VYPR

Vendor CVEs

Intel

All CVEs

2,130 total · sorted by risk
  • CVE-2017-5699MedJan 18, 2018
    risk 0.36cvss 5.5epss 0.00

    Input validation error in Intel MinnowBoard 3 Firmware versions prior to 0.65 allow local attacker to cause denial of service via UEFI APIs.

  • CVE-2016-8021MedMar 14, 2017
    risk 0.36cvss 5.0epss 0.03

    Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file.

  • CVE-2016-8104MedDec 8, 2016
    risk 0.36cvss 5.5epss 0.00

    Buffer overflow in Intel PROSet/Wireless Software and Drivers in versions before 19.20.3 allows a local user to crash iframewrk.exe causing a potential denial of service.

  • CVE-2016-8100MedOct 10, 2016
    risk 0.36cvss 5.5epss 0.00

    Intel Integrated Performance Primitives (aka IPP) Cryptography before 9.0.4 makes it easier for local users to discover RSA private keys via a side-channel attack.

  • CVE-2026-20718MedMay 12, 2026
    risk 0.35cvss epss 0.00

    Incorrect default permissions for some Intel(R) NPU Driver software installers before version 32.0.100.4511 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack…

  • CVE-2025-35969MedMay 12, 2026
    risk 0.35cvss epss 0.00

    Uncontrolled search path for some Intel(R) Server Firmware Update Utility Software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may…

  • CVE-2020-26139MedMay 11, 2021
    risk 0.35cvss 5.3epss 0.06

    An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against…

  • CVE-2018-3658MedSep 12, 2018
    risk 0.35cvss 5.3epss 0.03

    Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.

  • CVE-2025-31944MedFeb 10, 2026
    risk 0.34cvss 5.3epss 0.00

    Race condition for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow a denial of service. Authorized adversary with a privileged user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access…

  • CVE-2025-20077MedAug 12, 2025
    risk 0.34cvss 5.3epss 0.00

    Missing release of memory after effective lifetime in the UEFI OobRasMmbiHandlerDriver module for some Intel(R) reference server platforms may allow a privileged user to enable denial of service via local access.

  • CVE-2025-20034MedMay 13, 2025
    risk 0.34cvss 5.3epss 0.00

    Improper input validation in the BackupBiosUpdate UEFI firmware SmiVariable driver for the Intel(R) Server D50DNP and M50FCP boards before version R01.02.0003 may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2024-43101MedMay 13, 2025
    risk 0.34cvss 5.3epss 0.00

    Improper access control for some Intel(R) Data Center GPU Flex Series for Windows driver software before version 31.0.101.4255 may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2024-28047MedFeb 12, 2025
    risk 0.34cvss 5.3epss 0.00

    Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2024-21859MedFeb 12, 2025
    risk 0.34cvss 5.3epss 0.00

    Improper buffer restrictions in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2023-48366MedFeb 12, 2025
    risk 0.34cvss 5.3epss 0.00

    Race condition in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2024-39285MedNov 13, 2024
    risk 0.34cvss 5.3epss 0.00

    Improper access control in UEFI firmware in some Intel(R) Server M20NTP Family may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2024-24968MedSep 16, 2024
    risk 0.34cvss 5.3epss 0.00

    Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access.

  • CVE-2024-23984MedSep 16, 2024
    risk 0.34cvss 5.3epss 0.00

    Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2023-43753MedSep 16, 2024
    risk 0.34cvss 5.3epss 0.00

    Improper conditions check in some Intel(R) Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2023-46049MedMar 27, 2024
    risk 0.34cvss 5.3epss 0.01

    LLVM 15.0.0 has a NULL pointer dereference in the parseOneMetadata() function via a crafted pdflatex.fmt file (or perhaps a crafted .o file) to llvm-lto. NOTE: this is disputed because the relationship between pdflatex.fmt and any LLVM language front end is not explained, and…

  • CVE-2023-43490MedMar 14, 2024
    risk 0.34cvss 5.3epss 0.00

    Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2018-12160MedSep 12, 2018
    risk 0.34cvss 5.3epss 0.00

    DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access.

  • CVE-2015-8987MedMar 14, 2017
    risk 0.34cvss 5.3epss 0.01

    Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possibly rogue, ePO server via McAfee Agent migration to another ePO server.

  • CVE-2025-20076MedMay 13, 2025
    risk 0.33cvss 5.0epss 0.00

    Improper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

  • CVE-2025-20012MedMay 13, 2025
    risk 0.32cvss 4.9epss 0.00

    Incorrect behavior order for some Intel(R) Core™ Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access.

  • CVE-2025-35992MedFeb 10, 2026
    risk 0.31cvss 4.7epss 0.00

    Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result may…

  • CVE-2025-22885MedFeb 10, 2026
    risk 0.31cvss 4.7epss 0.00

    Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access…

  • CVE-2025-20611MedMay 13, 2025
    risk 0.31cvss 4.7epss 0.00

    Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-28693MedFeb 14, 2025
    risk 0.31cvss 4.7epss 0.00

    Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

  • CVE-2024-39779MedFeb 12, 2025
    risk 0.31cvss 4.7epss 0.00

    Stack-based buffer overflow in some drivers for Intel(R) Ethernet Connection I219 Series before version 12.19.1.39 may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2024-21853MedNov 13, 2024
    risk 0.31cvss 4.7epss 0.00

    Improper finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel(R) Xeon(R) Processors may allow an authorized user to potentially enable denial of service via local access.

  • CVE-2024-21783MedNov 13, 2024
    risk 0.31cvss 4.8epss 0.00

    Integer overflow for some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2024-21792MedMay 16, 2024
    risk 0.31cvss 4.7epss 0.00

    Time-of-check Time-of-use race condition in Intel(R) Neural Compressor software before version 2.5.0 may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2023-47210MedMay 16, 2024
    risk 0.31cvss 4.7epss 0.00

    Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

  • CVE-2023-46103MedMay 16, 2024
    risk 0.31cvss 4.7epss 0.00

    Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2023-43487MedMay 16, 2024
    risk 0.31cvss 4.7epss 0.00

    Improper access control in some Intel(R) CST before version 2.1.10300 may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2024-31852MedApr 5, 2024
    risk 0.31cvss 5.9epss 0.01

    LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor…

  • CVE-2018-12163MedSep 12, 2018
    risk 0.31cvss 4.8epss 0.01

    A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access.

  • CVE-2018-3691MedJun 5, 2018
    risk 0.31cvss 4.7epss 0.00

    Some implementations in Intel Integrated Performance Primitives Cryptography Library before version 2018 U3.1 do not properly ensure constant execution time.

  • CVE-2018-3626MedMar 20, 2018
    risk 0.31cvss 4.7epss 0.00

    Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9.6 (Windows) may generate code that is susceptible to a side channel potentially allowing a local user to access unauthorized information.

  • CVE-2016-8018MedMar 14, 2017
    risk 0.31cvss 4.3epss 0.02

    Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input.

  • CVE-2025-22446MedMay 13, 2025
    risk 0.30cvss 4.6epss 0.00

    Inadequate encryption strength for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via adjacent access.

  • CVE-2018-3619MedJul 10, 2018
    risk 0.30cvss 4.6epss 0.00

    Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access.

  • CVE-2017-5695MedAug 9, 2017
    risk 0.30cvss 4.6epss 0.00

    Data corruption vulnerability in firmware in Intel Solid-State Drive Consumer, Professional, Embedded, Data Center affected firmware versions LSBG200, LSF031C, LSF036C, LBF010C, LSBG100, LSF031C, LSF036C, LBF010C, LSF031P, LSF036P, LBF010P, LSF031P, LSF036P, LBF010P, LSMG200,…

  • CVE-2017-5694MedAug 9, 2017
    risk 0.30cvss 4.6epss 0.00

    Data corruption vulnerability in firmware in Intel Solid-State Drive Professional PSF104P, PSF109P allows local users to cause a denial of service via unspecified vectors.

  • CVE-2016-8017MedMar 14, 2017
    risk 0.30cvss 4.1epss 0.07

    Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input.

  • CVE-2025-32007MedFeb 10, 2026
    risk 0.29cvss 4.4epss 0.00

    Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via local…

  • CVE-2025-27725MedNov 11, 2025
    risk 0.29cvss 4.4epss 0.00

    Time-of-check time-of-use race condition for some ACAT before version 3.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result…

  • CVE-2025-24516MedNov 11, 2025
    risk 0.29cvss 4.5epss 0.00

    Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data exposure.…

  • CVE-2025-20056MedNov 11, 2025
    risk 0.29cvss 4.4epss 0.00

    Improper input validation for some Intel VTune Profiler before version 2025.1 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data manipulation.…

Page 10 of 43