VYPR

Vendor CVEs

Intel

All CVEs

2,130 total · sorted by risk
  • CVE-2024-45067HigMay 14, 2025
    risk 0.53cvss 8.2epss 0.00

    Incorrect default permissions in some Intel(R) Gaudi(R) software installers before version 1.18 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2025-20003HigMay 13, 2025
    risk 0.53cvss 8.2epss 0.00

    Improper link resolution before file access ('Link Following') for some Intel(R) Graphics Driver software installers may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2024-38310HigFeb 12, 2025
    risk 0.53cvss 8.2epss 0.00

    Improper access control in some Intel(R) Graphics Driver software installers may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-43758HigFeb 12, 2025
    risk 0.53cvss 8.2epss 0.00

    Improper input validation in UEFI firmware for some Intel(R) processors may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2023-31276HigFeb 12, 2025
    risk 0.53cvss 8.2epss 0.00

    Heap-based buffer overflow in BMC Firmware for the Intel(R) Server Board S2600WF, Intel(R) Server Board S2600ST, Intel(R) Server Board S2600BP, before version 02.01.0017 and Intel(R) Server Board M50CYP and Intel(R) Server Board D50TNP before version R01.01.0009 may allow a…

  • CVE-2024-36282HigNov 13, 2024
    risk 0.53cvss 8.2epss 0.00

    Improper input validation in the Intel(R) Server Board S2600ST Family BIOS and Firmware Update software all versions may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2023-38654HigMay 16, 2024
    risk 0.53cvss 8.2epss 0.00

    Improper input validation for some some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

  • CVE-2018-3643HigSep 12, 2018
    risk 0.53cvss 8.2epss 0.01

    A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker…

  • CVE-2018-12176HigSep 12, 2018
    risk 0.53cvss 8.2epss 0.00

    Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.

  • CVE-2018-3682HigJul 10, 2018
    risk 0.53cvss 8.2epss 0.00

    BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS.

  • CVE-2018-3627HigJul 10, 2018
    risk 0.53cvss 8.2epss 0.01

    Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.

  • CVE-2016-8022HigMar 14, 2017
    risk 0.53cvss 7.5epss 0.13

    Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie.

  • CVE-2016-5672HigAug 1, 2016
    risk 0.53cvss 8.1epss 0.02

    Intel Crosswalk before 19.49.514.5, 20.x before 20.50.533.11, 21.x before 21.51.546.0, and 22.x before 22.51.549.0 interprets a user's acceptance of one invalid X.509 certificate to mean that all invalid X.509 certificates should be accepted without prompting, which makes it…

  • CVE-2024-39368HigNov 13, 2024
    risk 0.52cvss 8.0epss 0.00

    Improper neutralization of special elements used in an SQL command ('SQL Injection') in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.

  • CVE-2018-3662HigAug 1, 2018
    risk 0.52cvss 8.0epss 0.01

    Escalation of privilege in Intel Saffron MemoryBase before version 11.4 potentially allows an authorized user of the Saffron application to execute arbitrary code as root.

  • CVE-2026-20767HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Improper input validation for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable…

  • CVE-2026-20714HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Out-of-bounds write for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation…

  • CVE-2025-35998HigFeb 10, 2026
    risk 0.51cvss 7.9epss 0.00

    Missing protection mechanism for alternate hardware interface in the Intel(R) Quick Assist Technology for some Intel(R) Platforms within Ring 0: Kernel may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack…

  • CVE-2025-30185HigNov 11, 2025
    risk 0.51cvss 7.9epss 0.00

    Active debug code for some Intel UEFI reference platforms within Ring 0: Kernel may allow a denial of service and escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable data alteration. This result may…

  • CVE-2025-20010HigNov 11, 2025
    risk 0.51cvss 7.8epss 0.00

    Use of unmaintained third party components for some Intel(R) Processor Identification Utility before version 8.0.43 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack…

  • CVE-2025-25273HigAug 12, 2025
    risk 0.51cvss 7.8epss 0.00

    Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2025-24486HigAug 12, 2025
    risk 0.51cvss 7.8epss 0.00

    Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2025-24484HigAug 12, 2025
    risk 0.51cvss 7.8epss 0.00

    Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2025-24303HigAug 12, 2025
    risk 0.51cvss 7.8epss 0.00

    Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2025-22893HigAug 12, 2025
    risk 0.51cvss 7.8epss 0.00

    Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2025-22889HigAug 12, 2025
    risk 0.51cvss 7.9epss 0.00

    Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2025-22836HigAug 12, 2025
    risk 0.51cvss 7.8epss 0.00

    Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2025-20109HigAug 12, 2025
    risk 0.51cvss 7.8epss 0.00

    Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2025-20074HigAug 12, 2025
    risk 0.51cvss 7.8epss 0.00

    Time-of-check Time-of-use race condition for some Intel(R) Connectivity Performance Suite software installers before version 40.24.11210 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2025-22843HigMay 13, 2025
    risk 0.51cvss 7.8epss 0.00

    Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2024-36337HigApr 2, 2025
    risk 0.51cvss 7.9epss 0.00

    Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of confidentiality, integrity or availability.

  • CVE-2024-36336HigApr 2, 2025
    risk 0.51cvss 7.9epss 0.00

    Integer overflow within the AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to a loss of confidentiality, integrity, or availability.

  • CVE-2024-39805HigFeb 12, 2025
    risk 0.51cvss 7.8epss 0.00

    Insufficient verification of data authenticity in some Intel(R) DSA software before version 23.4.39 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2024-32941HigFeb 12, 2025
    risk 0.51cvss 7.9epss 0.00

    NULL pointer dereference for some Intel(R) MLC software before version v3.11b may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2023-49141HigAug 14, 2024
    risk 0.51cvss 7.8epss 0.00

    Improper isolation in some Intel(R) Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-42667HigAug 14, 2024
    risk 0.51cvss 7.8epss 0.00

    Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2024-21864HigMay 16, 2024
    risk 0.51cvss 7.8epss 0.00

    Improper neutralization in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.5081 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent network access.

  • CVE-2024-21813HigMay 16, 2024
    risk 0.51cvss 7.9epss 0.00

    Exposure of resource to wrong sphere in some Intel(R) DTT software installers may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2018-12131HigOct 10, 2018
    risk 0.51cvss 7.8epss 0.00

    Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access.

  • CVE-2018-12175HigSep 12, 2018
    risk 0.51cvss 7.8epss 0.00

    Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access.

  • CVE-2018-12168HigSep 12, 2018
    risk 0.51cvss 7.8epss 0.00

    Privilege escalation in file permissions in Intel Computing Improvement Program before version 2.2.0.03942 may allow an authenticated user to potentially execute code as administrator via local access.

  • CVE-2018-12162HigSep 12, 2018
    risk 0.51cvss 7.8epss 0.00

    Directory permissions in the Intel OpenVINO Toolkit for Windows before version 2018.1.265 may allow an authenticated user to potentially execute code using default directory permissions via local access.

  • CVE-2018-12148HigSep 12, 2018
    risk 0.51cvss 7.8epss 0.00

    Privilege escalation in file permissions in Intel Driver and Support Assistant before 3.5.0.1 may allow an authenticated user to potentially execute code as administrator via local access.

  • CVE-2018-3650HigAug 1, 2018
    risk 0.51cvss 7.8epss 0.00

    Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector.

  • CVE-2018-3688HigJul 10, 2018
    risk 0.51cvss 7.8epss 0.00

    Unquoted service paths in Intel Quartus Prime Programmer and Tools in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code.

  • CVE-2018-3687HigJul 10, 2018
    risk 0.51cvss 7.8epss 0.00

    Unquoted service paths in Intel Quartus II Programmer and Tools in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code.

  • CVE-2018-3684HigJul 10, 2018
    risk 0.51cvss 7.8epss 0.00

    Unquoted service paths in Intel Quartus II in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code.

  • CVE-2018-3683HigJul 10, 2018
    risk 0.51cvss 7.8epss 0.00

    Unquoted service paths in Intel Quartus Prime in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code.

  • CVE-2018-3668HigJul 10, 2018
    risk 0.51cvss 7.8epss 0.00

    Unquoted service paths in Intel Processor Diagnostic Tool (IPDT) before version 4.1.0.27 allows a local attacker to potentially execute arbitrary code.

  • CVE-2018-3667HigJul 10, 2018
    risk 0.51cvss 7.8epss 0.00

    Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed files incorrectly, allowing for execution of arbitrary code and potential privilege escalation.

Page 2 of 43