Skip to main content

Intel

1699 CVEs vendor

Monthly

CVE-2017-13878 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Information Disclosure Intel Apple +1
NVD Exploit-DB
CVSS 3.0
7.1
EPSS
0.1%
CVE-2017-13875 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow RCE Information Disclosure Intel +2
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.3%
CVE-2017-5717 HIGH POC This Week

Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Intel Information Disclosure Graphics Driver
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-3738 MEDIUM PATCH This Month

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.5%.

Intel OpenSSL Information Disclosure Debian Linux Node Js
NVD GitHub
CVSS 3.1
5.9
EPSS
15.5%
CVE-2017-5729 HIGH This Week

Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and Tri-Band Wireless-AC Products allows remote attacker to replay frames via channel-based man-in-the-middle. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Intel Information Disclosure Dual Band Wireless Ac 3160 Dual Band Wireless Ac 7260 Dual Band Wireless N 7260 +13
NVD
CVSS 3.1
7.4
EPSS
0.7%
CVE-2017-5719 CRITICAL Act Now

A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows a network attacker to remotely execute code as a local user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Deep Learning Training Tool
NVD
CVSS 3.0
9.8
EPSS
0.9%
CVE-2017-5712 HIGH This Week

Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Intel Manageability Engine Firmware Active Management Technology Firmware +196
NVD
CVSS 3.1
7.2
EPSS
2.5%
CVE-2017-5711 HIGH This Week

Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Intel Manageability Engine Firmware Active Management Technology Firmware +196
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2017-5710 HIGH This Week

Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Authentication Bypass Trusted Execution Engine Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-5709 HIGH PATCH This Week

Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unauthorized process to access privileged content via unspecified vector. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Authentication Bypass Server Platform Services Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-5708 HIGH This Week

Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow unauthorized process to access privileged content via unspecified vector. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Authentication Bypass Manageability Engine Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-5707 HIGH This Week

Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Intel Trusted Execution Engine Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-5706 HIGH PATCH This Week

Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Intel Server Platform Services Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-5705 HIGH This Week

Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Intel Manageability Engine Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-5738 CRITICAL PATCH Act Now

Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1.41.18 and 3.1.45.26 allows an attacker with network access to cause a denial of service and/or. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Denial Of Service Intel Privilege Escalation Information Disclosure Unite
NVD
CVSS 3.0
9.1
EPSS
0.5%
CVE-2017-3736 MEDIUM PATCH This Month

There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Intel Amd OpenSSL Information Disclosure
NVD GitHub
CVSS 3.0
6.5
EPSS
8.5%
CVE-2017-5722 HIGH PATCH This Week

Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass. Rated high severity (CVSS 7.5). This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Intel Privilege Escalation Nuc7I7Bnh Firmware Nuc7I5Bnh Firmware Nuc7I5Bnk Firmware +2
NVD
CVSS 3.0
7.5
EPSS
0.0%
CVE-2017-5721 HIGH PATCH This Week

Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via. Rated high severity (CVSS 7.5).

RCE Intel Nuc7I7Bnh Firmware Nuc7I5Bnh Firmware Nuc7I5Bnk Firmware +2
NVD
CVSS 3.0
7.5
EPSS
4.0%
CVE-2017-5701 HIGH PATCH This Week

Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary. Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

RCE Intel Nuc7I7Bnh Firmware Nuc7I5Bnh Firmware Nuc7I5Bnk Firmware +2
NVD
CVSS 3.0
7.1
EPSS
0.1%
CVE-2017-5700 HIGH PATCH This Week

Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Intel Authentication Bypass Nuc7I7Bnh Firmware Nuc7I5Bnh Firmware Nuc7I5Bnk Firmware +2
NVD
CVSS 3.0
8.4
EPSS
0.1%
CVE-2017-5698 MEDIUM This Month

Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology firmware versions 11.0.25.3001 and 11.0.26.3000 anti-rollback will not prevent upgrading to. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Active Management Technology Firmware Manageability Engine Firmware Small Business Technology Firmware
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2015-2291 HIGH POC KEV PATCH THREAT Act Now

Local privilege escalation to SYSTEM in Intel Ethernet diagnostics driver (IQVW32.sys/IQVW64.sys versions before 1.3.1.0) allows authenticated Windows users to execute arbitrary code with kernel privileges via crafted IOCTL calls to device driver interfaces. CISA confirms active exploitation in the wild (KEV-listed). Multiple public proof-of-concept exploits demonstrate exploitability across four IOCTL handlers (0x80862013, 0x8086200B, 0x8086200F, 0x80862007). With 4.99% EPSS probability (90th percentile) and confirmed real-world abuse, this represents a critical risk for systems with Intel network adapters where the diagnostic driver remains installed and unpatched.

Denial Of Service Microsoft Intel RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
5.0%
Threat
6.7
CVE-2017-5695 MEDIUM This Month

Data corruption vulnerability in firmware in Intel Solid-State Drive Consumer, Professional, Embedded, Data Center affected firmware versions LSBG200, LSF031C, LSF036C, LBF010C, LSBG100, LSF031C,. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Ssd 540S 2 5 Firmware Ssd 540S Series M 2 Firmware Ssd Pro 5400S 2 5 Firmware +4
NVD
CVSS 3.0
4.6
EPSS
0.0%
CVE-2017-5694 MEDIUM This Month

Data corruption vulnerability in firmware in Intel Solid-State Drive Professional PSF104P, PSF109P allows local users to cause a denial of service via unspecified vectors. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Ssd Pro 6000P Firmware
NVD
CVSS 3.0
4.6
EPSS
0.0%
CVE-2017-5691 CRITICAL Act Now

Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Information Disclosure Nuc7I3Bnk Bios Nuc7I5Bnk Bios Nuc7I7Bnh Bios +19
NVD
CVSS 3.0
9.0
EPSS
0.4%
CVE-2017-7045 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Apple Authentication Bypass Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-7044 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Intel Apple +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-7036 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Intel Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-7035 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Intel Apple +1
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-7017 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Intel Apple +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-7014 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Intel Apple +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-5697 MEDIUM This Month

Insufficient clickjacking protection in the Web User Interface of Intel AMT firmware versions before 9.1.40.1000, 9.5.60.1952, 10.0.50.1004, 11.0.0.1205, and 11.6.25.1129 potentially allowing a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Intel Active Management Technology Firmware
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2017-5688 MEDIUM This Month

There is an escalation of privilege vulnerability in the Intel Solid State Drive Toolbox versions before 3.4.5 which allow a local administrative attacker to load and execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Intel Privilege Escalation Solid State Drive Toolbox
NVD
CVSS 3.0
6.7
EPSS
0.1%
CVE-2017-2503 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Intel Apple +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-5689 CRITICAL POC KEV PATCH THREAT Act Now

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Privilege Escalation Intel
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
94.2%
Threat
7.8
CVE-2017-5683 HIGH PATCH This Week

Privilege escalation in IntelHAXM.sys driver in the Intel Hardware Accelerated Execution Manager before version 6.0.6 allows a local user to gain system level access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Privilege Escalation Hardware Accelerated Execution Manager
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-5686 LOW Monitor

The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version SY0059 may allow may allow an attacker with physical access to the system to gain access to personal information. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Nuc6I3Syh Bios Nuc6I3Syk Bios
NVD
CVSS 3.0
3.9
EPSS
0.1%
CVE-2017-5685 LOW Monitor

The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Nuc6I7Kyk Bios
NVD
CVSS 3.0
3.9
EPSS
0.1%
CVE-2017-5684 LOW Monitor

The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Stk2Mv64Cc Bios
NVD
CVSS 3.0
3.9
EPSS
0.0%
CVE-2017-2489 MEDIUM POC This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Intel Apple Information Disclosure Mac Os X
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
1.7%
CVE-2017-2443 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow RCE Intel Apple +1
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.4%
CVE-2016-8032 HIGH PATCH This Week

Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local attackers to bypass local security protection via a crafted input file. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Intel Authentication Bypass Anti Malware Scan Engine
NVD
CVSS 3.0
7.3
EPSS
0.1%
CVE-2016-8031 HIGH PATCH This Week

Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local users to bypass local security protection via a crafted input file. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Intel Privilege Escalation Anti Malware Scan Engine
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2014-9939 CRITICAL PATCH Act Now

ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Intel Binutils
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-3899 MEDIUM This Month

SQL injection vulnerability in Intel Security Advanced Threat Defense (ATD) Linux 3.6.0 and earlier allows remote authenticated users to obtain product information via a crafted HTTP request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel SQLi Advanced Threat Defense
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2016-8027 CRITICAL Act Now

SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier allows attackers to alter a SQL query, which can result in. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.6% and no vendor patch available.

Intel SQLi Epolicy Orchestrator
NVD
CVSS 3.0
10.0
EPSS
12.6%
CVE-2016-8026 HIGH This Week

Arbitrary command execution vulnerability in Intel Security McAfee Security Scan Plus (SSP) 3.11.469 and earlier allows authenticated users to gain elevated privileges via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Security Scan Plus
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-8025 MEDIUM POC This Month

SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request. Rated medium severity (CVSS 6.2), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Intel SQLi Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
6.2
EPSS
1.8%
CVE-2016-8024 HIGH POC This Week

Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Intel Information Disclosure Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
8.1
EPSS
9.2%
CVE-2016-8023 HIGH POC THREAT Act Now

Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 11.3%.

Intel Authentication Bypass Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
8.1
EPSS
11.3%
CVE-2016-8022 HIGH POC This Week

Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service RCE Intel Authentication Bypass Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
8.6%
CVE-2016-8021 MEDIUM POC This Month

Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Intel Jwt Attack Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
2.8%
CVE-2016-8020 HIGH POC This Week

Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Intel Code Injection Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
8.0
EPSS
2.9%
CVE-2016-8019 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Intel Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
1.3%
CVE-2016-8018 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Intel CSRF Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
0.4%
CVE-2016-8017 MEDIUM POC THREAT This Month

Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 14.3%.

Intel Code Injection Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
4.1
EPSS
14.3%
CVE-2016-8016 LOW POC Monitor

Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a. Rated low severity (CVSS 3.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Intel Information Disclosure Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
3.4
EPSS
9.8%
CVE-2016-8012 HIGH This Week

Access control vulnerability in Intel Security Data Loss Prevention Endpoint (DLPe) 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute permissions to inject hook DLLs into other. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Data Loss Prevention Endpoint
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-8011 MEDIUM PATCH This Month

Cross-site scripting vulnerability in Intel Security McAfee Endpoint Security (ENS) Web Control before 10.2.0.408.10 allows attackers to inject arbitrary web script or HTML via a crafted web site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Intel Endpoint Security Web Control
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2016-8010 HIGH This Week

Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Authentication Bypass Application Control Endpoint Security
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-8009 HIGH This Week

Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Intel Privilege Escalation Application Control
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-8005 MEDIUM This Month

File extension filtering vulnerability in Intel Security McAfee Email Gateway (MEG) before 7.6.404h1128596 allows attackers to fail to identify the file name properly via scanning an email with a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Privilege Escalation Email Gateway
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2015-8993 HIGH This Week

Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted. Rated high severity (CVSS 7.0). No vendor patch available.

Intel Privilege Escalation Security Webadvisor Cloud Av Security Scan Plus
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2015-8992 HIGH This Week

Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically. Rated high severity (CVSS 7.0). No vendor patch available.

Intel Privilege Escalation Security Webadvisor Cloud Av Security Scan Plus
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2015-8991 HIGH This Week

Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting. Rated high severity (CVSS 7.0). No vendor patch available.

Intel Privilege Escalation Security Webadvisor Cloud Av Security Scan Plus
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2015-8990 HIGH This Week

Detection bypass vulnerability in Intel Security Advanced Threat Defense (ATD) 3.4.6 and earlier allows malware samples to bypass ATD detection via renaming the malware. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Authentication Bypass Advanced Threat Defense
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2015-8989 HIGH This Week

Unsalted password vulnerability in the Enterprise Manager (web portal) component in Intel Security McAfee Vulnerability Manager (MVM) 7.5.8 and earlier allows attackers to more easily decrypt user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Information Disclosure Vulnerability Manager
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2015-8988 HIGH PATCH This Week

Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Intel Command Injection Epo Deep Command
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2015-8987 MEDIUM PATCH This Month

Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Intel Authentication Bypass Agent
NVD
CVSS 3.0
5.3
EPSS
0.1%
CVE-2015-8986 MEDIUM This Month

Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment,. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Authentication Bypass Advanced Threat Defense
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2014-9921 CRITICAL Act Now

Information disclosure vulnerability in McAfee (now Intel Security) Cloud Analysis and Deconstructive Services (CADS) 1.0.0.3x, 1.0.0.4d and earlier allows remote unauthenticated users to view, add,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Privilege Escalation Information Disclosure Cloud Analysis And Deconstructive Services
NVD
CVSS 3.0
9.8
EPSS
1.2%
CVE-2014-9920 MEDIUM This Month

Unauthorized execution of binary vulnerability in McAfee (now Intel Security) McAfee Application Control (MAC) 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Intel Microsoft Authentication Bypass Application Control
NVD
CVSS 3.0
5.9
EPSS
0.4%
CVE-2013-7462 HIGH This Week

A directory traversal vulnerability in the web application in McAfee (now Intel Security) SaaS Control Console (SCC) Platform 6.14 before patch 1070, and 6.15 before patch 1076 allows unauthenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Intel Saas Control Console Platform
NVD
CVSS 3.0
7.5
EPSS
2.3%
CVE-2013-7461 MEDIUM PATCH This Month

A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Authentication Bypass Application Control Change Control
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2013-7460 MEDIUM PATCH This Month

A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Authentication Bypass Application Control Change Control
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-5681 HIGH PATCH This Week

The RSA-CRT implementation in the Intel QuickAssist Technology (QAT) Engine for OpenSSL versions prior to 0.5.19 may allow remote attackers to obtain private RSA keys by conducting a Lenstra. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Intel OpenSSL Information Disclosure Quickassist Technology Engine
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-5682 HIGH This Week

Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector,. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Advisor Cryptography For Intel Integrated Performance Primitives Data Analytics Acceleration Library +9
NVD
CVSS 3.0
7.3
EPSS
0.1%
CVE-2016-8105 MEDIUM This Month

Drivers for the Intel Ethernet Controller X710 and Intel Ethernet Controller XL710 families before version 22.0 are vulnerable to a denial of service in certain layer 2 network configurations. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel X710 Series Driver Xl710 Series Driver
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-5925 HIGH POC This Week

Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Intel Information Disclosure A64 Athlon Ii 640 X4 E 350 +17
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2016-7602 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Intel Apple +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-7582 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Intel Apple +2
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-3902 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Intel Java Epolicy Orchestrator
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-3896 MEDIUM This Month

Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Intel Information Disclosure Mcafee Agent
NVD
CVSS 3.0
5.9
EPSS
0.9%
CVE-2016-8106 MEDIUM PATCH This Month

A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Intel Denial Of Service Ethernet Controller X710 Firmware Ethernet Controller Xl710 Firmware Ethernet 10Gb 2 Port 562Flr Sfp +25
NVD
CVSS 3.0
5.9
EPSS
2.6%
CVE-2016-8006 MEDIUM This Month

Authentication bypass vulnerability in Enterprise Security Manager (ESM) and License Manager (LM) in Intel Security McAfee Security Information and Event Management (SIEM) 9.6.0 MR3 allows an. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Authentication Bypass Security Information And Event Management
NVD
CVSS 3.0
4.4
EPSS
0.1%
CVE-2016-5647 HIGH POC PATCH This Week

The igdkmd64 module in the Intel Graphics Driver through 15.33.42.435, 15.36.x through 15.36.30.4385, and 15.40.x through 15.40.4404 on Windows allows local users to cause a denial of service (crash). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Intel Privilege Escalation Denial Of Service Microsoft Graphics Driver
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-8104 MEDIUM PATCH This Month

Buffer overflow in Intel PROSet/Wireless Software and Drivers in versions before 19.20.3 allows a local user to crash iframewrk.exe causing a potential denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Buffer Overflow Proset Wireless Software And Drivers
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2016-8103 MEDIUM This Month

SMM call out in all Intel Branded NUC Kits allows a local privileged user to access the System Management Mode and take full control of the platform. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation City Bios Canyon Bios Swift Canyon Bios +1
NVD
CVSS 3.0
6.7
EPSS
0.0%
CVE-2016-8102 HIGH This Week

Unquoted service path vulnerability in Intel Wireless Bluetooth Drivers 16.x, 17.x, and before 18.1.1607.3129 allows local users to launch processes with elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Wireless Bluetooth Drivers
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-8224 MEDIUM This Month

A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Denial Of Service Lenovo Bios +28
NVD
CVSS 3.0
4.4
EPSS
0.0%
EPSS 0% CVSS 7.1
HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Information Disclosure +3
NVD Exploit-DB
EPSS 1% CVSS 7.8
HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow RCE +4
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Intel Information Disclosure Graphics Driver
NVD Exploit-DB
EPSS 16% CVSS 5.9
MEDIUM PATCH This Month

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.5%.

Intel OpenSSL Information Disclosure +2
NVD GitHub
EPSS 1% CVSS 7.4
HIGH This Week

Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and Tri-Band Wireless-AC Products allows remote attacker to replay frames via channel-based man-in-the-middle. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Intel Information Disclosure Dual Band Wireless Ac 3160 +15
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows a network attacker to remotely execute code as a local user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Deep Learning Training Tool
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Intel +198
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Intel +198
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Authentication Bypass Trusted Execution Engine Firmware
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unauthorized process to access privileged content via unspecified vector. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Authentication Bypass Server Platform Services Firmware
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow unauthorized process to access privileged content via unspecified vector. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Authentication Bypass Manageability Engine Firmware
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Intel +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Intel +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Intel +1
NVD
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1.41.18 and 3.1.45.26 allows an attacker with network access to cause a denial of service and/or. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Denial Of Service Intel Privilege Escalation +2
NVD
EPSS 8% CVSS 6.5
MEDIUM PATCH This Month

There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Intel Amd OpenSSL +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass. Rated high severity (CVSS 7.5). This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Intel Privilege Escalation Nuc7I7Bnh Firmware +4
NVD
EPSS 4% CVSS 7.5
HIGH PATCH This Week

Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via. Rated high severity (CVSS 7.5).

RCE Intel Nuc7I7Bnh Firmware +4
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary. Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

RCE Intel Nuc7I7Bnh Firmware +4
NVD
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Intel Authentication Bypass Nuc7I7Bnh Firmware +4
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology firmware versions 11.0.25.3001 and 11.0.26.3000 anti-rollback will not prevent upgrading to. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Active Management Technology Firmware +2
NVD
EPSS 5% 6.7 CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

Local privilege escalation to SYSTEM in Intel Ethernet diagnostics driver (IQVW32.sys/IQVW64.sys versions before 1.3.1.0) allows authenticated Windows users to execute arbitrary code with kernel privileges via crafted IOCTL calls to device driver interfaces. CISA confirms active exploitation in the wild (KEV-listed). Multiple public proof-of-concept exploits demonstrate exploitability across four IOCTL handlers (0x80862013, 0x8086200B, 0x8086200F, 0x80862007). With 4.99% EPSS probability (90th percentile) and confirmed real-world abuse, this represents a critical risk for systems with Intel network adapters where the diagnostic driver remains installed and unpatched.

Denial Of Service Microsoft Intel +1
NVD Exploit-DB
EPSS 0% CVSS 4.6
MEDIUM This Month

Data corruption vulnerability in firmware in Intel Solid-State Drive Consumer, Professional, Embedded, Data Center affected firmware versions LSBG200, LSF031C, LSF036C, LBF010C, LSBG100, LSF031C,. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Ssd 540S 2 5 Firmware +6
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Data corruption vulnerability in firmware in Intel Solid-State Drive Professional PSF104P, PSF109P allows local users to cause a denial of service via unspecified vectors. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Ssd Pro 6000P Firmware
NVD
EPSS 0% CVSS 9.0
CRITICAL Act Now

Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Information Disclosure Nuc7I3Bnk Bios +21
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Apple Authentication Bypass +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Intel Apple +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE +3
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Insufficient clickjacking protection in the Web User Interface of Intel AMT firmware versions before 9.1.40.1000, 9.5.60.1952, 10.0.50.1004, 11.0.0.1205, and 11.6.25.1129 potentially allowing a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Intel Active Management Technology Firmware
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

There is an escalation of privilege vulnerability in the Intel Solid State Drive Toolbox versions before 3.4.5 which allow a local administrative attacker to load and execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Intel Privilege Escalation +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE +3
NVD
EPSS 94% 7.8 CVSS 9.8
CRITICAL POC KEV PATCH THREAT Act Now

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Privilege Escalation Intel
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in IntelHAXM.sys driver in the Intel Hardware Accelerated Execution Manager before version 6.0.6 allows a local user to gain system level access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Privilege Escalation Hardware Accelerated Execution Manager
NVD
EPSS 0% CVSS 3.9
LOW Monitor

The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version SY0059 may allow may allow an attacker with physical access to the system to gain access to personal information. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Nuc6I3Syh Bios +1
NVD
EPSS 0% CVSS 3.9
LOW Monitor

The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Nuc6I7Kyk Bios
NVD
EPSS 0% CVSS 3.9
LOW Monitor

The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Stk2Mv64Cc Bios
NVD
EPSS 2% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Intel Apple Information Disclosure +1
NVD Exploit-DB
EPSS 1% CVSS 7.8
HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow RCE +3
NVD Exploit-DB
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local attackers to bypass local security protection via a crafted input file. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Intel Authentication Bypass Anti Malware Scan Engine
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local users to bypass local security protection via a crafted input file. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Intel Privilege Escalation Anti Malware Scan Engine
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Intel Binutils
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

SQL injection vulnerability in Intel Security Advanced Threat Defense (ATD) Linux 3.6.0 and earlier allows remote authenticated users to obtain product information via a crafted HTTP request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel SQLi Advanced Threat Defense
NVD
EPSS 13% CVSS 10.0
CRITICAL Act Now

SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier allows attackers to alter a SQL query, which can result in. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.6% and no vendor patch available.

Intel SQLi Epolicy Orchestrator
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary command execution vulnerability in Intel Security McAfee Security Scan Plus (SSP) 3.11.469 and earlier allows authenticated users to gain elevated privileges via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Security Scan Plus
NVD
EPSS 2% CVSS 6.2
MEDIUM POC This Month

SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request. Rated medium severity (CVSS 6.2), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Intel SQLi Virusscan Enterprise
NVD Exploit-DB
EPSS 9% CVSS 8.1
HIGH POC This Week

Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Intel Information Disclosure Virusscan Enterprise
NVD Exploit-DB
EPSS 11% CVSS 8.1
HIGH POC THREAT Act Now

Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 11.3%.

Intel Authentication Bypass Virusscan Enterprise
NVD Exploit-DB
EPSS 9% CVSS 7.5
HIGH POC This Week

Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service RCE Intel +2
NVD Exploit-DB
EPSS 3% CVSS 5.0
MEDIUM POC This Month

Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Intel Jwt Attack +1
NVD Exploit-DB
EPSS 3% CVSS 8.0
HIGH POC This Week

Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Intel Code Injection +1
NVD Exploit-DB
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Intel Virusscan Enterprise
NVD Exploit-DB
EPSS 0% CVSS 4.3
MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Intel CSRF Virusscan Enterprise
NVD Exploit-DB
EPSS 14% CVSS 4.1
MEDIUM POC THREAT This Month

Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 14.3%.

Intel Code Injection Virusscan Enterprise
NVD Exploit-DB
EPSS 10% CVSS 3.4
LOW POC Monitor

Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a. Rated low severity (CVSS 3.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Intel Information Disclosure Virusscan Enterprise
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH This Week

Access control vulnerability in Intel Security Data Loss Prevention Endpoint (DLPe) 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute permissions to inject hook DLLs into other. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Data Loss Prevention Endpoint
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Cross-site scripting vulnerability in Intel Security McAfee Endpoint Security (ENS) Web Control before 10.2.0.408.10 allows attackers to inject arbitrary web script or HTML via a crafted web site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Intel Endpoint Security Web Control
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Authentication Bypass Application Control +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Intel Privilege Escalation +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

File extension filtering vulnerability in Intel Security McAfee Email Gateway (MEG) before 7.6.404h1128596 allows attackers to fail to identify the file name properly via scanning an email with a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Privilege Escalation Email Gateway
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted. Rated high severity (CVSS 7.0). No vendor patch available.

Intel Privilege Escalation Security Webadvisor +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically. Rated high severity (CVSS 7.0). No vendor patch available.

Intel Privilege Escalation Security Webadvisor +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting. Rated high severity (CVSS 7.0). No vendor patch available.

Intel Privilege Escalation Security Webadvisor +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Detection bypass vulnerability in Intel Security Advanced Threat Defense (ATD) 3.4.6 and earlier allows malware samples to bypass ATD detection via renaming the malware. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Authentication Bypass Advanced Threat Defense
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Unsalted password vulnerability in the Enterprise Manager (web portal) component in Intel Security McAfee Vulnerability Manager (MVM) 7.5.8 and earlier allows attackers to more easily decrypt user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Information Disclosure Vulnerability Manager
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Intel Command Injection Epo Deep Command
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Intel Authentication Bypass Agent
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment,. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Authentication Bypass Advanced Threat Defense
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Information disclosure vulnerability in McAfee (now Intel Security) Cloud Analysis and Deconstructive Services (CADS) 1.0.0.3x, 1.0.0.4d and earlier allows remote unauthenticated users to view, add,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Privilege Escalation Information Disclosure +1
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Unauthorized execution of binary vulnerability in McAfee (now Intel Security) McAfee Application Control (MAC) 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Intel Microsoft Authentication Bypass +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A directory traversal vulnerability in the web application in McAfee (now Intel Security) SaaS Control Console (SCC) Platform 6.14 before patch 1070, and 6.15 before patch 1076 allows unauthenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Intel Saas Control Console Platform
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Authentication Bypass Application Control +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Authentication Bypass Application Control +1
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

The RSA-CRT implementation in the Intel QuickAssist Technology (QAT) Engine for OpenSSL versions prior to 0.5.19 may allow remote attackers to obtain private RSA keys by conducting a Lenstra. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Intel OpenSSL Information Disclosure +1
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector,. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Advisor +11
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Drivers for the Intel Ethernet Controller X710 and Intel Ethernet Controller XL710 families before version 22.0 are vulnerable to a denial of service in certain layer 2 network configurations. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel X710 Series Driver +1
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Intel Information Disclosure A64 +19
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE +4
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Intel Java +1
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Intel Information Disclosure Mcafee Agent
NVD
EPSS 3% CVSS 5.9
MEDIUM PATCH This Month

A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Intel Denial Of Service Ethernet Controller X710 Firmware +27
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Authentication bypass vulnerability in Enterprise Security Manager (ESM) and License Manager (LM) in Intel Security McAfee Security Information and Event Management (SIEM) 9.6.0 MR3 allows an. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Authentication Bypass +1
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

The igdkmd64 module in the Intel Graphics Driver through 15.33.42.435, 15.36.x through 15.36.30.4385, and 15.40.x through 15.40.4404 on Windows allows local users to cause a denial of service (crash). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Intel Privilege Escalation Denial Of Service +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Buffer overflow in Intel PROSet/Wireless Software and Drivers in versions before 19.20.3 allows a local user to crash iframewrk.exe causing a potential denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Buffer Overflow +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

SMM call out in all Intel Branded NUC Kits allows a local privileged user to access the System Management Mode and take full control of the platform. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation City Bios +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Unquoted service path vulnerability in Intel Wireless Bluetooth Drivers 16.x, 17.x, and before 18.1.1607.3129 allows local users to launch processes with elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Wireless Bluetooth Drivers
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Denial Of Service +30
NVD
Prev Page 18 of 19 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy