1699
CVEs
55
Critical
698
High
4
KEV
45
PoC
542
Unpatched C/H
27.4%
Patch Rate
0.9%
Avg EPSS
Severity Breakdown
CRITICAL
55
HIGH
698
MEDIUM
886
LOW
55
Monthly CVE Trend
Affected Products (30)
Linux Kernel
130
Mac Os X
56
Active Management Technology Firmware
50
Debian Linux
48
Fedora
40
Graphics Driver
37
Windows
37
Xen
36
Converged Security Management Engine Firmware
30
Server Board S2600St Firmware
26
Core I7 8665U Firmware
26
Core I7 8700K Firmware
25
Core I7 8500Y Firmware
25
Core I7 8650U Firmware
25
Core I7 8700T Firmware
25
Server Board S2600Wf Firmware
25
Core I7 8700 Firmware
25
Core I7 8565U Firmware
24
Core I7 8706G Firmware
24
Server Board S2600Bp Firmware
24
Core I7 8850H Firmware
24
Proset Wireless Wifi
24
Server Board S2600Kp Firmware
24
Core I9 9900K Firmware
23
Server System R1000Wf Firmware
23
Compute Module Hns2600Bp Firmware
23
Core I7 8550U Firmware
23
Core I7 8709G Firmware
23
Core I9 9880H Firmware
23
Server System R2000Wf Firmware
23
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2017-5689 | An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available. | CRITICAL | 9.8 | 94.2% | 213 |
KEV
PoC
|
| CVE-2012-5958 | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 88.6%. | CRITICAL | 10.0 | 88.6% | 174 |
PoC
|
| CVE-2012-0217 | The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 88.0%. | HIGH | 7.2 | 88.0% | 159 |
PoC
No patch
|
| CVE-2012-5959 | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 82.4%. | CRITICAL | 10.0 | 82.4% | 152 |
PoC
|
| CVE-2012-5961 | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 72.3%. | CRITICAL | 10.0 | 72.3% | 142 |
PoC
|
| CVE-2012-5963 | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 72.3%. | CRITICAL | 10.0 | 72.3% | 142 |
PoC
|
| CVE-2012-5964 | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 72.3%. | CRITICAL | 10.0 | 72.3% | 142 |
PoC
|
| CVE-2012-5965 | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 71.7%. | CRITICAL | 10.0 | 71.7% | 142 |
PoC
|
| CVE-2012-5962 | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 70.1%. | CRITICAL | 10.0 | 70.1% | 140 |
PoC
|
| CVE-2012-5960 | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 56.0%. | CRITICAL | 10.0 | 56.0% | 126 |
PoC
|
| CVE-2015-2291 | Local privilege escalation to SYSTEM in Intel Ethernet diagnostics driver (IQVW32.sys/IQVW64.sys versions before 1.3.1.0) allows authenticated Windows users to execute arbitrary code with kernel privileges via crafted IOCTL calls to device driver interfaces. CISA confirms active exploitation in the wild (KEV-listed). Multiple public proof-of-concept exploits demonstrate exploitability across four IOCTL handlers (0x80862013, 0x8086200B, 0x8086200F, 0x80862007). With 4.99% EPSS probability (90th percentile) and confirmed real-world abuse, this represents a critical risk for systems with Intel network adapters where the diagnostic driver remains installed and unpatched. | HIGH | 7.8 | 5.0% | 124 |
KEV
PoC
|
| CVE-2024-44308 | Arbitrary code execution in Apple Safari, iOS/iPadOS, macOS Sequoia, and visionOS occurs when processing maliciously crafted web content, with Apple confirming active exploitation on Intel-based Mac systems. The flaw is confirmed actively exploited (CISA KEV) and carries a CVSS 8.8 score requiring only user interaction (visiting a malicious page) to achieve remote code execution. EPSS at 1.55% (81st percentile) is moderate but the KEV listing signals real-world targeted abuse against Apple's WebKit-based browsing stack. | HIGH | 8.8 | 1.5% | 96 |
KEV
No patch
|
| CVE-2024-44309 | A cookie management issue was addressed with improved state management. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available. | MEDIUM | 6.3 | 1.2% | 83 |
KEV
No patch
|
| CVE-2024-55976 | SQL injection in the Critical Site Intel WordPress plugin (mikeleembruggen, versions through 1.0) allows remote unauthenticated attackers to manipulate backend database queries via the critical-site-intel-stats functionality, leading to data disclosure and limited availability impact with scope change to the underlying WordPress database. The vulnerability carries a CVSS 9.3 (Critical) rating and an EPSS score of 29.74% (97th percentile), placing it well above typical baseline exploitation likelihood, though no public exploit identified at time of analysis. | CRITICAL | 9.3 | 29.7% | 76 |
No patch
|
| CVE-2018-8897 | A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available. | HIGH | 7.8 | 18.7% | 74 |
PoC
|