Filtered by vendor Intel
Subscribe
Total
1726 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-12189 | 1 Intel | 2 Converged Security Management Engine Firmware, Trusted Execution Engine Firmware | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access.
|
|||||
| CVE-2018-12188 | 1 Intel | 2 Converged Security Management Engine Firmware, Trusted Execution Engine Firmware | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
|
Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access.
|
|||||
| CVE-2018-12187 | 1 Intel | 1 Active Management Technology Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Insufficient input validation in Intel(R) Active Management Technology (Intel(R) AMT) before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially cause a denial of service via network access.
|
|||||
| CVE-2018-12185 | 1 Intel | 1 Converged Security Management Engine Firmware | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
|
Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physical access.
|
|||||
| CVE-2018-12177 | 1 Intel | 24 Dual Band Wireless-ac 3160, Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3168 and 21 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Improper directory permissions in the ZeroConfig service in Intel(R) PROSet/Wireless WiFi Software before version 20.90.0.7 may allow an authorized user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2018-12176 | 1 Intel | 29 Compute Card Cd1iv128mk, Compute Card Cd1m3128mk, Compute Card Cd1p64gk and 26 more | 2024-11-21 | 7.2 HIGH | 8.2 HIGH |
|
Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.
|
|||||
| CVE-2018-12175 | 1 Intel | 1 Distribution For Python | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access.
|
|||||
| CVE-2018-12174 | 1 Intel | 1 Parallel Studio Xe | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE 2018 Update 3 may allow an authenticated user to potentially escalate privileges via local access.
|
|||||
| CVE-2018-12173 | 1 Intel | 28 Compute Module Hns2600bp, Compute Module Hns2600bp Firmware, Compute Module Hns2600bpr and 25 more | 2024-11-21 | 7.2 HIGH | 7.6 HIGH |
|
Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.
|
|||||
| CVE-2018-12172 | 1 Intel | 8 Hns7200ap, Hns7200ap Firmware, Hns7200apr and 5 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Improper password hashing in firmware in Intel Server Board (S7200AP,S7200APR) and Intel Compute Module (HNS7200AP, HNS7200AP) may allow a privileged user to potentially disclose firmware passwords via local access.
|
|||||
| CVE-2018-12171 | 1 Intel | 31 Bbs2600bpb, Bbs2600bpq, Bbs2600bps and 28 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network.
|
|||||
| CVE-2018-12169 | 2 Intel, Lenovo | 32 Core I3, Core I5, Core I7 and 29 more | 2024-11-21 | 4.6 MEDIUM | 7.6 HIGH |
|
Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation Intel Core Processor contains a logic error which may allow physical attacker to potentially bypass firmware authentication.
|
|||||
| CVE-2018-12168 | 1 Intel | 1 Computing Improvement Program | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Privilege escalation in file permissions in Intel Computing Improvement Program before version 2.2.0.03942 may allow an authenticated user to potentially execute code as administrator via local access.
|
|||||
| CVE-2018-12167 | 1 Intel | 2 Optane Ssd Dc P4800x, Optane Ssd Dc P4800x Firmware | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
Firmware update routine in bootloader for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access.
|
|||||
| CVE-2018-12166 | 1 Intel | 2 Optane Ssd Dc P4800x, Optane Ssd Dc P4800x Firmware | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
Insufficient write protection in firmware for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access.
|
|||||
| CVE-2018-12163 | 1 Intel | 1 Iot Developers Kit | 2024-11-21 | 6.8 MEDIUM | 4.8 MEDIUM |
|
A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access.
|
|||||
| CVE-2018-12162 | 1 Intel | 1 Openvino Toolkit | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Directory permissions in the Intel OpenVINO Toolkit for Windows before version 2018.1.265 may allow an authenticated user to potentially execute code using default directory permissions via local access.
|
|||||
| CVE-2018-12161 | 1 Intel | 1 Raid Web Console | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Insufficient session validation in the webserver component of the Intel Rapid Web Server 3 may allow an unauthenticated user to potentially disclose information via network access.
|
|||||
| CVE-2018-12160 | 1 Intel | 1 Data Migration Software | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
|
DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access.
|
|||||
| CVE-2018-12159 | 1 Intel | 1 Proset\/wireless | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Buffer overflow in the command-line interface for Intel(R) PROSet Wireless v20.50 and before may allow an authenticated user to potentially enable denial of service via local access.
|
|||||
| CVE-2018-12158 | 1 Intel | 1 Next Unit Of Computing Firmware | 2024-11-21 | 5.6 MEDIUM | 6.0 MEDIUM |
|
Insufficient input validation in BIOS update utility in Intel NUC FW kits downloaded before May 24, 2018 may allow a privileged user to potentially trigger a denial of service or information disclosure via local access.
|
|||||
| CVE-2018-12155 | 1 Intel | 1 Integrated Performance Primitives | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information disclosure via local access.
|
|||||
| CVE-2018-12154 | 1 Intel | 1 Graphics Driver | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivileged user to potentially create an infinite loop and crash an application via local access.
|
|||||
| CVE-2018-12153 | 1 Intel | 1 Graphics Driver | 2024-11-21 | 4.9 MEDIUM | 6.5 MEDIUM |
|
Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivileged user from a virtual machine guest to potentially crash the host system via local access.
|
|||||
| CVE-2018-12152 | 1 Intel | 1 Graphics Driver | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unauthenticated remote user to potentially execute arbitrary WebGL code via local access.
|
|||||
| CVE-2018-12151 | 1 Intel | 1 Extreme Tuning Utility | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Buffer overflow in installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially cause a buffer overflow potentially leading to a denial of service via local access.
|
|||||
| CVE-2018-12150 | 1 Intel | 1 Extreme Tuning Utility | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
|
Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially execute code or disclose information as administrator via local access.
|
|||||
| CVE-2018-12149 | 1 Intel | 1 Extreme Tuning Utility | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Buffer overflow in input handling in Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially deny service to the application via local access.
|
|||||
| CVE-2018-12148 | 1 Intel | 1 Driver \& Support Assistant | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Privilege escalation in file permissions in Intel Driver and Support Assistant before 3.5.0.1 may allow an authenticated user to potentially execute code as administrator via local access.
|
|||||
| CVE-2018-12147 | 1 Intel | 3 Converged Security Management Engine Firmware, Server Platform Services Firmware, Trusted Execution Engine Firmware | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of privileges via local access.
|
|||||
| CVE-2018-12131 | 1 Intel | 3 Client Nvme, Datacenter Nvme, Rapid Storage Technology | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access.
|
|||||
| CVE-2018-12130 | 2 Fedoraproject, Intel | 3 Fedora, Microarchitectural Fill Buffer Data Sampling, Microarchitectural Fill Buffer Data Sampling Firmware | 2024-11-21 | 4.7 MEDIUM | 5.6 MEDIUM |
|
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
|
|||||
| CVE-2018-12127 | 2 Fedoraproject, Intel | 3 Fedora, Microarchitectural Load Port Data Sampling, Microarchitectural Load Port Data Sampling Firmware | 2024-11-21 | 4.7 MEDIUM | 5.6 MEDIUM |
|
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
|
|||||
| CVE-2018-12126 | 2 Fedoraproject, Intel | 3 Fedora, Microarchitectural Store Buffer Data Sampling, Microarchitectural Store Buffer Data Sampling Firmware | 2024-11-21 | 4.7 MEDIUM | 5.6 MEDIUM |
|
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
|
|||||
| CVE-2018-10932 | 1 Intel | 1 Lldptool | 2024-11-21 | 3.3 LOW | 4.3 MEDIUM |
|
lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal.
|
|||||
| CVE-2017-5754 | 2 Arm, Intel | 209 Cortex-a, Atom C, Atom E and 206 more | 2024-11-21 | 4.7 MEDIUM | 5.6 MEDIUM |
|
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
|
|||||
| CVE-2017-5736 | 1 Intel | 1 Software Guard Extensions Platform Software Component | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
|
An elevation of privilege in Intel Software Guard Extensions Platform Software Component before 1.9.105.42329 allows a local attacker to execute arbitrary code as administrator.
|
|||||
| CVE-2017-5727 | 1 Intel | 1 Graphics Driver | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Pointer dereference in subsystem in Intel Graphics Driver 15.40.x.x, 15.45.x.x, 15.46.x.x allows unprivileged user to elevate privileges via local access.
|
|||||
| CVE-2017-5704 | 1 Intel | 3 Core I3, Core I5, Core I7 | 2024-11-21 | 2.1 LOW | 6.7 MEDIUM |
|
Platform sample code firmware included with 4th Gen Intel Core Processor, 5th Gen Intel Core Processor, 6th Gen Intel Core Processor, and 7th Gen Intel Core Processor potentially exposes password information in memory to a local attacker with administrative privileges.
|
|||||
| CVE-2017-5703 | 1 Intel | 308 Atom C2308, Atom C2316, Atom C2338 and 305 more | 2024-11-21 | 3.6 LOW | 6.0 MEDIUM |
|
Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker to alter the behavior of the SPI flash potentially leading to a Denial of Service.
|
|||||