152 MEDIUM This Month

Insufficient memory protection in System Management Mode (SMM) and Intel(R) TXT for certain Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Intel Xeon Platinum 8253 Firmware Xeon Platinum 8256 Firmware +128
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2019-0151 MEDIUM This Month

Insufficient memory protection in Intel(R) TXT for certain Intel(R) Core Processors and Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Xeon D 2141I Firmware Xeon D 2177Nt Firmware Xeon D 2161I Firmware Xeon D 2143It Firmware Xeon D 2146Nt Firmware +442
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2019-0124 HIGH This Week

Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting TXT, may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Core I7 6970Hq Firmware Core I7 6920Hq Firmware Core I7 6870Hq Firmware +143
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-0123 HIGH This Week

Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting SGX, may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Core I7 6970Hq Firmware Core I7 6920Hq Firmware Core I7 6870Hq Firmware +143
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-0117 MEDIUM This Month

Insufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5, v6 Families;. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Core I7 6970Hq Firmware Core I7 6920Hq Firmware Core I7 6870Hq Firmware +159
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2019-11139 MEDIUM This Month

Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Debian Linux Leap Xeon 8153 Firmware +56
NVD
CVSS 3.1
6.0
EPSS
0.4%
CVE-2019-11112 HIGH This Week

Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Intel Memory Corruption Graphics Driver +3
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-0185 MEDIUM This Month

Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 families;. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Core I7 6970Hq Firmware Core I7 6920Hq Firmware Core I7 6870Hq Firmware +138
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-0155 HIGH This Week

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Intel Enterprise Linux Server Aus Enterprise Linux Server Eus +352
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2019-0154 MEDIUM This Month

Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Ubuntu Linux Pentium J4205 Firmware Pentium N4200 Firmware +144
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2019-0150 MEDIUM PATCH This Month

Insufficient access control in firmware Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow a privileged user to potentially enable a denial of service via local access. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity.

Denial Of Service Intel Ethernet Controller X710 Tm4 Firmware Ethernet Controller X710 At2 Firmware Ethernet Controller Xxv710 Am2 Firmware +4
NVD
CVSS 3.1
5.1
EPSS
0.3%
CVE-2019-0149 MEDIUM PATCH This Month

Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Ethernet Controller X710 Tm4 Firmware Ethernet Controller X710 At2 Firmware Ethernet Controller Xxv710 Am2 Firmware +4
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-0148 MEDIUM PATCH This Month

Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Ethernet Controller X710 Tm4 Firmware Ethernet Controller X710 At2 Firmware Ethernet Controller Xxv710 Am2 Firmware +4
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-0147 MEDIUM PATCH This Month

Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Ethernet Controller X710 Tm4 Firmware Ethernet Controller X710 At2 Firmware Ethernet Controller Xxv710 Am2 Firmware +4
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-0146 MEDIUM PATCH This Month

Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Ethernet Controller X710 Tm4 Firmware Ethernet Controller X710 At2 Firmware Ethernet Controller Xxv710 Am2 Firmware +4
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-0145 HIGH PATCH This Week

Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Privilege Escalation Buffer Overflow Intel Ethernet Controller X710 Tm4 Firmware Ethernet Controller X710 At2 Firmware +6
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-0144 MEDIUM PATCH This Month

Unhandled exception in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an authenticated user to potentially enable a denial of service via local access. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Intel Ethernet Controller X710 Tm4 Firmware Ethernet Controller X710 At2 Firmware Ethernet Controller Xxv710 Am2 Firmware +4
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2019-0143 MEDIUM PATCH This Month

Unhandled exception in Kernel-mode drivers for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Ethernet Controller X710 Tm4 Firmware Ethernet Controller X710 At2 Firmware Ethernet Controller Xxv710 Am2 Firmware +4
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-0142 HIGH PATCH This Week

Insufficient access control in ilp60x64.sys driver for Intel(R) Ethernet 700 Series Controllers before version 1.33.0.0 may allow a privileged user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Intel Ethernet Controller X710 Tm4 Firmware Ethernet Controller X710 At2 Firmware Ethernet Controller Xxv710 Am2 Firmware +4
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2019-0140 HIGH PATCH This Week

Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an unauthenticated user to potentially enable an escalation of privilege via an adjacent access. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Privilege Escalation Buffer Overflow Intel Ethernet Controller X710 Tm4 Firmware Ethernet Controller X710 At2 Firmware +5
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2019-0139 MEDIUM PATCH This Month

Insufficient access control in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow a privileged user to potentially enable an escalation of privilege, denial of. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Intel Information Disclosure Ethernet Controller X710 Tm4 Firmware +6
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2019-14566 HIGH This Week

Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Privilege Escalation Microsoft Intel +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-14565 HIGH This Week

Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Privilege Escalation Microsoft Intel +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-11182 HIGH This Week

Memory corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Intel Memory Corruption Baseboard Management Controller Firmware
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-11181 HIGH This Week

Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable escalation of privilege via network access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Intel Information Disclosure Baseboard Management Controller Firmware
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-11180 HIGH This Week

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Baseboard Management Controller Firmware
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-11179 MEDIUM This Month

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Information Disclosure Baseboard Management Controller Firmware
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2019-11178 HIGH This Week

Stack overflow in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure and/or denial of service via network access. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Intel Information Disclosure Baseboard Management Controller Firmware
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2019-11177 HIGH This Week

Unhandled exception in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Baseboard Management Controller Firmware
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-11175 HIGH This Week

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Baseboard Management Controller Firmware
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-11174 MEDIUM This Month

Insufficient access control in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Baseboard Management Controller Firmware
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2019-11173 HIGH This Week

Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via local. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Information Disclosure Baseboard Management Controller Firmware
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2019-11172 MEDIUM This Month

Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Intel Information Disclosure Baseboard Management Controller Firmware
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2019-11171 CRITICAL Act Now

Heap corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Privilege Escalation Buffer Overflow Intel +2
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2019-11170 HIGH This Week

Authentication bypass in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Privilege Escalation Intel Authentication Bypass +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-11168 CRITICAL Act Now

Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Information Disclosure Baseboard Management Controller Firmware
NVD
CVSS 3.1
9.1
EPSS
1.3%
CVE-2019-11156 HIGH This Week

Logic errors in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, denial of service, and information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Intel Information Disclosure Proset Wireless Wifi
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-11155 HIGH This Week

Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Information Disclosure Proset Wireless Wifi
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2019-11154 HIGH This Week

Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Information Disclosure Proset Wireless Wifi
NVD
CVSS 3.1
7.1
EPSS
0.3%
EPSS 0% CVSS 7.8
HIGH This Week

Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Intel Sa 00125 Detection Tool +3
NVD
EPSS 1% CVSS 8.4
HIGH This Week

Cross site scripting in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow a privileged user to potentially enable escalation of privilege via network access. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Intel Privilege Escalation +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Logic issue in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Active Management Technology Firmware
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Intel +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0 may allow a privileged user to potentially enable denial of. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Server Platform Services Firmware +33
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Converged Security Management Engine Firmware
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Insufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Active Management Technology Firmware
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Insufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Converged Security Management Engine Firmware +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Logic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13.0.10 and 14.0.10 may allow a privileged user to potentially enable escalation of privilege and information disclosure via local. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Converged Security Management Engine Firmware +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Converged Security Management Engine Firmware
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Insufficient input validation in Intel(R) DAL software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Dynamic Application Loader +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Converged Security Management Engine Firmware +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Active Management Technology Firmware
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper directory permissions in the installer for Intel(R) Management Engine Consumer Driver for Windows before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45,13.0.10 and 14.0.10; Intel(R) TXE. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Intel +1
NVD
EPSS 2% CVSS 5.9
MEDIUM This Month

Cryptographic timing conditions in the subsystem for Intel(R) PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; Intel(R) TXE 3.1.70 and 4.0.20; Intel(R) SPS before. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Intel Information Disclosure +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Active Management Technology Firmware
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Intel +3
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Insufficient input validation in subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Active Management Technology Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Buffer Overflow +4
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Converged Security Management Engine Firmware +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Active Management Technology Firmware
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Converged Security Management Engine Firmware
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable denial of service or. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Information Disclosure +1
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Out of bounds write in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Privilege Escalation Buffer Overflow Intel +20
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Integer overflow in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Integer Overflow Intel +19
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper access control in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Nuc 8 Mainstream Game Kit Firmware +18
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Improper input validation in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel Nuc 8 Mainstream Game Kit Firmware +18
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper buffer restrictions in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Privilege Escalation Buffer Overflow Intel +19
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Intel +379
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper permissions in the installer for the Intel(R) SCS Platform Discovery Utility, all versions, may allow an authenticated user to potentially enable escalation of privilege via local attack. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Setup And Configuration Software Platform Discovery Utility
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Null pointer dereference in the FPGA kernel driver for Intel(R) Quartus(R) Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable denial of service via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Null Pointer Dereference Denial Of Service Intel +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper permissions in the installer for the License Server software for Intel® Quartus® Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Intel Quartus Prime
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper permissions in the executable for Intel(R) RST before version 17.7.0.1006 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Intel Rapid Storage Technology
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Improper conditions check in the Linux kernel driver for the Intel(R) FPGA SDK for OpenCL(TM) Pro Edition before version 19.4 may allow an authenticated user to potentially enable denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Intel +1
NVD
EPSS 1% CVSS 6.7
MEDIUM This Month

Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Information Disclosure +264
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Insufficient memory protection for Intel(R) Ethernet I218 Adapter driver for Windows* 10 before version 24.1 may allow an authenticated user to potentially enable information disclosure via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Intel +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Insufficient memory protection in the Linux Administrative Tools for Intel(R) Network Adapters before version 24.3 may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Administrative Tools For Intel Network Adapters
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper permissions in the Intel(R) Dynamic Platform and Thermal Framework v8.3.10208.5643 and before may allow an authenticated user to potentially execute code at an elevated level of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Dynamic Platform And Thermal Framework
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service (guest OS crash) because VMX VMEntry checks mishandle a certain case. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Intel Amd +4
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

An issue was discovered in Xen through 4.12.x allowing x86 AMD HVM guest OS users to cause a denial of service or possibly gain privileges by triggering data-structure access during pagetable-height. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Privilege Escalation Denial Of Service Intel +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Intel +3
NVD GitHub
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Intel +4
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Intel +3
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Graphics Driver +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Information Disclosure +5
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Intel +6
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Intel Information Disclosure +5
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Privilege Escalation Denial Of Service +6
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Graphics Driver +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Insufficient access control in protected memory subsystem for Intel(R) TXT for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Intel Core I7 8700B Firmware +127
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Insufficient memory protection in System Management Mode (SMM) and Intel(R) TXT for certain Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Intel +130
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Insufficient memory protection in Intel(R) TXT for certain Intel(R) Core Processors and Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Xeon D 2141I Firmware Xeon D 2177Nt Firmware Xeon D 2161I Firmware +444
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting TXT, may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Core I7 6970Hq Firmware +145
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting SGX, may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Core I7 6970Hq Firmware +145
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Insufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5, v6 Families;. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Core I7 6970Hq Firmware +161
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Debian Linux +58
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Intel +5
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 families;. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Core I7 6970Hq Firmware +140
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Intel +354
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Ubuntu Linux +146
NVD
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

Insufficient access control in firmware Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow a privileged user to potentially enable a denial of service via local access. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity.

Denial Of Service Intel Ethernet Controller X710 Tm4 Firmware +6
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Ethernet Controller X710 Tm4 Firmware +6
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Ethernet Controller X710 Tm4 Firmware +6
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Ethernet Controller X710 Tm4 Firmware +6
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Ethernet Controller X710 Tm4 Firmware +6
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Privilege Escalation Buffer Overflow Intel +8
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Unhandled exception in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an authenticated user to potentially enable a denial of service via local access. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Intel Ethernet Controller X710 Tm4 Firmware +6
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Unhandled exception in Kernel-mode drivers for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Ethernet Controller X710 Tm4 Firmware +6
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Insufficient access control in ilp60x64.sys driver for Intel(R) Ethernet 700 Series Controllers before version 1.33.0.0 may allow a privileged user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Intel Ethernet Controller X710 Tm4 Firmware +6
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an unauthenticated user to potentially enable an escalation of privilege via an adjacent access. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Privilege Escalation Buffer Overflow Intel +7
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Insufficient access control in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow a privileged user to potentially enable an escalation of privilege, denial of. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Intel +8
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Privilege Escalation +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Privilege Escalation +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Memory corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Intel +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable escalation of privilege via network access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Intel +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Baseboard Management Controller Firmware
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Information Disclosure Baseboard Management Controller Firmware
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Stack overflow in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure and/or denial of service via network access. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Intel +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Unhandled exception in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Baseboard Management Controller Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Baseboard Management Controller Firmware
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Insufficient access control in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Baseboard Management Controller Firmware
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via local. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Information Disclosure +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Intel Information Disclosure +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Heap corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Privilege Escalation +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Authentication bypass in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Privilege Escalation +3
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Logic errors in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, denial of service, and information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Intel +2
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Information Disclosure +1
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Information Disclosure +1
NVD
Prev Page 15 of 19 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy