Skip to main content

Intel

1699 CVEs vendor

Monthly

CVE-2019-0088 HIGH This Week

Insufficient path checking in Intel(R) System Support Utility for Windows before 2.5.0.15 may allow an authenticated user to potentially enable an escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Intel System Support Utility
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-3705 MEDIUM This Month

Improper directory permissions in the installer for the Intel(R) System Defense Utility (all versions) may allow authenticated users to potentially enable a denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service System Defense Utility
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2018-3704 HIGH This Week

Improper directory permissions in the installer for the Intel Parallel Studio before 2019 Gold may allow authenticated users to potentially enable an escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Parallel Studio Parallel Studio Xe
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-18097 HIGH This Week

Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Solid State Drive Toolbox
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-18096 MEDIUM This Month

Improper memory handling in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Buffer Overflow Quickassist Technology For Linux
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2018-18093 HIGH This Week

Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Vtune Amplifier
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-12206 MEDIUM This Month

Improper configuration of hardware access in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Buffer Overflow Quickassist Technology For Linux
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2018-19967 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.11.x on Intel x86 platforms allowing guest OS users to cause a denial of service (host OS hang) because Xen does not work around Intel's mishandling of. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Intel Denial Of Service Xen Debian Linux
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2018-12155 MEDIUM This Month

Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Integrated Performance Primitives
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2018-9085 MEDIUM This Month

A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Lenovo Intel Privilege Escalation IBM Flex System X240 M4 Firmware +25
NVD
CVSS 3.0
4.9
EPSS
0.7%
CVE-2018-3699 MEDIUM This Month

Cross-site scripting in the Intel RAID Web Console v3 for Windows may allow an unauthenticated user to elevate privilege via remote access. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Microsoft XSS Raid Web Console 3
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-3698 HIGH This Week

Improper file permissions in the installer for the Intel Ready Mode Technology may allow an unprivileged user to potentially gain privileged access via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Ready Mode Technology
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-3697 HIGH This Week

Improper directory permissions in the installer for the Intel Media Server Studio may allow unprivileged users to potentially enable an escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Media Server Studio
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-3696 MEDIUM This Month

Authentication bypass in the Intel RAID Web Console 3 for Windows before 4.186 may allow an unprivileged user to potentially gain administrative privileges via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Intel Raid Web Console 3
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-3635 HIGH This Week

Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Denial Of Service Rapid Storage Technology
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2018-3621 MEDIUM This Month

Insufficient input validation in the Intel Driver & Support Assistant before 3.6.0.4 may allow an unauthenticated user to potentially enable information disclosure via adjacent access. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Driver Support Assistant
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2018-12174 HIGH This Week

Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE 2018 Update 3 may allow an authenticated user to potentially escalate privileges via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Memory Corruption Buffer Overflow Parallel Studio Xe
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-18883 HIGH PATCH This Week

An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service (NULL pointer dereference) or possibly have. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Intel Null Pointer Dereference Denial Of Service Xen
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2018-12154 MEDIUM This Month

Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Graphics Driver
NVD
CVSS 3.0
5.5
EPSS
0.5%
CVE-2018-12193 MEDIUM PATCH This Month

Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Information Disclosure Quickassist Technology
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2018-12173 HIGH This Week

Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation Denial Of Service Information Disclosure Intel +14
NVD
CVSS 3.0
7.6
EPSS
0.4%
CVE-2018-12172 MEDIUM This Month

Improper password hashing in firmware in Intel Server Board (S7200AP,S7200APR) and Intel Compute Module (HNS7200AP, HNS7200AP) may allow a privileged user to potentially disclose firmware passwords. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure S7200Ap Firmware Hns7200Ap Firmware S7200Apr Firmware +1
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2018-12161 MEDIUM This Month

Insufficient session validation in the webserver component of the Intel Rapid Web Server 3 may allow an unauthenticated user to potentially disclose information via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Raid Web Console
NVD
CVSS 3.0
6.5
EPSS
1.1%
CVE-2018-12158 MEDIUM PATCH This Month

Insufficient input validation in BIOS update utility in Intel NUC FW kits downloaded before May 24, 2018 may allow a privileged user to potentially trigger a denial of service or information. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Intel Denial Of Service Information Disclosure Next Unit Of Computing Firmware
NVD
CVSS 3.0
6.0
EPSS
0.3%
CVE-2018-12153 MEDIUM This Month

Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Graphics Driver
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-12152 HIGH This Week

Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Buffer Overflow Graphics Driver
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2018-12131 HIGH PATCH This Week

Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Intel Privilege Escalation Client Nvme Datacenter Nvme Rapid Storage Technology
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-12169 HIGH This Week

Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Intel Core I3 Core I5 Core I7 +29
NVD
CVSS 3.0
7.6
EPSS
0.6%
CVE-2018-3686 MEDIUM PATCH This Month

Code injection vulnerability in INTEL-SA-00086 Detection Tool before version 1.2.7.0 may allow a privileged user to potentially execute arbitrary code via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Code Injection RCE Intel Sa 00086 Detection Tool
NVD
CVSS 3.0
6.7
EPSS
0.4%
CVE-2018-3679 CRITICAL Act Now

Escalation of privilege in Reference UI in Intel Data Center Manager SDK 5.0 and before may allow an unauthorized remote unauthenticated user to potentially execute code via administrator privileges. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Privilege Escalation Data Center Manager
NVD
CVSS 3.0
9.6
EPSS
1.2%
CVE-2018-3669 HIGH This Week

A STOP error (BSoD) in the ibtfltcoex.sys driver for Intel Centrino Wireless N and Intel Centrino Advanced N adapters may allow an unauthenticated user to potentially send a malformed L2CAP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Centrino Firmware
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2018-3659 MEDIUM This Month

A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may allow an unauthenticated user to potentially disclose information via. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Converged Security Management Engine Firmware Trusted Execution Engine Firmware
NVD
CVSS 3.0
6.8
EPSS
0.4%
CVE-2018-3658 MEDIUM PATCH This Month

Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Intel Denial Of Service Simatic Field Pg M5 Firmware Simatic Ipc427E Firmware Simatic Ipc477E Firmware +11
NVD
CVSS 3.1
5.3
EPSS
3.3%
CVE-2018-3657 MEDIUM PATCH This Month

Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Intel RCE Buffer Overflow Simatic Field Pg M5 Firmware Simatic Ipc427E Firmware +12
NVD
CVSS 3.1
6.7
EPSS
0.6%
CVE-2018-3655 HIGH PATCH This Week

A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity.

Intel Information Disclosure Converged Security Management Engine Firmware Server Platform Services Firmware Trusted Execution Engine Firmware
NVD
CVSS 3.0
7.3
EPSS
0.4%
CVE-2018-3643 HIGH PATCH This Week

A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Intel RCE Converged Security Management Engine Firmware Server Platform Services Firmware
NVD
CVSS 3.0
8.2
EPSS
0.5%
CVE-2018-3616 MEDIUM PATCH This Month

Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Intel Information Disclosure Converged Security Management Engine Firmware Active Management Technology Firmware Manageability Engine Firmware +11
NVD
CVSS 3.1
5.9
EPSS
2.4%
CVE-2018-12176 HIGH This Week

Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Denial Of Service Information Disclosure Intel +3
NVD
CVSS 3.0
8.2
EPSS
0.4%
CVE-2018-12175 HIGH This Week

Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Python Distribution For Python
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-12171 CRITICAL Act Now

Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Privilege Escalation RCE Denial Of Service Bmc Firmware
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2018-12168 HIGH This Week

Privilege escalation in file permissions in Intel Computing Improvement Program before version 2.2.0.03942 may allow an authenticated user to potentially execute code as administrator via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Computing Improvement Program
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-12163 MEDIUM This Month

A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Iot Developers Kit
NVD
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-12162 HIGH This Week

Directory permissions in the Intel OpenVINO Toolkit for Windows before version 2018.1.265 may allow an authenticated user to potentially execute code using default directory permissions via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Microsoft Information Disclosure Openvino Toolkit
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-12160 MEDIUM This Month

DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Data Migration Software
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2018-12151 MEDIUM PATCH This Month

Buffer overflow in installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially cause a buffer overflow potentially leading to a denial of service via. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Denial Of Service Buffer Overflow Extreme Tuning Utility
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2018-12150 MEDIUM PATCH This Month

Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially execute code or disclose information as administrator via local. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Intel Privilege Escalation Buffer Overflow Extreme Tuning Utility
NVD
CVSS 3.0
6.7
EPSS
0.4%
CVE-2018-12149 MEDIUM PATCH This Month

Buffer overflow in input handling in Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially deny service to the application via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Buffer Overflow Extreme Tuning Utility
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2018-12148 HIGH This Week

Privilege escalation in file permissions in Intel Driver and Support Assistant before 3.5.0.1 may allow an authenticated user to potentially execute code as administrator via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Driver Support Assistant
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-15468 MEDIUM This Month

An issue was discovered in Xen through 4.11.x. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Intel Xen
NVD
CVSS 3.0
6.0
EPSS
0.3%
CVE-2018-3615 HIGH This Week

Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Intel Core I3 Core I5 Core I7 +27
NVD VulDB
CVSS 3.1
7.3
EPSS
1.7%
CVE-2018-3672 HIGH This Week

Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a system calls. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Intel Smart Sound Technology
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2018-3671 MEDIUM This Month

Escalation of privilege in Intel Saffron admin application before 11.4 allows an authenticated user to access unauthorized information. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Saffron Memorybase
NVD
CVSS 3.0
5.7
EPSS
0.4%
CVE-2018-3670 HIGH This Week

Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a buffer overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Buffer Overflow Intel Smart Sound Technology
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2018-3666 HIGH This Week

Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a non-paged pool overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Intel Smart Sound Technology
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2018-3663 MEDIUM This Month

Escalation of privilege in Intel Saffron MemoryBase before 11.4 allows an authenticated user access to privileged information. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Saffron Memorybase
NVD
CVSS 3.0
5.7
EPSS
0.4%
CVE-2018-3662 HIGH This Week

Escalation of privilege in Intel Saffron MemoryBase before version 11.4 potentially allows an authorized user of the Saffron application to execute arbitrary code as root. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation RCE Saffron Memorybase
NVD
CVSS 3.0
8.0
EPSS
0.7%
CVE-2018-3650 HIGH This Week

Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Authentication Bypass Python Distribution For Python
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-3688 HIGH This Week

Unquoted service paths in Intel Quartus Prime Programmer and Tools in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Quartus Prime Programmer And Tools
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-3687 HIGH This Week

Unquoted service paths in Intel Quartus II Programmer and Tools in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Quartus Ii Programmer And Tools
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-3684 HIGH This Week

Unquoted service paths in Intel Quartus II in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Quartus Ii
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-3683 HIGH This Week

Unquoted service paths in Intel Quartus Prime in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Quartus Prime
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-3682 HIGH This Week

BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Bmc Firmware
NVD
CVSS 3.0
8.2
EPSS
0.3%
CVE-2018-3668 HIGH This Week

Unquoted service paths in Intel Processor Diagnostic Tool (IPDT) before version 4.1.0.27 allows a local attacker to potentially execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Processor Diagnostic Tool
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-3667 HIGH This Week

Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed files incorrectly, allowing for execution of arbitrary code and potential privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation RCE Processor Diagnostic Tool
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-3652 HIGH This Week

Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Xeon E3 Xeon E3 1220 V5 Xeon E3 1220 V6 +31
NVD
CVSS 3.1
7.6
EPSS
0.4%
CVE-2018-3632 MEDIUM This Month

Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x / 9.x / 10.x / 11.0 / 11.5 / 11.6 / 11.7 / 11.10 / 11.20 could be. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Intel Memory Corruption Buffer Overflow Active Management Technology Firmware
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2018-3629 MEDIUM This Month

Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Denial Of Service Buffer Overflow Active Management Technology Firmware
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2018-3628 HIGH This Week

Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel RCE Buffer Overflow Active Management Technology Firmware
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2018-3627 HIGH This Week

Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Converged Security Management Engine Firmware Element Software Management Node
NVD
CVSS 3.1
8.2
EPSS
0.5%
CVE-2018-3619 MEDIUM This Month

Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Core I7 Core I5 Core I3 +14
NVD
CVSS 3.0
4.6
EPSS
0.2%
CVE-2018-3665 MEDIUM This Month

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a. Rated medium severity (CVSS 5.6). No vendor patch available.

Intel Information Disclosure Core I3 Core I5 Core I7 +11
NVD
CVSS 3.1
5.6
EPSS
0.6%
CVE-2018-4141 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Apple Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.9%
CVE-2018-3691 MEDIUM This Month

Some implementations in Intel Integrated Performance Primitives Cryptography Library before version 2018 U3.1 do not properly ensure constant execution time. Rated medium severity (CVSS 4.7). No vendor patch available.

Intel Information Disclosure Integrated Performance Primitives Cryptography
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2018-3661 MEDIUM This Month

Buffer overflow in Intel system Configuration utilities selview.exe and syscfg.exe before version 14 build 11 allows a local user to crash these services potentially resulting in a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Buffer Overflow Syscfg Selview
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2018-3634 MEDIUM This Month

Parameter corruption in NDIS filter driver in Intel Online Connect Access 1.9.22.0 allows an attacker to cause a denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Online Connect Access
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2018-3611 MEDIUM This Month

Bounds check vulnerability in User Mode Driver in Intel Graphics Driver 15.40.x.4 and 21.20.x.x allows unprivileged user to cause a denial of service via local access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Denial Of Service Graphics Driver
NVD
CVSS 3.0
6.5
EPSS
1.6%
CVE-2018-3649 HIGH This Week

DLL injection vulnerability in the installation executables (Autorun.exe and Setup.exe) for Intel's wireless drivers and related software in Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation RCE Dual Band Wireless Ac 3160 Dual Band Wireless Ac 7260 +16
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2018-3612 HIGH This Week

Intel NUC kits with insufficient input validation in system firmware, potentially allows a local attacker to elevate privileges to System Management Mode (SMM). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Bios Ayaplcel 86A Bnkbl357 86A +15
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-8897 HIGH POC PATCH THREAT Act Now

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Privilege Escalation Linux Race Condition Intel +12
NVD GitHub Exploit-DB
CVSS 3.0
7.8
EPSS
18.7%
CVE-2018-3624 HIGH This Week

Buffer overflow in ETWS processing module Intel XMM71xx, XMM72xx, XMM73xx, XMM74xx and Sofia 3G/R allows remote attacker to potentially execute arbitrary code via an adjacent network. Rated high severity (CVSS 8.3), this vulnerability is no authentication required. No vendor patch available.

Intel RCE Buffer Overflow 2G Modem Firmware
NVD
CVSS 3.0
8.3
EPSS
1.3%
CVE-2018-3645 HIGH This Week

Escalation of privilege in all versions of the Intel Remote Keyboard allows a local attacker to inject keystrokes into another remote keyboard session. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Remote Keyboard Mobile App
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-3641 CRITICAL Act Now

Escalation of privilege in all versions of the Intel Remote Keyboard allows a network attacker to inject keystrokes as a local user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Privilege Escalation Remote Keyboard Mobile App
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2018-3638 HIGH This Week

Escalation of privilege in all versions of the Intel Remote Keyboard allows an authorized local attacker to execute arbitrary code as a privileged user. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation RCE Remote Keyboard Mobile App
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-3689 MEDIUM This Month

AESM daemon in Intel Software Guard Extensions Platform Software Component for Linux before 2.1.102 can effectively be disabled by a local attacker creating a denial of services like remote. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Software Guard Extensions
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2018-4132 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Intel Apple +1
NVD
CVSS 3.0
7.8
EPSS
1.3%
CVE-2018-3626 MEDIUM This Month

Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9.6 (Windows) may generate code that is susceptible to a side channel potentially allowing a local user to access unauthorized. Rated medium severity (CVSS 4.7). No vendor patch available.

Intel Microsoft Information Disclosure Sgx Sdk
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2018-3610 MEDIUM This Month

SEMA driver in Intel Driver and Support Assistant before version 3.1.1 allows a local attacker the ability to read and writing to Memory Status registers potentially allowing information disclosure. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Denial Of Service Buffer Overflow Driver Support Assistant
NVD
CVSS 3.0
6.0
EPSS
0.3%
CVE-2017-7163 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Intel Apple +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-7155 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Intel Apple +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-13883 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Intel Apple +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
EPSS 0% CVSS 7.8
HIGH This Week

Insufficient path checking in Intel(R) System Support Utility for Windows before 2.5.0.15 may allow an authenticated user to potentially enable an escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Intel +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper directory permissions in the installer for the Intel(R) System Defense Utility (all versions) may allow authenticated users to potentially enable a denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service System Defense Utility
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper directory permissions in the installer for the Intel Parallel Studio before 2019 Gold may allow authenticated users to potentially enable an escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Parallel Studio +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Solid State Drive Toolbox
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper memory handling in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Buffer Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Vtune Amplifier
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper configuration of hardware access in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Buffer Overflow +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Xen through 4.11.x on Intel x86 platforms allowing guest OS users to cause a denial of service (host OS hang) because Xen does not work around Intel's mishandling of. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Intel Denial Of Service Xen +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Integrated Performance Primitives
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Lenovo Intel Privilege Escalation +27
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross-site scripting in the Intel RAID Web Console v3 for Windows may allow an unauthenticated user to elevate privilege via remote access. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Microsoft XSS +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper file permissions in the installer for the Intel Ready Mode Technology may allow an unprivileged user to potentially gain privileged access via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Ready Mode Technology
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper directory permissions in the installer for the Intel Media Server Studio may allow unprivileged users to potentially enable an escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Media Server Studio
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Authentication bypass in the Intel RAID Web Console 3 for Windows before 4.186 may allow an unprivileged user to potentially gain administrative privileges via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Intel +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Denial Of Service +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Insufficient input validation in the Intel Driver & Support Assistant before 3.6.0.4 may allow an unauthenticated user to potentially enable information disclosure via adjacent access. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Driver Support Assistant
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE 2018 Update 3 may allow an authenticated user to potentially escalate privileges via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Memory Corruption Buffer Overflow +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service (NULL pointer dereference) or possibly have. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Intel Null Pointer Dereference Denial Of Service +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Graphics Driver
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Information Disclosure Quickassist Technology
NVD
EPSS 0% CVSS 7.6
HIGH This Week

Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation Denial Of Service +16
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper password hashing in firmware in Intel Server Board (S7200AP,S7200APR) and Intel Compute Module (HNS7200AP, HNS7200AP) may allow a privileged user to potentially disclose firmware passwords. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure S7200Ap Firmware +3
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Insufficient session validation in the webserver component of the Intel Rapid Web Server 3 may allow an unauthenticated user to potentially disclose information via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Raid Web Console
NVD
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

Insufficient input validation in BIOS update utility in Intel NUC FW kits downloaded before May 24, 2018 may allow a privileged user to potentially trigger a denial of service or information. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Intel Denial Of Service Information Disclosure +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Graphics Driver
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Buffer Overflow Graphics Driver
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Intel Privilege Escalation Client Nvme +2
NVD
EPSS 1% CVSS 7.6
HIGH This Week

Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Intel Core I3 +31
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Code injection vulnerability in INTEL-SA-00086 Detection Tool before version 1.2.7.0 may allow a privileged user to potentially execute arbitrary code via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Code Injection RCE Intel +1
NVD
EPSS 1% CVSS 9.6
CRITICAL Act Now

Escalation of privilege in Reference UI in Intel Data Center Manager SDK 5.0 and before may allow an unauthorized remote unauthenticated user to potentially execute code via administrator privileges. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Privilege Escalation Data Center Manager
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A STOP error (BSoD) in the ibtfltcoex.sys driver for Intel Centrino Wireless N and Intel Centrino Advanced N adapters may allow an unauthenticated user to potentially send a malformed L2CAP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Centrino Firmware
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may allow an unauthenticated user to potentially disclose information via. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Converged Security Management Engine Firmware +1
NVD
EPSS 3% CVSS 5.3
MEDIUM PATCH This Month

Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Intel Denial Of Service Simatic Field Pg M5 Firmware +13
NVD
EPSS 1% CVSS 6.7
MEDIUM PATCH This Month

Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Intel RCE Buffer Overflow +14
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity.

Intel Information Disclosure Converged Security Management Engine Firmware +2
NVD
EPSS 1% CVSS 8.2
HIGH PATCH This Week

A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Intel RCE Converged Security Management Engine Firmware +1
NVD
EPSS 2% CVSS 5.9
MEDIUM PATCH This Month

Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Intel Information Disclosure Converged Security Management Engine Firmware +13
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Denial Of Service +5
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Python +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Privilege Escalation RCE +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Privilege escalation in file permissions in Intel Computing Improvement Program before version 2.2.0.03942 may allow an authenticated user to potentially execute code as administrator via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Computing Improvement Program
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Iot Developers Kit
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Directory permissions in the Intel OpenVINO Toolkit for Windows before version 2018.1.265 may allow an authenticated user to potentially execute code using default directory permissions via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Microsoft Information Disclosure +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Data Migration Software
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Buffer overflow in installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially cause a buffer overflow potentially leading to a denial of service via. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Denial Of Service Buffer Overflow +1
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially execute code or disclose information as administrator via local. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Intel Privilege Escalation Buffer Overflow +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Buffer overflow in input handling in Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially deny service to the application via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Buffer Overflow Extreme Tuning Utility
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Privilege escalation in file permissions in Intel Driver and Support Assistant before 3.5.0.1 may allow an authenticated user to potentially execute code as administrator via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Driver Support Assistant
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

An issue was discovered in Xen through 4.11.x. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Intel +1
NVD
EPSS 2% CVSS 7.3
HIGH This Week

Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Intel Core I3 +29
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a system calls. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Intel Smart Sound Technology
NVD
EPSS 0% CVSS 5.7
MEDIUM This Month

Escalation of privilege in Intel Saffron admin application before 11.4 allows an authenticated user to access unauthorized information. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Saffron Memorybase
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a buffer overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Buffer Overflow +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a non-paged pool overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Intel Smart Sound Technology
NVD
EPSS 0% CVSS 5.7
MEDIUM This Month

Escalation of privilege in Intel Saffron MemoryBase before 11.4 allows an authenticated user access to privileged information. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Saffron Memorybase
NVD
EPSS 1% CVSS 8.0
HIGH This Week

Escalation of privilege in Intel Saffron MemoryBase before version 11.4 potentially allows an authorized user of the Saffron application to execute arbitrary code as root. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Authentication Bypass Python +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Unquoted service paths in Intel Quartus Prime Programmer and Tools in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Quartus Prime Programmer And Tools
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Unquoted service paths in Intel Quartus II Programmer and Tools in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Quartus Ii Programmer And Tools
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Unquoted service paths in Intel Quartus II in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Quartus Ii
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Unquoted service paths in Intel Quartus Prime in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Quartus Prime
NVD
EPSS 0% CVSS 8.2
HIGH This Week

BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Bmc Firmware
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Unquoted service paths in Intel Processor Diagnostic Tool (IPDT) before version 4.1.0.27 allows a local attacker to potentially execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Processor Diagnostic Tool
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed files incorrectly, allowing for execution of arbitrary code and potential privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation RCE +1
NVD
EPSS 0% CVSS 7.6
HIGH This Week

Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Xeon E3 +33
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x / 9.x / 10.x / 11.0 / 11.5 / 11.6 / 11.7 / 11.10 / 11.20 could be. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Intel Memory Corruption Buffer Overflow +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Denial Of Service Buffer Overflow +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel RCE Buffer Overflow +1
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Intel RCE Converged Security Management Engine Firmware +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Core I7 +16
NVD
EPSS 1% CVSS 5.6
MEDIUM This Month

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a. Rated medium severity (CVSS 5.6). No vendor patch available.

Intel Information Disclosure Core I3 +13
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Apple +1
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

Some implementations in Intel Integrated Performance Primitives Cryptography Library before version 2018 U3.1 do not properly ensure constant execution time. Rated medium severity (CVSS 4.7). No vendor patch available.

Intel Information Disclosure Integrated Performance Primitives Cryptography
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Buffer overflow in Intel system Configuration utilities selview.exe and syscfg.exe before version 14 build 11 allows a local user to crash these services potentially resulting in a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Buffer Overflow +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Parameter corruption in NDIS filter driver in Intel Online Connect Access 1.9.22.0 allows an attacker to cause a denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Online Connect Access
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Bounds check vulnerability in User Mode Driver in Intel Graphics Driver 15.40.x.4 and 21.20.x.x allows unprivileged user to cause a denial of service via local access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Denial Of Service Graphics Driver
NVD
EPSS 1% CVSS 7.8
HIGH This Week

DLL injection vulnerability in the installation executables (Autorun.exe and Setup.exe) for Intel's wireless drivers and related software in Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation RCE +18
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Intel NUC kits with insufficient input validation in system firmware, potentially allows a local attacker to elevate privileges to System Management Mode (SMM). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Bios +17
NVD
EPSS 19% CVSS 7.8
HIGH POC PATCH THREAT Act Now

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Privilege Escalation Linux +14
NVD GitHub Exploit-DB
EPSS 1% CVSS 8.3
HIGH This Week

Buffer overflow in ETWS processing module Intel XMM71xx, XMM72xx, XMM73xx, XMM74xx and Sofia 3G/R allows remote attacker to potentially execute arbitrary code via an adjacent network. Rated high severity (CVSS 8.3), this vulnerability is no authentication required. No vendor patch available.

Intel RCE Buffer Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Escalation of privilege in all versions of the Intel Remote Keyboard allows a local attacker to inject keystrokes into another remote keyboard session. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Remote Keyboard Mobile App
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Escalation of privilege in all versions of the Intel Remote Keyboard allows a network attacker to inject keystrokes as a local user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Privilege Escalation Remote Keyboard Mobile App
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Escalation of privilege in all versions of the Intel Remote Keyboard allows an authorized local attacker to execute arbitrary code as a privileged user. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation RCE +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

AESM daemon in Intel Software Guard Extensions Platform Software Component for Linux before 2.1.102 can effectively be disabled by a local attacker creating a denial of services like remote. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Software Guard Extensions
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service +3
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9.6 (Windows) may generate code that is susceptible to a side channel potentially allowing a local user to access unauthorized. Rated medium severity (CVSS 4.7). No vendor patch available.

Intel Microsoft Information Disclosure +1
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

SEMA driver in Intel Driver and Support Assistant before version 3.1.1 allows a local attacker the ability to read and writing to Memory Status registers potentially allowing information disclosure. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Denial Of Service +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE +3
NVD
Prev Page 17 of 19 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy