Vendor CVEs
Intel
All CVEs
2,130 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-22850 | 0.00 | — | 0.00 | Mar 10, 2026 | Time-of-check time-of-use race condition in the UEFI PdaSmm module for some Intel(R) reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may… | |||
| CVE-2025-22444 | 0.00 | — | 0.00 | Mar 10, 2026 | Exposure of resource to wrong sphere in the UEFI PdaSmm module for some Intel(R) reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially… | |||
| CVE-2025-20105 | 0.00 | — | 0.00 | Mar 10, 2026 | Improper input validation in some UEFI firmware SMM module for the Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may… | |||
| CVE-2025-20073 | 0.00 | — | 0.00 | Mar 10, 2026 | Improper buffer restrictions in the UEFI DXE module for some Intel(R) Reference Platforms within UEFI may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may… | |||
| CVE-2025-20028 | 0.00 | — | 0.00 | Mar 10, 2026 | Time-of-check time-of-use race condition in the WheaERST SMM module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result… | |||
| CVE-2025-20027 | 0.00 | — | 0.00 | Mar 10, 2026 | Improper input validation in the UEFI WheaERST module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may… | |||
| CVE-2025-20005 | 0.00 | — | 0.00 | Mar 10, 2026 | Improper buffer restrictions in some UEFI firmware for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur… | |||
| CVE-2025-20096 | 0.00 | — | 0.00 | Mar 10, 2026 | Improper input validation in the UEFI firmware for some Intel Reference Platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via… | |||
| CVE-2025-32003 | 0.00 | — | 0.00 | Feb 10, 2026 | Out-of-bounds read in the firmware for some 100GbE Intel(R) Ethernet Network Adapter E810 before version cvl fw 1.7.6, cpk 1.3.7 within Ring 0: Bare Metal OS may allow a denial of service. Network adversary with an authenticated user combined with a low complexity attack may… | |||
| CVE-2025-27535 | 0.00 | — | 0.00 | Feb 10, 2026 | Exposed ioctl with insufficient access control in the firmware for some Intel(R) Ethernet Connection E825-C. before version NVM ver. 3.84 within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a high complexity… | |||
| CVE-2025-27243 | 0.00 | — | 0.00 | Feb 10, 2026 | Out-of-bounds write in the firmware for some Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of… | |||
| CVE-2025-24851 | 0.00 | — | 0.00 | Feb 10, 2026 | Uncaught exception in the firmware for some 100GbE Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial… | |||
| CVE-2025-71093 | 0.00 | — | 0.00 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000_tbi_should_accept() In e1000_tbi_should_accept() we read the last byte of the frame via 'data[length - 1]' to evaluate the TBI workaround. If the descriptor- reported length is zero or… | |||
| CVE-2025-61258 | 0.00 | — | 0.01 | Dec 9, 2025 | Outsystems Platform Server 11.18.1.37828 allows attackers to cause a denial of service via a crafted content-length value mismatching the body length. NOTE: the Supplier indicates that they are unable to reproduce this. | |||
| CVE-2025-40154 | 0.00 | — | 0.00 | Nov 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcr_rt5640 driver only shows an error message but leaves as is. This may lead to… | |||
| CVE-2025-33000 | 0.00 | — | 0.00 | Nov 11, 2025 | Improper input validation for some Intel QuickAssist Technology before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable escalation of… | |||
| CVE-2025-32732 | 0.00 | — | 0.00 | Nov 11, 2025 | Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may… | |||
| CVE-2025-32446 | 0.00 | — | 0.00 | Nov 11, 2025 | Untrusted pointer dereference for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data… | |||
| CVE-2025-32088 | 0.00 | — | 0.00 | Nov 11, 2025 | Improper conditions check for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This… | |||
| CVE-2025-31937 | 0.00 | — | 0.00 | Nov 11, 2025 | Out-of-bounds read for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result… | |||
| CVE-2025-30509 | 0.00 | — | 0.00 | Nov 11, 2025 | Improper input validation for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data… | |||
| CVE-2025-27713 | 0.00 | — | 0.00 | Nov 11, 2025 | Out-of-bounds write for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege.… | |||
| CVE-2025-27710 | 0.00 | — | 0.00 | Nov 11, 2025 | Untrusted pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an information disclosure. System software adversary with an authenticated user combined with a low complexity attack may enable data exposure.… | |||
| CVE-2025-26694 | 0.00 | — | 0.00 | Nov 11, 2025 | Null pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This… | |||
| CVE-2025-24863 | 0.00 | — | 0.00 | Nov 11, 2025 | Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data… | |||
| CVE-2025-24862 | 0.00 | — | 0.00 | Nov 11, 2025 | Unrestricted upload of file with dangerous type for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack… | |||
| CVE-2025-24847 | 0.00 | — | 0.00 | Nov 11, 2025 | Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data… | |||
| CVE-2025-24838 | 0.00 | — | 0.00 | Nov 11, 2025 | Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable… | |||
| CVE-2025-24834 | 0.00 | — | 0.00 | Nov 11, 2025 | Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable data… | |||
| CVE-2025-24519 | 0.00 | — | 0.00 | Nov 11, 2025 | Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data manipulation. This… | |||
| CVE-2025-24314 | 0.00 | — | 0.00 | Nov 11, 2025 | Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable data exposure.… | |||
| CVE-2025-24307 | 0.00 | — | 0.00 | Nov 11, 2025 | Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable… | |||
| CVE-2025-24299 | 0.00 | — | 0.00 | Nov 11, 2025 | Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable… | |||
| CVE-2025-20614 | 0.00 | — | 0.00 | Nov 11, 2025 | External control of file name or path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable… | |||
| CVE-2025-20050 | 0.00 | — | 0.00 | Nov 11, 2025 | Uncontrolled search path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable local… | |||
| CVE-2022-50325 | 0.00 | — | 0.00 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGE_CONFIG_GET, memcpy_fromio() could end up copying too many bytes. Fix by utilizing min_t(). | |||
| CVE-2024-33607 | 0.00 | — | 0.00 | Aug 12, 2025 | Out-of-bounds read in some Intel(R) TDX module software before version TDX_1.5.07.00.774 may allow an authenticated user to potentially enable information disclosure via local access. | |||
| CVE-2025-20090 | 0.00 | — | 0.00 | Aug 12, 2025 | Untrusted Pointer Dereference for some Intel(R) QuickAssist Technology software before version 2.5.0 may allow an authenticated user to potentially enable denial of service via local access. | |||
| CVE-2025-48709 | 0.00 | — | 0.00 | Aug 7, 2025 | BMC Control-M/Server 9.0.21.300 displays cleartext database credentials in process lists and logs. An authenticated attacker with shell access could observe these credentials and use them to log in to the database server. For example, when Control-M/Server on Windows has a… | |||
| CVE-2025-20618 | 0.00 | — | 0.00 | May 13, 2025 | Stack-based buffer overflow for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to potentially enable denial of service via local access. | |||
| CVE-2025-20079 | 0.00 | — | 0.00 | May 13, 2025 | Uncontrolled search path for some Intel(R) Advisor software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2025-20062 | 0.00 | — | 0.00 | May 13, 2025 | Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||
| CVE-2025-20046 | 0.00 | — | 0.00 | May 13, 2025 | Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||
| CVE-2025-20039 | 0.00 | — | 0.00 | May 13, 2025 | Race condition for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||
| CVE-2025-20032 | 0.00 | — | 0.00 | May 13, 2025 | Improper input validation for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to potentially enable denial of service via local access. | |||
| CVE-2025-20026 | 0.00 | — | 0.00 | May 13, 2025 | Out-of-bounds read for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||
| CVE-2025-20006 | 0.00 | — | 0.00 | May 13, 2025 | Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||
| CVE-2022-49584 | 0.00 | — | 0.00 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero It is possible to disable VFs while the PF driver is processing requests from the VF driver. This can result in a panic. BUG: unable to… | |||
| CVE-2022-26083 | 0.00 | — | 0.00 | Feb 14, 2025 | Generation of weak initialization vector in an Intel(R) IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access. | |||
| CVE-2024-39284 | 0.00 | — | 0.00 | Feb 12, 2025 | Uncontrolled search path for some Intel(R) Advisor software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access. |
- CVE-2025-22850Mar 10, 2026risk 0.00cvss —epss 0.00
Time-of-check time-of-use race condition in the UEFI PdaSmm module for some Intel(R) reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may…
- CVE-2025-22444Mar 10, 2026risk 0.00cvss —epss 0.00
Exposure of resource to wrong sphere in the UEFI PdaSmm module for some Intel(R) reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially…
- CVE-2025-20105Mar 10, 2026risk 0.00cvss —epss 0.00
Improper input validation in some UEFI firmware SMM module for the Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may…
- CVE-2025-20073Mar 10, 2026risk 0.00cvss —epss 0.00
Improper buffer restrictions in the UEFI DXE module for some Intel(R) Reference Platforms within UEFI may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may…
- CVE-2025-20028Mar 10, 2026risk 0.00cvss —epss 0.00
Time-of-check time-of-use race condition in the WheaERST SMM module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result…
- CVE-2025-20027Mar 10, 2026risk 0.00cvss —epss 0.00
Improper input validation in the UEFI WheaERST module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may…
- CVE-2025-20005Mar 10, 2026risk 0.00cvss —epss 0.00
Improper buffer restrictions in some UEFI firmware for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur…
- CVE-2025-20096Mar 10, 2026risk 0.00cvss —epss 0.00
Improper input validation in the UEFI firmware for some Intel Reference Platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via…
- CVE-2025-32003Feb 10, 2026risk 0.00cvss —epss 0.00
Out-of-bounds read in the firmware for some 100GbE Intel(R) Ethernet Network Adapter E810 before version cvl fw 1.7.6, cpk 1.3.7 within Ring 0: Bare Metal OS may allow a denial of service. Network adversary with an authenticated user combined with a low complexity attack may…
- CVE-2025-27535Feb 10, 2026risk 0.00cvss —epss 0.00
Exposed ioctl with insufficient access control in the firmware for some Intel(R) Ethernet Connection E825-C. before version NVM ver. 3.84 within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a high complexity…
- CVE-2025-27243Feb 10, 2026risk 0.00cvss —epss 0.00
Out-of-bounds write in the firmware for some Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of…
- CVE-2025-24851Feb 10, 2026risk 0.00cvss —epss 0.00
Uncaught exception in the firmware for some 100GbE Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial…
- CVE-2025-71093Jan 13, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000_tbi_should_accept() In e1000_tbi_should_accept() we read the last byte of the frame via 'data[length - 1]' to evaluate the TBI workaround. If the descriptor- reported length is zero or…
- CVE-2025-61258Dec 9, 2025risk 0.00cvss —epss 0.01
Outsystems Platform Server 11.18.1.37828 allows attackers to cause a denial of service via a crafted content-length value mismatching the body length. NOTE: the Supplier indicates that they are unable to reproduce this.
- CVE-2025-40154Nov 12, 2025risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcr_rt5640 driver only shows an error message but leaves as is. This may lead to…
- CVE-2025-33000Nov 11, 2025risk 0.00cvss —epss 0.00
Improper input validation for some Intel QuickAssist Technology before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable escalation of…
- CVE-2025-32732Nov 11, 2025risk 0.00cvss —epss 0.00
Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may…
- CVE-2025-32446Nov 11, 2025risk 0.00cvss —epss 0.00
Untrusted pointer dereference for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data…
- CVE-2025-32088Nov 11, 2025risk 0.00cvss —epss 0.00
Improper conditions check for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This…
- CVE-2025-31937Nov 11, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result…
- CVE-2025-30509Nov 11, 2025risk 0.00cvss —epss 0.00
Improper input validation for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data…
- CVE-2025-27713Nov 11, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege.…
- CVE-2025-27710Nov 11, 2025risk 0.00cvss —epss 0.00
Untrusted pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an information disclosure. System software adversary with an authenticated user combined with a low complexity attack may enable data exposure.…
- CVE-2025-26694Nov 11, 2025risk 0.00cvss —epss 0.00
Null pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This…
- CVE-2025-24863Nov 11, 2025risk 0.00cvss —epss 0.00
Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data…
- CVE-2025-24862Nov 11, 2025risk 0.00cvss —epss 0.00
Unrestricted upload of file with dangerous type for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack…
- CVE-2025-24847Nov 11, 2025risk 0.00cvss —epss 0.00
Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data…
- CVE-2025-24838Nov 11, 2025risk 0.00cvss —epss 0.00
Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable…
- CVE-2025-24834Nov 11, 2025risk 0.00cvss —epss 0.00
Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable data…
- CVE-2025-24519Nov 11, 2025risk 0.00cvss —epss 0.00
Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data manipulation. This…
- CVE-2025-24314Nov 11, 2025risk 0.00cvss —epss 0.00
Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable data exposure.…
- CVE-2025-24307Nov 11, 2025risk 0.00cvss —epss 0.00
Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable…
- CVE-2025-24299Nov 11, 2025risk 0.00cvss —epss 0.00
Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable…
- CVE-2025-20614Nov 11, 2025risk 0.00cvss —epss 0.00
External control of file name or path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable…
- CVE-2025-20050Nov 11, 2025risk 0.00cvss —epss 0.00
Uncontrolled search path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable local…
- CVE-2022-50325Sep 15, 2025risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGE_CONFIG_GET, memcpy_fromio() could end up copying too many bytes. Fix by utilizing min_t().
- CVE-2024-33607Aug 12, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in some Intel(R) TDX module software before version TDX_1.5.07.00.774 may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2025-20090Aug 12, 2025risk 0.00cvss —epss 0.00
Untrusted Pointer Dereference for some Intel(R) QuickAssist Technology software before version 2.5.0 may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2025-48709Aug 7, 2025risk 0.00cvss —epss 0.00
BMC Control-M/Server 9.0.21.300 displays cleartext database credentials in process lists and logs. An authenticated attacker with shell access could observe these credentials and use them to log in to the database server. For example, when Control-M/Server on Windows has a…
- CVE-2025-20618May 13, 2025risk 0.00cvss —epss 0.00
Stack-based buffer overflow for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to potentially enable denial of service via local access.
- CVE-2025-20079May 13, 2025risk 0.00cvss —epss 0.00
Uncontrolled search path for some Intel(R) Advisor software may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2025-20062May 13, 2025risk 0.00cvss —epss 0.00
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
- CVE-2025-20046May 13, 2025risk 0.00cvss —epss 0.00
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
- CVE-2025-20039May 13, 2025risk 0.00cvss —epss 0.00
Race condition for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
- CVE-2025-20032May 13, 2025risk 0.00cvss —epss 0.00
Improper input validation for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to potentially enable denial of service via local access.
- CVE-2025-20026May 13, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
- CVE-2025-20006May 13, 2025risk 0.00cvss —epss 0.00
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
- CVE-2022-49584Feb 26, 2025risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero It is possible to disable VFs while the PF driver is processing requests from the VF driver. This can result in a panic. BUG: unable to…
- CVE-2022-26083Feb 14, 2025risk 0.00cvss —epss 0.00
Generation of weak initialization vector in an Intel(R) IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access.
- CVE-2024-39284Feb 12, 2025risk 0.00cvss —epss 0.00
Uncontrolled search path for some Intel(R) Advisor software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Page 13 of 43