Vendor CVEs
Intel
All CVEs
2,130 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-33077 | 0.00 | — | 0.00 | May 12, 2022 | Insufficient control flow management in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||
| CVE-2021-33078 | 0.00 | — | 0.00 | May 12, 2022 | Race condition within a thread in firmware for some Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow a privileged user to potentially enable denial of service via local access. | |||
| CVE-2021-0126 | 0.00 | — | 0.00 | May 12, 2022 | Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. | |||
| CVE-2022-21237 | 0.00 | — | 0.00 | May 12, 2022 | Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. | |||
| CVE-2022-24297 | 0.00 | — | 0.00 | May 12, 2022 | Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. | |||
| CVE-2021-26258 | 0.00 | — | 0.01 | May 12, 2022 | Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may allow an authorized user to potentially enable escalation of privilege via local access. | |||
| CVE-2022-24382 | 0.00 | — | 0.00 | May 12, 2022 | Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. | |||
| CVE-2022-22139 | 0.00 | — | 0.00 | May 12, 2022 | Uncontrolled search path in the Intel(R) XTU software before version 7.3.0.33 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2022-21128 | 0.00 | — | 0.00 | May 12, 2022 | Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2021-0194 | 0.00 | — | 0.01 | May 12, 2022 | Improper access control in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access. | |||
| CVE-2021-0193 | 0.00 | — | 0.01 | May 12, 2022 | Improper authentication in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access. | |||
| CVE-2021-33108 | 0.00 | — | 0.00 | May 12, 2022 | Improper input validation in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via local access. | |||
| CVE-2021-33135 | 0.00 | — | 0.00 | May 12, 2022 | Uncontrolled resource consumption in the Linux kernel drivers for Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access. | |||
| CVE-2022-21136 | 0.00 | — | 0.00 | May 12, 2022 | Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access. | |||
| CVE-2022-21131 | 0.00 | — | 0.00 | May 12, 2022 | Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |||
| CVE-2021-33130 | 0.00 | — | 0.00 | May 12, 2022 | Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access. | |||
| CVE-2021-26400 | 0.00 | — | 0.00 | May 11, 2022 | AMD processors may speculatively re-order load instructions which can result in stale data being observed when multiple processors are operating on shared memory, resulting in potential data leakage. | |||
| CVE-2021-20257 | 0.00 | — | 0.00 | Mar 16, 2022 | An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host,… | |||
| CVE-2021-33150 | 0.00 | — | 0.00 | Mar 11, 2022 | Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||
| CVE-2022-0002 | 0.00 | — | 0.00 | Mar 11, 2022 | Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | |||
| CVE-2022-0001 | 0.00 | — | 0.01 | Mar 11, 2022 | Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | |||
| CVE-2022-23958 | 0.00 | — | 0.00 | Mar 2, 2022 | Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service. | |||
| CVE-2022-23955 | 0.00 | — | 0.00 | Mar 2, 2022 | Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service. | |||
| CVE-2022-23953 | 0.00 | — | 0.00 | Mar 2, 2022 | Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service. | |||
| CVE-2022-21220 | 0.00 | — | 0.00 | Feb 9, 2022 | Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2022-21205 | 0.00 | — | 0.01 | Feb 9, 2022 | Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access. | |||
| CVE-2022-21218 | 0.00 | — | 0.00 | Feb 9, 2022 | Uncaught exception in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access. | |||
| CVE-2022-21226 | 0.00 | — | 0.00 | Feb 9, 2022 | Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access. | |||
| CVE-2022-21203 | 0.00 | — | 0.00 | Feb 9, 2022 | Improper permissions in the SafeNet Sentinel driver for Intel(R) Quartus(R) Prime Standard Edition before version 21.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2022-21157 | 0.00 | — | 0.00 | Feb 9, 2022 | Improper access control in the Intel(R) Smart Campus Android application before version 6.1 may allow authenticated user to potentially enable information disclosure via local access. | |||
| CVE-2022-21204 | 0.00 | — | 0.00 | Feb 9, 2022 | Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2022-21156 | 0.00 | — | 0.00 | Feb 9, 2022 | Access of uninitialized pointer in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access. | |||
| CVE-2021-44454 | 0.00 | — | 0.00 | Feb 9, 2022 | Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2022-21174 | 0.00 | — | 0.00 | Feb 9, 2022 | Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2022-21153 | 0.00 | — | 0.00 | Feb 9, 2022 | Improper access control in the Intel(R) Capital Global Summit Android application may allow an authenticated user to potentially enable information disclosure via local access. | |||
| CVE-2022-21133 | 0.00 | — | 0.00 | Feb 9, 2022 | Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access. | |||
| CVE-2021-33155 | 0.00 | — | 0.00 | Feb 9, 2022 | Improper input validation in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access. | |||
| CVE-2021-33166 | 0.00 | — | 0.00 | Feb 9, 2022 | Incorrect default permissions for the Intel(R) RXT for Chromebook application, all versions, may allow an authenticated user to potentially enable information disclosure via local access. | |||
| CVE-2021-33129 | 0.00 | — | 0.00 | Feb 9, 2022 | Incorrect default permissions in the software installer for the Intel(R) Advisor before version 2021.4.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2021-33139 | 0.00 | — | 0.00 | Feb 9, 2022 | Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access. | |||
| CVE-2021-33137 | 0.00 | — | 0.00 | Feb 9, 2022 | Out-of-bounds write in the Intel(R) Kernelflinger project may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2021-33120 | 0.00 | — | 0.01 | Feb 9, 2022 | Out of bounds read under complex microarchitectural condition in memory subsystem for some Intel Atom(R) Processors may allow authenticated user to potentially enable information disclosure or cause denial of service via network access. | |||
| CVE-2021-33147 | 0.00 | — | 0.00 | Feb 9, 2022 | Improper conditions check in the Intel(R) IPP Crypto library before version 2021.2 may allow an authenticated user to potentially enable information disclosure via local access. | |||
| CVE-2021-33119 | 0.00 | — | 0.00 | Feb 9, 2022 | Improper access control in the Intel(R) RealSense(TM) DCM before version 20210625 may allow an authenticated user to potentially enable information disclosure via local access. | |||
| CVE-2021-33114 | 0.00 | — | 0.00 | Feb 9, 2022 | Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 and 11 may allow an authenticated user to potentially enable denial of service via adjacent access. | |||
| CVE-2021-33105 | 0.00 | — | 0.00 | Feb 9, 2022 | Out-of-bounds read in some Intel(R) Core(TM) processors with Radeon(TM) RX Vega M GL integrated graphics before version 21.10 may allow an authenticated user to potentially enable information disclosure via local access. | |||
| CVE-2021-33110 | 0.00 | — | 0.01 | Feb 9, 2022 | Improper input validation for some Intel(R) Wireless Bluetooth(R) products and Killer(TM) Bluetooth(R) products in Windows 10 and 11 before version 22.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||
| CVE-2021-33113 | 0.00 | — | 0.01 | Feb 9, 2022 | Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access. | |||
| CVE-2021-33115 | 0.00 | — | 0.01 | Feb 9, 2022 | Improper input validation for some Intel(R) PROSet/Wireless WiFi in UEFI may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | |||
| CVE-2021-33096 | 0.00 | — | 0.00 | Feb 9, 2022 | Improper isolation of shared resources in network on chip for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access. |
- CVE-2021-33077May 12, 2022risk 0.00cvss —epss 0.00
Insufficient control flow management in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
- CVE-2021-33078May 12, 2022risk 0.00cvss —epss 0.00
Race condition within a thread in firmware for some Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow a privileged user to potentially enable denial of service via local access.
- CVE-2021-0126May 12, 2022risk 0.00cvss —epss 0.00
Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.
- CVE-2022-21237May 12, 2022risk 0.00cvss —epss 0.00
Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2022-24297May 12, 2022risk 0.00cvss —epss 0.00
Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2021-26258May 12, 2022risk 0.00cvss —epss 0.01
Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may allow an authorized user to potentially enable escalation of privilege via local access.
- CVE-2022-24382May 12, 2022risk 0.00cvss —epss 0.00
Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2022-22139May 12, 2022risk 0.00cvss —epss 0.00
Uncontrolled search path in the Intel(R) XTU software before version 7.3.0.33 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2022-21128May 12, 2022risk 0.00cvss —epss 0.00
Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2021-0194May 12, 2022risk 0.00cvss —epss 0.01
Improper access control in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access.
- CVE-2021-0193May 12, 2022risk 0.00cvss —epss 0.01
Improper authentication in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access.
- CVE-2021-33108May 12, 2022risk 0.00cvss —epss 0.00
Improper input validation in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2021-33135May 12, 2022risk 0.00cvss —epss 0.00
Uncontrolled resource consumption in the Linux kernel drivers for Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2022-21136May 12, 2022risk 0.00cvss —epss 0.00
Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access.
- CVE-2022-21131May 12, 2022risk 0.00cvss —epss 0.00
Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2021-33130May 12, 2022risk 0.00cvss —epss 0.00
Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access.
- CVE-2021-26400May 11, 2022risk 0.00cvss —epss 0.00
AMD processors may speculatively re-order load instructions which can result in stale data being observed when multiple processors are operating on shared memory, resulting in potential data leakage.
- CVE-2021-20257Mar 16, 2022risk 0.00cvss —epss 0.00
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host,…
- CVE-2021-33150Mar 11, 2022risk 0.00cvss —epss 0.00
Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
- CVE-2022-0002Mar 11, 2022risk 0.00cvss —epss 0.00
Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- CVE-2022-0001Mar 11, 2022risk 0.00cvss —epss 0.01
Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- CVE-2022-23958Mar 2, 2022risk 0.00cvss —epss 0.00
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
- CVE-2022-23955Mar 2, 2022risk 0.00cvss —epss 0.00
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
- CVE-2022-23953Mar 2, 2022risk 0.00cvss —epss 0.00
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
- CVE-2022-21220Feb 9, 2022risk 0.00cvss —epss 0.00
Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2022-21205Feb 9, 2022risk 0.00cvss —epss 0.01
Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access.
- CVE-2022-21218Feb 9, 2022risk 0.00cvss —epss 0.00
Uncaught exception in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2022-21226Feb 9, 2022risk 0.00cvss —epss 0.00
Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2022-21203Feb 9, 2022risk 0.00cvss —epss 0.00
Improper permissions in the SafeNet Sentinel driver for Intel(R) Quartus(R) Prime Standard Edition before version 21.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2022-21157Feb 9, 2022risk 0.00cvss —epss 0.00
Improper access control in the Intel(R) Smart Campus Android application before version 6.1 may allow authenticated user to potentially enable information disclosure via local access.
- CVE-2022-21204Feb 9, 2022risk 0.00cvss —epss 0.00
Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2022-21156Feb 9, 2022risk 0.00cvss —epss 0.00
Access of uninitialized pointer in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2021-44454Feb 9, 2022risk 0.00cvss —epss 0.00
Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2022-21174Feb 9, 2022risk 0.00cvss —epss 0.00
Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2022-21153Feb 9, 2022risk 0.00cvss —epss 0.00
Improper access control in the Intel(R) Capital Global Summit Android application may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2022-21133Feb 9, 2022risk 0.00cvss —epss 0.00
Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2021-33155Feb 9, 2022risk 0.00cvss —epss 0.00
Improper input validation in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.
- CVE-2021-33166Feb 9, 2022risk 0.00cvss —epss 0.00
Incorrect default permissions for the Intel(R) RXT for Chromebook application, all versions, may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2021-33129Feb 9, 2022risk 0.00cvss —epss 0.00
Incorrect default permissions in the software installer for the Intel(R) Advisor before version 2021.4.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2021-33139Feb 9, 2022risk 0.00cvss —epss 0.00
Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.
- CVE-2021-33137Feb 9, 2022risk 0.00cvss —epss 0.00
Out-of-bounds write in the Intel(R) Kernelflinger project may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2021-33120Feb 9, 2022risk 0.00cvss —epss 0.01
Out of bounds read under complex microarchitectural condition in memory subsystem for some Intel Atom(R) Processors may allow authenticated user to potentially enable information disclosure or cause denial of service via network access.
- CVE-2021-33147Feb 9, 2022risk 0.00cvss —epss 0.00
Improper conditions check in the Intel(R) IPP Crypto library before version 2021.2 may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2021-33119Feb 9, 2022risk 0.00cvss —epss 0.00
Improper access control in the Intel(R) RealSense(TM) DCM before version 20210625 may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2021-33114Feb 9, 2022risk 0.00cvss —epss 0.00
Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 and 11 may allow an authenticated user to potentially enable denial of service via adjacent access.
- CVE-2021-33105Feb 9, 2022risk 0.00cvss —epss 0.00
Out-of-bounds read in some Intel(R) Core(TM) processors with Radeon(TM) RX Vega M GL integrated graphics before version 21.10 may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2021-33110Feb 9, 2022risk 0.00cvss —epss 0.01
Improper input validation for some Intel(R) Wireless Bluetooth(R) products and Killer(TM) Bluetooth(R) products in Windows 10 and 11 before version 22.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
- CVE-2021-33113Feb 9, 2022risk 0.00cvss —epss 0.01
Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.
- CVE-2021-33115Feb 9, 2022risk 0.00cvss —epss 0.01
Improper input validation for some Intel(R) PROSet/Wireless WiFi in UEFI may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
- CVE-2021-33096Feb 9, 2022risk 0.00cvss —epss 0.00
Improper isolation of shared resources in network on chip for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.
Page 28 of 43