Intel
Intel Corporation is an American multinational technology company headquartered in Santa Clara, California. It designs, manufactures, and sells computer components such as central processing units (CPUs) and related products for business and consumer markets. Intel was the world's third-largest semiconductor chip manufacturer by revenue in 2024 and has been included in the Fortune 500 list of the largest United States corporations by revenue since 2007. It was one of the first companies listed on Nasdaq.
Products
980- 111 CVEs
- 93 CVEs
- 72 CVEs
- 55 CVEs
- 50 CVEs
- 45 CVEs
- 44 CVEs
- 34 CVEs
- 32 CVEs
- 32 CVEs
- 31 CVEs
- 30 CVEs
- 27 CVEs
- 26 CVEs
- 25 CVEs
- 23 CVEs
- 21 CVEs
- 21 CVEs
- 20 CVEs
- 19 CVEs
- 19 CVEs
- 19 CVEs
- 19 CVEs
- 18 CVEs
- 17 CVEs
- 17 CVEs
- 16 CVEs
- 16 CVEs
- 16 CVEs
- 15 CVEs
- View all 980 products →
Recent CVEs
2,130| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-5689 | Cri | 0.86 | 9.8 | 0.92 | KEV | May 2, 2017 | An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged… | |
| CVE-2015-2291 | Hig | 0.72 | 7.8 | 0.09 | KEV | Aug 9, 2017 | (1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c)… | |
| CVE-2024-22476 | Cri | 0.71 | 10.0 | 0.33 | May 16, 2024 | Improper input validation in some Intel(R) Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially enable escalation of privilege via remote access. | ||
| CVE-2016-8027 | Cri | 0.65 | 10.0 | 0.06 | Mar 14, 2017 | SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier allows attackers to alter a SQL query, which can result in disclosure of information within the database or impersonation of an agent without… | ||
| CVE-2018-12171 | Cri | 0.64 | 9.8 | 0.02 | Sep 12, 2018 | Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network. | ||
| CVE-2018-3641 | Cri | 0.64 | 9.8 | 0.01 | Apr 3, 2018 | Escalation of privilege in all versions of the Intel Remote Keyboard allows a network attacker to inject keystrokes as a local user. | ||
| CVE-2017-5719 | Cri | 0.64 | 9.8 | 0.02 | Nov 21, 2017 | A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows a network attacker to remotely execute code as a local user. | ||
| CVE-2017-12865 | Cri | 0.64 | 9.8 | 0.06 | Aug 29, 2017 | Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable. | ||
| CVE-2018-3679 | Cri | 0.62 | 9.6 | 0.01 | Sep 12, 2018 | Escalation of privilege in Reference UI in Intel Data Center Manager SDK 5.0 and before may allow an unauthorized remote unauthenticated user to potentially execute code via administrator privileges. | ||
| CVE-2026-20794 | Cri | 0.60 | — | 0.00 | May 12, 2026 | Buffer overflow for the Intel(R) Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local… | ||
| CVE-2017-5738 | Cri | 0.59 | 9.1 | 0.02 | Nov 16, 2017 | Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1.41.18 and 3.1.45.26 allows an attacker with network access to cause a denial of service and/or information disclosure. | ||
| CVE-2017-5691 | Cri | 0.59 | 9.0 | 0.01 | Jul 26, 2017 | Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system… | ||
| CVE-2013-4786 | Hig | 0.58 | 7.5 | 0.82 | Jul 8, 2013 | The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC. | ||
| CVE-2026-20887 | Hig | 0.57 | — | 0.00 | May 12, 2026 | Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This… | ||
| CVE-2025-35990 | Hig | 0.57 | — | 0.00 | May 12, 2026 | Improper input validation for some Intel Endpoint Management Assistant (EMA) software before version 1.14.5 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack… | ||
| CVE-2024-36324 | Hig | 0.57 | 8.8 | 0.00 | Feb 11, 2026 | Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution. | ||
| CVE-2025-24325 | Hig | 0.57 | 8.8 | 0.00 | Aug 12, 2025 | Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2013-3307 | Hig | 0.57 | 8.3 | 0.06 | Jul 11, 2025 | Linksys E1000 devices through 2.1.02, E1200 devices before 2.0.05, and E3200 devices through 1.0.04 allow OS command injection via shell metacharacters in the apply.cgi ping_ip parameter on TCP port 52000. | ||
| CVE-2024-36242 | Hig | 0.57 | 8.8 | 0.00 | Nov 13, 2024 | Protection mechanism failure in the SPP for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2024-23918 | Hig | 0.57 | 8.8 | 0.00 | Nov 13, 2024 | Improper conditions check in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access. |
- risk 0.86cvss 9.8epss 0.92
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged…
- risk 0.72cvss 7.8epss 0.09
(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c)…
- risk 0.71cvss 10.0epss 0.33
Improper input validation in some Intel(R) Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially enable escalation of privilege via remote access.
- risk 0.65cvss 10.0epss 0.06
SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier allows attackers to alter a SQL query, which can result in disclosure of information within the database or impersonation of an agent without…
- risk 0.64cvss 9.8epss 0.02
Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network.
- risk 0.64cvss 9.8epss 0.01
Escalation of privilege in all versions of the Intel Remote Keyboard allows a network attacker to inject keystrokes as a local user.
- risk 0.64cvss 9.8epss 0.02
A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows a network attacker to remotely execute code as a local user.
- risk 0.64cvss 9.8epss 0.06
Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable.
- risk 0.62cvss 9.6epss 0.01
Escalation of privilege in Reference UI in Intel Data Center Manager SDK 5.0 and before may allow an unauthorized remote unauthenticated user to potentially execute code via administrator privileges.
- risk 0.60cvss —epss 0.00
Buffer overflow for the Intel(R) Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local…
- risk 0.59cvss 9.1epss 0.02
Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1.41.18 and 3.1.45.26 allows an attacker with network access to cause a denial of service and/or information disclosure.
- risk 0.59cvss 9.0epss 0.01
Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system…
- risk 0.58cvss 7.5epss 0.82
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.
- risk 0.57cvss —epss 0.00
Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This…
- risk 0.57cvss —epss 0.00
Improper input validation for some Intel Endpoint Management Assistant (EMA) software before version 1.14.5 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack…
- risk 0.57cvss 8.8epss 0.00
Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.
- risk 0.57cvss 8.8epss 0.00
Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
- risk 0.57cvss 8.3epss 0.06
Linksys E1000 devices through 2.1.02, E1200 devices before 2.0.05, and E3200 devices through 1.0.04 allow OS command injection via shell metacharacters in the apply.cgi ping_ip parameter on TCP port 52000.
- risk 0.57cvss 8.8epss 0.00
Protection mechanism failure in the SPP for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
- risk 0.57cvss 8.8epss 0.00
Improper conditions check in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access.