Vendor CVEs
Intel
All CVEs
2,130 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-5699 | Med | 0.36 | 5.5 | 0.00 | Jan 18, 2018 | Input validation error in Intel MinnowBoard 3 Firmware versions prior to 0.65 allow local attacker to cause denial of service via UEFI APIs. | ||
| CVE-2016-8021 | Med | 0.36 | 5.0 | 0.03 | Mar 14, 2017 | Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file. | ||
| CVE-2016-8104 | Med | 0.36 | 5.5 | 0.00 | Dec 8, 2016 | Buffer overflow in Intel PROSet/Wireless Software and Drivers in versions before 19.20.3 allows a local user to crash iframewrk.exe causing a potential denial of service. | ||
| CVE-2016-8100 | Med | 0.36 | 5.5 | 0.00 | Oct 10, 2016 | Intel Integrated Performance Primitives (aka IPP) Cryptography before 9.0.4 makes it easier for local users to discover RSA private keys via a side-channel attack. | ||
| CVE-2026-20718 | Med | 0.35 | — | 0.00 | May 12, 2026 | Incorrect default permissions for some Intel(R) NPU Driver software installers before version 32.0.100.4511 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack… | ||
| CVE-2025-35969 | Med | 0.35 | — | 0.00 | May 12, 2026 | Uncontrolled search path for some Intel(R) Server Firmware Update Utility Software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may… | ||
| CVE-2020-26139 | Med | 0.35 | 5.3 | 0.06 | May 11, 2021 | An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against… | ||
| CVE-2018-3658 | Med | 0.35 | 5.3 | 0.03 | Sep 12, 2018 | Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access. | ||
| CVE-2025-31944 | Med | 0.34 | 5.3 | 0.00 | Feb 10, 2026 | Race condition for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow a denial of service. Authorized adversary with a privileged user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access… | ||
| CVE-2025-20077 | Med | 0.34 | 5.3 | 0.00 | Aug 12, 2025 | Missing release of memory after effective lifetime in the UEFI OobRasMmbiHandlerDriver module for some Intel(R) reference server platforms may allow a privileged user to enable denial of service via local access. | ||
| CVE-2025-20034 | Med | 0.34 | 5.3 | 0.00 | May 13, 2025 | Improper input validation in the BackupBiosUpdate UEFI firmware SmiVariable driver for the Intel(R) Server D50DNP and M50FCP boards before version R01.02.0003 may allow a privileged user to potentially enable information disclosure via local access. | ||
| CVE-2024-43101 | Med | 0.34 | 5.3 | 0.00 | May 13, 2025 | Improper access control for some Intel(R) Data Center GPU Flex Series for Windows driver software before version 31.0.101.4255 may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2024-28047 | Med | 0.34 | 5.3 | 0.00 | Feb 12, 2025 | Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | ||
| CVE-2024-21859 | Med | 0.34 | 5.3 | 0.00 | Feb 12, 2025 | Improper buffer restrictions in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | ||
| CVE-2023-48366 | Med | 0.34 | 5.3 | 0.00 | Feb 12, 2025 | Race condition in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable information disclosure via local access. | ||
| CVE-2024-39285 | Med | 0.34 | 5.3 | 0.00 | Nov 13, 2024 | Improper access control in UEFI firmware in some Intel(R) Server M20NTP Family may allow a privileged user to potentially enable information disclosure via local access. | ||
| CVE-2024-24968 | Med | 0.34 | 5.3 | 0.00 | Sep 16, 2024 | Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access. | ||
| CVE-2024-23984 | Med | 0.34 | 5.3 | 0.00 | Sep 16, 2024 | Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | ||
| CVE-2023-43753 | Med | 0.34 | 5.3 | 0.00 | Sep 16, 2024 | Improper conditions check in some Intel(R) Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access. | ||
| CVE-2023-46049 | Med | 0.34 | 5.3 | 0.01 | Mar 27, 2024 | LLVM 15.0.0 has a NULL pointer dereference in the parseOneMetadata() function via a crafted pdflatex.fmt file (or perhaps a crafted .o file) to llvm-lto. NOTE: this is disputed because the relationship between pdflatex.fmt and any LLVM language front end is not explained, and… | ||
| CVE-2023-43490 | Med | 0.34 | 5.3 | 0.00 | Mar 14, 2024 | Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access. | ||
| CVE-2018-12160 | Med | 0.34 | 5.3 | 0.00 | Sep 12, 2018 | DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access. | ||
| CVE-2015-8987 | Med | 0.34 | 5.3 | 0.01 | Mar 14, 2017 | Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possibly rogue, ePO server via McAfee Agent migration to another ePO server. | ||
| CVE-2025-20076 | Med | 0.33 | 5.0 | 0.00 | May 13, 2025 | Improper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | ||
| CVE-2025-20012 | Med | 0.32 | 4.9 | 0.00 | May 13, 2025 | Incorrect behavior order for some Intel(R) Core™ Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access. | ||
| CVE-2025-35992 | Med | 0.31 | 4.7 | 0.00 | Feb 10, 2026 | Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result may… | ||
| CVE-2025-22885 | Med | 0.31 | 4.7 | 0.00 | Feb 10, 2026 | Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access… | ||
| CVE-2025-20611 | Med | 0.31 | 4.7 | 0.00 | May 13, 2025 | Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2022-28693 | Med | 0.31 | 4.7 | 0.00 | Feb 14, 2025 | Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | ||
| CVE-2024-39779 | Med | 0.31 | 4.7 | 0.00 | Feb 12, 2025 | Stack-based buffer overflow in some drivers for Intel(R) Ethernet Connection I219 Series before version 12.19.1.39 may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2024-21853 | Med | 0.31 | 4.7 | 0.00 | Nov 13, 2024 | Improper finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel(R) Xeon(R) Processors may allow an authorized user to potentially enable denial of service via local access. | ||
| CVE-2024-21783 | Med | 0.31 | 4.8 | 0.00 | Nov 13, 2024 | Integer overflow for some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2024-21792 | Med | 0.31 | 4.7 | 0.00 | May 16, 2024 | Time-of-check Time-of-use race condition in Intel(R) Neural Compressor software before version 2.5.0 may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2023-47210 | Med | 0.31 | 4.7 | 0.00 | May 16, 2024 | Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||
| CVE-2023-46103 | Med | 0.31 | 4.7 | 0.00 | May 16, 2024 | Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2023-43487 | Med | 0.31 | 4.7 | 0.00 | May 16, 2024 | Improper access control in some Intel(R) CST before version 2.1.10300 may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2024-31852 | Med | 0.31 | 5.9 | 0.01 | Apr 5, 2024 | LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor… | ||
| CVE-2018-12163 | Med | 0.31 | 4.8 | 0.01 | Sep 12, 2018 | A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access. | ||
| CVE-2018-3691 | Med | 0.31 | 4.7 | 0.00 | Jun 5, 2018 | Some implementations in Intel Integrated Performance Primitives Cryptography Library before version 2018 U3.1 do not properly ensure constant execution time. | ||
| CVE-2018-3626 | Med | 0.31 | 4.7 | 0.00 | Mar 20, 2018 | Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9.6 (Windows) may generate code that is susceptible to a side channel potentially allowing a local user to access unauthorized information. | ||
| CVE-2016-8018 | Med | 0.31 | 4.3 | 0.02 | Mar 14, 2017 | Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input. | ||
| CVE-2025-22446 | Med | 0.30 | 4.6 | 0.00 | May 13, 2025 | Inadequate encryption strength for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via adjacent access. | ||
| CVE-2018-3619 | Med | 0.30 | 4.6 | 0.00 | Jul 10, 2018 | Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access. | ||
| CVE-2017-5695 | Med | 0.30 | 4.6 | 0.00 | Aug 9, 2017 | Data corruption vulnerability in firmware in Intel Solid-State Drive Consumer, Professional, Embedded, Data Center affected firmware versions LSBG200, LSF031C, LSF036C, LBF010C, LSBG100, LSF031C, LSF036C, LBF010C, LSF031P, LSF036P, LBF010P, LSF031P, LSF036P, LBF010P, LSMG200,… | ||
| CVE-2017-5694 | Med | 0.30 | 4.6 | 0.00 | Aug 9, 2017 | Data corruption vulnerability in firmware in Intel Solid-State Drive Professional PSF104P, PSF109P allows local users to cause a denial of service via unspecified vectors. | ||
| CVE-2016-8017 | Med | 0.30 | 4.1 | 0.07 | Mar 14, 2017 | Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input. | ||
| CVE-2025-32007 | Med | 0.29 | 4.4 | 0.00 | Feb 10, 2026 | Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via local… | ||
| CVE-2025-27725 | Med | 0.29 | 4.4 | 0.00 | Nov 11, 2025 | Time-of-check time-of-use race condition for some ACAT before version 3.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result… | ||
| CVE-2025-24516 | Med | 0.29 | 4.5 | 0.00 | Nov 11, 2025 | Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data exposure.… | ||
| CVE-2025-20056 | Med | 0.29 | 4.4 | 0.00 | Nov 11, 2025 | Improper input validation for some Intel VTune Profiler before version 2025.1 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data manipulation.… |
- risk 0.36cvss 5.5epss 0.00
Input validation error in Intel MinnowBoard 3 Firmware versions prior to 0.65 allow local attacker to cause denial of service via UEFI APIs.
- risk 0.36cvss 5.0epss 0.03
Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file.
- risk 0.36cvss 5.5epss 0.00
Buffer overflow in Intel PROSet/Wireless Software and Drivers in versions before 19.20.3 allows a local user to crash iframewrk.exe causing a potential denial of service.
- risk 0.36cvss 5.5epss 0.00
Intel Integrated Performance Primitives (aka IPP) Cryptography before 9.0.4 makes it easier for local users to discover RSA private keys via a side-channel attack.
- risk 0.35cvss —epss 0.00
Incorrect default permissions for some Intel(R) NPU Driver software installers before version 32.0.100.4511 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack…
- risk 0.35cvss —epss 0.00
Uncontrolled search path for some Intel(R) Server Firmware Update Utility Software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may…
- risk 0.35cvss 5.3epss 0.06
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against…
- risk 0.35cvss 5.3epss 0.03
Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.
- risk 0.34cvss 5.3epss 0.00
Race condition for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow a denial of service. Authorized adversary with a privileged user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access…
- risk 0.34cvss 5.3epss 0.00
Missing release of memory after effective lifetime in the UEFI OobRasMmbiHandlerDriver module for some Intel(R) reference server platforms may allow a privileged user to enable denial of service via local access.
- risk 0.34cvss 5.3epss 0.00
Improper input validation in the BackupBiosUpdate UEFI firmware SmiVariable driver for the Intel(R) Server D50DNP and M50FCP boards before version R01.02.0003 may allow a privileged user to potentially enable information disclosure via local access.
- risk 0.34cvss 5.3epss 0.00
Improper access control for some Intel(R) Data Center GPU Flex Series for Windows driver software before version 31.0.101.4255 may allow an authenticated user to potentially enable denial of service via local access.
- risk 0.34cvss 5.3epss 0.00
Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
- risk 0.34cvss 5.3epss 0.00
Improper buffer restrictions in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
- risk 0.34cvss 5.3epss 0.00
Race condition in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable information disclosure via local access.
- risk 0.34cvss 5.3epss 0.00
Improper access control in UEFI firmware in some Intel(R) Server M20NTP Family may allow a privileged user to potentially enable information disclosure via local access.
- risk 0.34cvss 5.3epss 0.00
Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access.
- risk 0.34cvss 5.3epss 0.00
Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
- risk 0.34cvss 5.3epss 0.00
Improper conditions check in some Intel(R) Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access.
- risk 0.34cvss 5.3epss 0.01
LLVM 15.0.0 has a NULL pointer dereference in the parseOneMetadata() function via a crafted pdflatex.fmt file (or perhaps a crafted .o file) to llvm-lto. NOTE: this is disputed because the relationship between pdflatex.fmt and any LLVM language front end is not explained, and…
- risk 0.34cvss 5.3epss 0.00
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access.
- risk 0.34cvss 5.3epss 0.00
DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access.
- risk 0.34cvss 5.3epss 0.01
Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possibly rogue, ePO server via McAfee Agent migration to another ePO server.
- risk 0.33cvss 5.0epss 0.00
Improper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
- risk 0.32cvss 4.9epss 0.00
Incorrect behavior order for some Intel(R) Core™ Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access.
- risk 0.31cvss 4.7epss 0.00
Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result may…
- risk 0.31cvss 4.7epss 0.00
Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access…
- risk 0.31cvss 4.7epss 0.00
Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable information disclosure via local access.
- risk 0.31cvss 4.7epss 0.00
Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- risk 0.31cvss 4.7epss 0.00
Stack-based buffer overflow in some drivers for Intel(R) Ethernet Connection I219 Series before version 12.19.1.39 may allow an authenticated user to potentially enable denial of service via local access.
- risk 0.31cvss 4.7epss 0.00
Improper finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel(R) Xeon(R) Processors may allow an authorized user to potentially enable denial of service via local access.
- risk 0.31cvss 4.8epss 0.00
Integer overflow for some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
- risk 0.31cvss 4.7epss 0.00
Time-of-check Time-of-use race condition in Intel(R) Neural Compressor software before version 2.5.0 may allow an authenticated user to potentially enable information disclosure via local access.
- risk 0.31cvss 4.7epss 0.00
Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
- risk 0.31cvss 4.7epss 0.00
Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access.
- risk 0.31cvss 4.7epss 0.00
Improper access control in some Intel(R) CST before version 2.1.10300 may allow an authenticated user to potentially enable denial of service via local access.
- risk 0.31cvss 5.9epss 0.01
LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor…
- risk 0.31cvss 4.8epss 0.01
A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access.
- risk 0.31cvss 4.7epss 0.00
Some implementations in Intel Integrated Performance Primitives Cryptography Library before version 2018 U3.1 do not properly ensure constant execution time.
- risk 0.31cvss 4.7epss 0.00
Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9.6 (Windows) may generate code that is susceptible to a side channel potentially allowing a local user to access unauthorized information.
- risk 0.31cvss 4.3epss 0.02
Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input.
- risk 0.30cvss 4.6epss 0.00
Inadequate encryption strength for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via adjacent access.
- risk 0.30cvss 4.6epss 0.00
Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access.
- risk 0.30cvss 4.6epss 0.00
Data corruption vulnerability in firmware in Intel Solid-State Drive Consumer, Professional, Embedded, Data Center affected firmware versions LSBG200, LSF031C, LSF036C, LBF010C, LSBG100, LSF031C, LSF036C, LBF010C, LSF031P, LSF036P, LBF010P, LSF031P, LSF036P, LBF010P, LSMG200,…
- risk 0.30cvss 4.6epss 0.00
Data corruption vulnerability in firmware in Intel Solid-State Drive Professional PSF104P, PSF109P allows local users to cause a denial of service via unspecified vectors.
- risk 0.30cvss 4.1epss 0.07
Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input.
- risk 0.29cvss 4.4epss 0.00
Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via local…
- risk 0.29cvss 4.4epss 0.00
Time-of-check time-of-use race condition for some ACAT before version 3.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result…
- risk 0.29cvss 4.5epss 0.00
Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data exposure.…
- risk 0.29cvss 4.4epss 0.00
Improper input validation for some Intel VTune Profiler before version 2025.1 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data manipulation.…
Page 10 of 43