Skip to main content

Intel

1699 CVEs vendor

Monthly

CVE-2023-48366 MEDIUM This Month

Race condition in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Race Condition
NVD VulDB
CVSS 4.0
5.6
EPSS
0.0%
CVE-2023-48267 HIGH This Week

Improper buffer restrictions in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.6), this vulnerability is low attack complexity. No vendor patch available.

Intel Buffer Overflow Privilege Escalation
NVD VulDB
CVSS 4.0
8.6
EPSS
0.1%
CVE-2023-43758 HIGH PATCH This Week

Improper input validation in UEFI firmware for some Intel(R) processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.7), this vulnerability is low attack complexity.

Intel Privilege Escalation Red Hat Suse
NVD VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2023-34440 HIGH PATCH This Week

Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.7).

Intel Privilege Escalation Red Hat Suse
NVD VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2023-32277 MEDIUM This Month

Untrusted Pointer Dereference in I/O subsystem for some Intel(R) QAT software before version 2.0.5 may allow authenticated user to potentially enable information disclosure via local operating system. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure
NVD
CVSS 4.0
4.3
EPSS
0.1%
CVE-2023-31276 HIGH This Week

Heap-based buffer overflow in BMC Firmware for the Intel(R) Server Board S2600WF, Intel(R) Server Board S2600ST, Intel(R) Server Board S2600BP, before version 02.01.0017 and Intel(R) Server Board. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Buffer Overflow Heap Overflow Privilege Escalation
NVD
CVSS 4.0
8.4
EPSS
0.1%
CVE-2023-29164 MEDIUM This Month

Improper access control in BMC Firmware for the Intel(R) Server Board S2600WF, Intel(R) Server Board S2600ST, Intel(R) Server Board S2600BP, before version 02.01.0017 and Intel(R) Server Board M50CYP. Rated medium severity (CVSS 5.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Authentication Bypass Privilege Escalation
NVD
CVSS 4.0
5.8
EPSS
0.1%
CVE-2025-24122 MEDIUM This Month

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple Intel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-21644 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix tlb invalidation when wedging If GuC fails to load, the driver wedges, but in the process it tries to do stuff that may. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Intel Linux Denial Of Service Linux Kernel +2
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-37181 LOW Monitor

Time-of-check time-of-use race condition in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable information disclosure via adjacent. Rated low severity (CVSS 2.1). No vendor patch available.

Information Disclosure Intel
NVD
CVSS 4.0
2.1
EPSS
0.0%
CVE-2024-29980 MEDIUM Monitor

Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake, Phoenix SecureCore™ for Intel Coffee Lake, Phoenix SecureCore™ for Intel Comet Lake,. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Securecore Technology
NVD
CVSS 4.0
4.6
EPSS
0.1%
CVE-2024-29979 MEDIUM Monitor

Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake, Phoenix SecureCore™ for Intel Coffee Lake, Phoenix SecureCore™ for Intel Comet Lake,. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Securecore Technology
NVD
CVSS 4.0
4.6
EPSS
0.1%
CVE-2024-57880 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw: Add space for a terminator into DAIs array The code uses the initialised member of the asoc_sdw_dailink. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Intel Linux Kernel Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-57805 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-dai: Do not release the link DMA on STOP The linkDMA should not be released on stop trigger since a stream. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Intel Linux Kernel Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-53680 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() Under certain kernel configurations when building with. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Linux Intel Linux Kernel Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-56680 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: do not handle interrupts when device is disabled Some IPU6 devices have shared interrupts. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Intel Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-56671 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: gpio: graniterapids: Fix vGPIO driver crash Move setting irq_chip.name from probe() function to the initialization of "irq_chip". Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-56617 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU Commit 5944ce092b97 ("arch_topology: Build cacheinfo. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Intel Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-56615 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: bpf: fix OOB devmap writes when deleting elements Jordy reported issue against XSKMAP which also applies to DEVMAP - the index used. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Intel Memory Corruption Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-56614 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xsk_map_delete_elem function an unsigned integer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Intel Memory Corruption Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-56607 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() When I try to manually set bitrates: iw wlan0 set bitrates. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-56541 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup() During ath12k module removal, in ath12k_core_deinit(),. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure Intel Linux +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-53207 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible deadlocks This fixes possible deadlocks like the following caused by hci_cmd_sync_dequeue causing the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Intel Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-2201 MEDIUM This Month

A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Intel Linux
NVD GitHub
CVSS 3.1
4.7
EPSS
8.6%
CVE-2024-55976 CRITICAL Act Now

SQL injection in the Critical Site Intel WordPress plugin (mikeleembruggen, versions through 1.0) allows remote unauthenticated attackers to manipulate backend database queries via the critical-site-intel-stats functionality, leading to data disclosure and limited availability impact with scope change to the underlying WordPress database. The vulnerability carries a CVSS 9.3 (Critical) rating and an EPSS score of 29.74% (97th percentile), placing it well above typical baseline exploitation likelihood, though no public exploit identified at time of analysis.

Intel SQLi
NVD
CVSS 3.1
9.3
EPSS
29.7%
CVE-2024-11149 MEDIUM PATCH This Month

In OpenBSD 7.4 before errata 014, vmm(4) did not restore GDTR limits properly on Intel (VMX) CPUs. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity.

Information Disclosure Intel Openbsd
NVD
CVSS 4.0
6.2
EPSS
0.1%
CVE-2024-53135 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Hide KVM's pt_mode module param behind CONFIG_BROKEN,. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Information Disclosure Intel Linux Linux Kernel
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-44309 MEDIUM KEV THREAT This Month

A cookie management issue was addressed with improved state management. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Apple Intel XSS
NVD VulDB
CVSS 3.1
6.3
EPSS
1.2%
CVE-2024-44308 HIGH KEV THREAT Act Now

Arbitrary code execution in Apple Safari, iOS/iPadOS, macOS Sequoia, and visionOS occurs when processing maliciously crafted web content, with Apple confirming active exploitation on Intel-based Mac systems. The flaw is confirmed actively exploited (CISA KEV) and carries a CVSS 8.8 score requiring only user interaction (visiting a malicious page) to achieve remote code execution. EPSS at 1.55% (81st percentile) is moderate but the KEV listing signals real-world targeted abuse against Apple's WebKit-based browsing stack.

RCE Apple Intel
NVD VulDB
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-53088 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Intel Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-53048 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ice: fix crash on probe for DPLL enabled E810 LOM The E810 Lan On Motherboard (LOM) design is vendor specific. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-41167 HIGH This Week

Improper input validation in UEFI firmware in some Intel(R) Server Board M10JNP2SB Family may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.7). No vendor patch available.

Privilege Escalation Intel M10Jnp2Sb Firmware
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2024-40885 HIGH This Week

Use after free in the UEFI firmware of some Intel(R) Server M20NTP BIOS may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.7). No vendor patch available.

Use After Free Memory Corruption Intel Denial Of Service Privilege Escalation
NVD
CVSS 4.0
8.7
EPSS
0.1%
CVE-2024-39811 MEDIUM This Month

Improper input validation in firmware for some Intel(R) Server M20NTP Family UEFI may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel Privilege Escalation
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-39766 HIGH This Week

Improper neutralization of special elements used in SQL command in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.3). No vendor patch available.

Privilege Escalation Ssti Intel
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-39609 HIGH PATCH This Week

Improper Access Control in UEFI firmware for some Intel(R) Server Board M70KLP may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.7).

Authentication Bypass Privilege Escalation Intel Server Board M70Klp2Sb Firmware
NVD
CVSS 4.0
8.7
EPSS
0.1%
CVE-2024-39368 HIGH This Week

Improper neutralization of special elements used in an SQL command ('SQL Injection') in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially. Rated high severity (CVSS 8.6), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation SQLi Intel
NVD
CVSS 4.0
8.6
EPSS
0.3%
CVE-2024-39285 MEDIUM This Month

Improper access control in UEFI firmware in some Intel(R) Server M20NTP Family may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.6). No vendor patch available.

Authentication Bypass Information Disclosure Intel
NVD
CVSS 4.0
5.6
EPSS
0.1%
CVE-2024-38668 MEDIUM PATCH This Month

Uncontrolled search path for some Intel(R) Quartus(R) Prime Standard Edition software for Windows before version 23.1.1 may allow an authenticated user to potentially enable escalation of privilege. Rated medium severity (CVSS 5.4).

Privilege Escalation Intel Microsoft Quartus Prime
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-38665 MEDIUM This Month

Out-of-bounds write in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Intel Memory Corruption
NVD
CVSS 4.0
6.9
EPSS
0.2%
CVE-2024-38660 LOW Monitor

Protection mechanism failure in the SPP for some Intel(R) Xeon(R) processor family (E-Core) may allow an authenticated user to potentially enable escalation of privilege via local access. Rated low severity (CVSS 2.0), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
2.0
EPSS
0.2%
CVE-2024-38387 MEDIUM This Month

Uncontrolled search path in the Intel(R) Graphics Driver installers for versions 15.40 and 15.45 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-38383 MEDIUM PATCH This Month

Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition software for Windows before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 5.4).

Privilege Escalation Intel Microsoft Quartus Prime
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-37027 MEDIUM This Month

Improper Input validation in some Intel(R) VTune(TM) Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Oneapi Base Toolkit System Bring Up Toolkit Vtune Profiler
NVD
CVSS 4.0
5.2
EPSS
0.2%
CVE-2024-37025 MEDIUM This Month

Incorrect execution-assigned permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installer before version 23.1.1 may allow an authenticated user to potentially enable. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-37024 MEDIUM This Month

Uncontrolled search path for some ACAT software maintained by Intel(R) for Windows before version 3.11.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Microsoft
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-36488 MEDIUM This Month

Improper Access Control in some Intel(R) DSA before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Intel Driver Support Assistant
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-36482 HIGH PATCH This Week

Improper input validation in some Intel(R) CIP software before version 2.4.10852 may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Privilege Escalation Intel Computing Improvement Program
NVD
CVSS 4.0
7.1
EPSS
0.2%
CVE-2024-36294 MEDIUM This Month

Insecure inherited permissions for some Intel(R) DSA software before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Driver Support Assistant
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-36284 MEDIUM This Month

Improper input validation in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
5.1
EPSS
0.3%
CVE-2024-36282 HIGH This Week

Improper input validation in the Intel(R) Server Board S2600ST Family BIOS and Firmware Update software all versions may allow a privileged user to potentially enable escalation of privilege via. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
7.1
EPSS
0.2%
CVE-2024-36276 MEDIUM PATCH This Month

Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4).

Privilege Escalation Intel Computing Improvement Program
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-36275 MEDIUM This Month

NULL pointer dereference in some Intel(R) Optane(TM) PMem Management software versions before CR_MGMT_02.00.00.4040, CR_MGMT_03.00.00.0499 may allow a authenticated user to potentially enable denial. Rated medium severity (CVSS 5.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service
NVD
CVSS 4.0
5.8
EPSS
0.2%
CVE-2024-36253 MEDIUM This Month

Uncontrolled search path in the Intel(R) SDP Tool for Windows software all version may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Microsoft Server Debug And Provisioning Tool
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-36245 MEDIUM This Month

Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Oneapi Base Toolkit System Bring Up Toolkit Vtune Profiler
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-36242 HIGH This Week

Protection mechanism failure in the SPP for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-35245 MEDIUM This Month

Uncontrolled search path element in some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.60 may allow an authenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Microsoft
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-35201 MEDIUM This Month

Incorrect default permissions in the Intel(R) SDP Tool for Windows software all versions may allow an authenticated user to enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Microsoft Server Debug And Provisioning Tool
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-34776 LOW Monitor

Out-of-bounds write in some Intel(R) SGX SDK software may allow an authenticated user to potentially enable escalation of privilege via local access. Rated low severity (CVSS 2.0). No vendor patch available.

Privilege Escalation Buffer Overflow Intel Memory Corruption
NVD
CVSS 4.0
2.0
EPSS
0.1%
CVE-2024-34170 MEDIUM This Month

Improper buffer restrictions in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service
NVD
CVSS 4.0
6.9
EPSS
0.2%
CVE-2024-34167 MEDIUM This Month

Uncontrolled search path for the Intel(R) Server Board S2600ST Family BIOS and Firmware Update software all versions may allow an authenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-34165 MEDIUM This Month

Uncontrolled search path in some Intel(R) oneAPI DPC++/C++ Compiler before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-34164 MEDIUM This Month

Uncontrolled search path element in some Intel(R) MAS software before version 2.5 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-34028 MEDIUM This Month

Uncontrolled search path in some Intel(R) Graphics Offline Compiler for OpenCL(TM) Code software for Windows before version 2024.1.0.142, graphics driver 31.0.101.5445 may allow an authenticated user. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Microsoft
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-34023 MEDIUM This Month

Untrusted pointer dereference in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
6.9
EPSS
0.2%
CVE-2024-33624 MEDIUM This Month

Improper input validation for some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.60 may allow an unauthenticated user to potentially enable denial of service via network access. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Denial Of Service Microsoft
NVD
CVSS 4.0
5.3
EPSS
0.3%
CVE-2024-33617 HIGH This Week

Insufficient control flow management in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Intel Information Disclosure
NVD
CVSS 4.0
8.2
EPSS
0.4%
CVE-2024-33611 MEDIUM This Month

Improper input validation for some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.60 may allow a privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Microsoft
NVD
CVSS 4.0
4.6
EPSS
0.2%
CVE-2024-32485 LOW Monitor

Improper Input Validation in some Intel(R) VROC software before version 8.6.0.2003 may allow an authenticated user to potentially enable denial of service via local access. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Virtual Raid On Cpu
NVD
CVSS 4.0
2.4
EPSS
0.2%
CVE-2024-32483 HIGH This Week

Improper access control for some Intel(R) EMA software before version 1.13.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Intel Endpoint Management Assistant
NVD
CVSS 4.0
7.0
EPSS
0.2%
CVE-2024-32048 MEDIUM This Month

Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Model Server software before version 2024.0 may allow an unauthenticated user to potentially enable denial of service via. Rated medium severity (CVSS 6.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Denial Of Service
NVD
CVSS 4.0
6.0
EPSS
0.3%
CVE-2024-32044 MEDIUM This Month

Improper access control for some Intel(R) Arc(TM) Pro Graphics for Windows drivers before version 31.0.101.5319 may allow an authenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 5.4). No vendor patch available.

Authentication Bypass Privilege Escalation Intel Microsoft
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-31407 MEDIUM This Month

Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software for Intel(R) Quartus(R) Prime Pro Edition Software before version 24.1 may allow an authenticated user to potentially. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-31158 HIGH This Week

Improper input validation in UEFI firmware in some Intel(R) Server Board S2600BP Family may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2024-31154 HIGH This Week

Improper input validation in UEFI firmware for some Intel(R) Server S2600BPBR may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.7). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2024-31074 HIGH This Week

Observable timing discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Intel Information Disclosure
NVD
CVSS 4.0
8.2
EPSS
0.5%
CVE-2024-29085 MEDIUM This Month

Improper access control for some BigDL software maintained by Intel(R) before version 2.5.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Intel
NVD
CVSS 4.0
5.1
EPSS
0.2%
CVE-2024-29083 MEDIUM This Month

Incorrect default permissions in some Intel(R) Distribution for Python software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Python Intel
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-29079 MEDIUM This Month

Insufficient control flow management in some Intel(R) VROC software before version 8.6.0.3001 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Virtual Raid On Cpu
NVD
CVSS 4.0
6.9
EPSS
0.2%
CVE-2024-29076 MEDIUM This Month

Uncaught exception for some Intel(R) CST software before version 8.7.10803 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service
NVD
CVSS 4.0
6.8
EPSS
0.2%
CVE-2024-28952 MEDIUM This Month

Uncontrolled search path for some Intel(R) IPP software for Windows before version 2021.12.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Microsoft Integrated Performance Primitives Oneapi Base Toolkit
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-28950 MEDIUM This Month

Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library software for Windows before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Microsoft
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-28885 HIGH This Week

Observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Intel Information Disclosure
NVD
CVSS 4.0
8.2
EPSS
0.4%
CVE-2024-28881 MEDIUM This Month

Uncontrolled search path for some Intel(R) Fortran Compiler Classic software before version 2021.13 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-28169 MEDIUM This Month

Cleartext transmission of sensitive information for some BigDL software maintained by Intel(R) before version 2.5.0 may allow an authenticated user to potentially enable denial of service via. Rated medium severity (CVSS 4.3). No vendor patch available.

Intel Denial Of Service
NVD
CVSS 4.0
4.3
EPSS
0.1%
CVE-2024-28051 LOW Monitor

Out-of-bounds read in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable information disclosure via local access. Rated low severity (CVSS 1.0). No vendor patch available.

Intel Buffer Overflow Information Disclosure
NVD
CVSS 4.0
1.0
EPSS
0.2%
CVE-2024-28049 MEDIUM This Month

Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi wireless products before version 23.40 may allow an unauthenticated user to enable. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Denial Of Service Killer Proset Wireless Wifi
NVD
CVSS 4.0
6.8
EPSS
0.2%
CVE-2024-28030 LOW Monitor

NULL pointer dereference in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable denial of service via local access. Rated low severity (CVSS 1.0). No vendor patch available.

Intel Denial Of Service
NVD
CVSS 4.0
1.0
EPSS
0.2%
CVE-2024-28028 HIGH This Week

Improper input validation in some Intel(R) Neural Compressor software before version v3.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. Rated high severity (CVSS 7.7), this vulnerability is no authentication required. No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
7.7
EPSS
0.3%
CVE-2024-27200 MEDIUM This Month

Improper access control in some Intel(R) Granulate(TM) software before version 4.30.1 may allow a authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Intel
NVD
CVSS 4.0
4.8
EPSS
0.1%
EPSS 0% CVSS 5.6
MEDIUM This Month

Race condition in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Race Condition
NVD VulDB
EPSS 0% CVSS 8.6
HIGH This Week

Improper buffer restrictions in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.6), this vulnerability is low attack complexity. No vendor patch available.

Intel Buffer Overflow Privilege Escalation
NVD VulDB
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Improper input validation in UEFI firmware for some Intel(R) processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.7), this vulnerability is low attack complexity.

Intel Privilege Escalation Red Hat +1
NVD VulDB
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.7).

Intel Privilege Escalation Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM This Month

Untrusted Pointer Dereference in I/O subsystem for some Intel(R) QAT software before version 2.0.5 may allow authenticated user to potentially enable information disclosure via local operating system. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Heap-based buffer overflow in BMC Firmware for the Intel(R) Server Board S2600WF, Intel(R) Server Board S2600ST, Intel(R) Server Board S2600BP, before version 02.01.0017 and Intel(R) Server Board. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Buffer Overflow Heap Overflow +1
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

Improper access control in BMC Firmware for the Intel(R) Server Board S2600WF, Intel(R) Server Board S2600ST, Intel(R) Server Board S2600BP, before version 02.01.0017 and Intel(R) Server Board M50CYP. Rated medium severity (CVSS 5.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Authentication Bypass Privilege Escalation
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple +1
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix tlb invalidation when wedging If GuC fails to load, the driver wedges, but in the process it tries to do stuff that may. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Intel Linux +4
NVD
EPSS 0% CVSS 2.1
LOW Monitor

Time-of-check time-of-use race condition in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable information disclosure via adjacent. Rated low severity (CVSS 2.1). No vendor patch available.

Information Disclosure Intel
NVD
EPSS 0% CVSS 4.6
MEDIUM Monitor

Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake, Phoenix SecureCore™ for Intel Coffee Lake, Phoenix SecureCore™ for Intel Comet Lake,. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Securecore Technology
NVD
EPSS 0% CVSS 4.6
MEDIUM Monitor

Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake, Phoenix SecureCore™ for Intel Coffee Lake, Phoenix SecureCore™ for Intel Comet Lake,. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Securecore Technology
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw: Add space for a terminator into DAIs array The code uses the initialised member of the asoc_sdw_dailink. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Intel +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-dai: Do not release the link DMA on STOP The linkDMA should not be released on stop trigger since a stream. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Intel +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() Under certain kernel configurations when building with. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Linux Intel +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: do not handle interrupts when device is disabled Some IPU6 devices have shared interrupts. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Intel Linux +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: gpio: graniterapids: Fix vGPIO driver crash Move setting irq_chip.name from probe() function to the initialization of "irq_chip". Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Denial Of Service Linux +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU Commit 5944ce092b97 ("arch_topology: Build cacheinfo. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Intel Denial Of Service +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: bpf: fix OOB devmap writes when deleting elements Jordy reported issue against XSKMAP which also applies to DEVMAP - the index used. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Intel +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xsk_map_delete_elem function an unsigned integer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Intel +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() When I try to manually set bitrates: iw wlan0 set bitrates. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Denial Of Service Linux +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup() During ath12k module removal, in ath12k_core_deinit(),. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible deadlocks This fixes possible deadlocks like the following caused by hci_cmd_sync_dequeue causing the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Intel Linux +1
NVD
EPSS 9% CVSS 4.7
MEDIUM This Month

A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Intel Linux
NVD GitHub
EPSS 30% CVSS 9.3
CRITICAL Act Now

SQL injection in the Critical Site Intel WordPress plugin (mikeleembruggen, versions through 1.0) allows remote unauthenticated attackers to manipulate backend database queries via the critical-site-intel-stats functionality, leading to data disclosure and limited availability impact with scope change to the underlying WordPress database. The vulnerability carries a CVSS 9.3 (Critical) rating and an EPSS score of 29.74% (97th percentile), placing it well above typical baseline exploitation likelihood, though no public exploit identified at time of analysis.

Intel SQLi
NVD
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

In OpenBSD 7.4 before errata 014, vmm(4) did not restore GDTR limits properly on Intel (VMX) CPUs. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity.

Information Disclosure Intel Openbsd
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Hide KVM's pt_mode module param behind CONFIG_BROKEN,. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Information Disclosure Intel Linux +1
NVD
EPSS 1% CVSS 6.3
MEDIUM KEV THREAT This Month

A cookie management issue was addressed with improved state management. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Apple Intel XSS
NVD VulDB
EPSS 2% CVSS 8.8
HIGH KEV THREAT Act Now

Arbitrary code execution in Apple Safari, iOS/iPadOS, macOS Sequoia, and visionOS occurs when processing maliciously crafted web content, with Apple confirming active exploitation on Intel-based Mac systems. The flaw is confirmed actively exploited (CISA KEV) and carries a CVSS 8.8 score requiring only user interaction (visiting a malicious page) to achieve remote code execution. EPSS at 1.55% (81st percentile) is moderate but the KEV listing signals real-world targeted abuse against Apple's WebKit-based browsing stack.

RCE Apple Intel
NVD VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Intel +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ice: fix crash on probe for DPLL enabled E810 LOM The E810 Lan On Motherboard (LOM) design is vendor specific. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Denial Of Service Linux +1
NVD
EPSS 0% CVSS 8.7
HIGH This Week

Improper input validation in UEFI firmware in some Intel(R) Server Board M10JNP2SB Family may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.7). No vendor patch available.

Privilege Escalation Intel M10Jnp2Sb Firmware
NVD
EPSS 0% CVSS 8.7
HIGH This Week

Use after free in the UEFI firmware of some Intel(R) Server M20NTP BIOS may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.7). No vendor patch available.

Use After Free Memory Corruption Intel +2
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Improper input validation in firmware for some Intel(R) Server M20NTP Family UEFI may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel Privilege Escalation
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Improper neutralization of special elements used in SQL command in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.3). No vendor patch available.

Privilege Escalation Ssti Intel
NVD
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Improper Access Control in UEFI firmware for some Intel(R) Server Board M70KLP may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.7).

Authentication Bypass Privilege Escalation Intel +1
NVD
EPSS 0% CVSS 8.6
HIGH This Week

Improper neutralization of special elements used in an SQL command ('SQL Injection') in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially. Rated high severity (CVSS 8.6), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation SQLi Intel
NVD
EPSS 0% CVSS 5.6
MEDIUM This Month

Improper access control in UEFI firmware in some Intel(R) Server M20NTP Family may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.6). No vendor patch available.

Authentication Bypass Information Disclosure Intel
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Uncontrolled search path for some Intel(R) Quartus(R) Prime Standard Edition software for Windows before version 23.1.1 may allow an authenticated user to potentially enable escalation of privilege. Rated medium severity (CVSS 5.4).

Privilege Escalation Intel Microsoft +1
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Out-of-bounds write in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Intel +1
NVD
EPSS 0% CVSS 2.0
LOW Monitor

Protection mechanism failure in the SPP for some Intel(R) Xeon(R) processor family (E-Core) may allow an authenticated user to potentially enable escalation of privilege via local access. Rated low severity (CVSS 2.0), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path in the Intel(R) Graphics Driver installers for versions 15.40 and 15.45 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition software for Windows before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 5.4).

Privilege Escalation Intel Microsoft +1
NVD
EPSS 0% CVSS 5.2
MEDIUM This Month

Improper Input validation in some Intel(R) VTune(TM) Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Oneapi Base Toolkit +2
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Incorrect execution-assigned permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installer before version 23.1.1 may allow an authenticated user to potentially enable. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for some ACAT software maintained by Intel(R) for Windows before version 3.11.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Microsoft
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Improper Access Control in some Intel(R) DSA before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Intel +1
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Improper input validation in some Intel(R) CIP software before version 2.4.10852 may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Privilege Escalation Intel Computing Improvement Program
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Insecure inherited permissions for some Intel(R) DSA software before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Driver Support Assistant
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Improper input validation in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Improper input validation in the Intel(R) Server Board S2600ST Family BIOS and Firmware Update software all versions may allow a privileged user to potentially enable escalation of privilege via. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4).

Privilege Escalation Intel Computing Improvement Program
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

NULL pointer dereference in some Intel(R) Optane(TM) PMem Management software versions before CR_MGMT_02.00.00.4040, CR_MGMT_03.00.00.0499 may allow a authenticated user to potentially enable denial. Rated medium severity (CVSS 5.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path in the Intel(R) SDP Tool for Windows software all version may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Microsoft +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Oneapi Base Toolkit +2
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Protection mechanism failure in the SPP for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path element in some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.60 may allow an authenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Microsoft
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Incorrect default permissions in the Intel(R) SDP Tool for Windows software all versions may allow an authenticated user to enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Microsoft +1
NVD
EPSS 0% CVSS 2.0
LOW Monitor

Out-of-bounds write in some Intel(R) SGX SDK software may allow an authenticated user to potentially enable escalation of privilege via local access. Rated low severity (CVSS 2.0). No vendor patch available.

Privilege Escalation Buffer Overflow Intel +1
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Improper buffer restrictions in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for the Intel(R) Server Board S2600ST Family BIOS and Firmware Update software all versions may allow an authenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path in some Intel(R) oneAPI DPC++/C++ Compiler before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path element in some Intel(R) MAS software before version 2.5 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path in some Intel(R) Graphics Offline Compiler for OpenCL(TM) Code software for Windows before version 2024.1.0.142, graphics driver 31.0.101.5445 may allow an authenticated user. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Microsoft
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Untrusted pointer dereference in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Improper input validation for some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.60 may allow an unauthenticated user to potentially enable denial of service via network access. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Denial Of Service Microsoft
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Insufficient control flow management in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Intel Information Disclosure
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Improper input validation for some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.60 may allow a privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Microsoft
NVD
EPSS 0% CVSS 2.4
LOW Monitor

Improper Input Validation in some Intel(R) VROC software before version 8.6.0.2003 may allow an authenticated user to potentially enable denial of service via local access. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Virtual Raid On Cpu
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Improper access control for some Intel(R) EMA software before version 1.13.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Intel +1
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Model Server software before version 2024.0 may allow an unauthenticated user to potentially enable denial of service via. Rated medium severity (CVSS 6.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Denial Of Service
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Improper access control for some Intel(R) Arc(TM) Pro Graphics for Windows drivers before version 31.0.101.5319 may allow an authenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 5.4). No vendor patch available.

Authentication Bypass Privilege Escalation Intel +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software for Intel(R) Quartus(R) Prime Pro Edition Software before version 24.1 may allow an authenticated user to potentially. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 8.7
HIGH This Week

Improper input validation in UEFI firmware in some Intel(R) Server Board S2600BP Family may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 8.7
HIGH This Week

Improper input validation in UEFI firmware for some Intel(R) Server S2600BPBR may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.7). No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Observable timing discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Intel Information Disclosure
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Improper access control for some BigDL software maintained by Intel(R) before version 2.5.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Intel
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Incorrect default permissions in some Intel(R) Distribution for Python software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Python Intel
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Insufficient control flow management in some Intel(R) VROC software before version 8.6.0.3001 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Virtual Raid On Cpu
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Uncaught exception for some Intel(R) CST software before version 8.7.10803 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for some Intel(R) IPP software for Windows before version 2021.12.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Microsoft +2
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library software for Windows before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Microsoft
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Intel Information Disclosure
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for some Intel(R) Fortran Compiler Classic software before version 2021.13 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cleartext transmission of sensitive information for some BigDL software maintained by Intel(R) before version 2.5.0 may allow an authenticated user to potentially enable denial of service via. Rated medium severity (CVSS 4.3). No vendor patch available.

Intel Denial Of Service
NVD
EPSS 0% CVSS 1.0
LOW Monitor

Out-of-bounds read in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable information disclosure via local access. Rated low severity (CVSS 1.0). No vendor patch available.

Intel Buffer Overflow Information Disclosure
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi wireless products before version 23.40 may allow an unauthenticated user to enable. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Denial Of Service Killer +1
NVD
EPSS 0% CVSS 1.0
LOW Monitor

NULL pointer dereference in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable denial of service via local access. Rated low severity (CVSS 1.0). No vendor patch available.

Intel Denial Of Service
NVD
EPSS 0% CVSS 7.7
HIGH This Week

Improper input validation in some Intel(R) Neural Compressor software before version v3.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. Rated high severity (CVSS 7.7), this vulnerability is no authentication required. No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Improper access control in some Intel(R) Granulate(TM) software before version 4.30.1 may allow a authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Intel
NVD
Prev Page 5 of 19 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy