VYPR

Vendor CVEs

Intel

All CVEs

2,130 total · sorted by risk
  • CVE-2024-22382HigMay 16, 2024
    risk 0.49cvss 7.5epss 0.00

    Improper input validation in PprRequestLog module in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local access.

  • CVE-2024-21823HigMay 16, 2024
    risk 0.49cvss 7.5epss 0.00

    Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalation of privilege local access

  • CVE-2023-41092HigMay 16, 2024
    risk 0.49cvss 7.6epss 0.00

    Unchecked return value in SDM firmware for Intel(R) Stratix 10 and Intel(R) Agilex 7 FPGAs before version 23.3 may allow an authenticated user to potentially enable denial of service via adjacent access.

  • CVE-2018-12169HigSep 21, 2018
    risk 0.49cvss 7.6epss 0.01

    Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation Intel Core Processor contains a logic error which may allow physical attacker to…

  • CVE-2018-3669HigSep 12, 2018
    risk 0.49cvss 7.5epss 0.01

    A STOP error (BSoD) in the ibtfltcoex.sys driver for Intel Centrino Wireless N and Intel Centrino Advanced N adapters may allow an unauthenticated user to potentially send a malformed L2CAP Connection Request is sent to the Intel Bluetooth device via the network.

  • CVE-2017-5693HigJul 31, 2018
    risk 0.49cvss 7.5epss 0.04

    Firmware in the Intel Puma 5, 6, and 7 Series might experience resource depletion or timeout, which allows a network attacker to create a denial of service via crafted network traffic.

  • CVE-2018-3652HigJul 10, 2018
    risk 0.49cvss 7.6epss 0.00

    Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets…

  • CVE-2017-5722HigOct 11, 2017
    risk 0.49cvss 7.5epss 0.00

    Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass enforcement of integrity protections via manipulation of firmware storage.

  • CVE-2017-5721HigOct 11, 2017
    risk 0.49cvss 7.5epss 0.01

    Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory.

  • CVE-2015-8990HigMar 14, 2017
    risk 0.49cvss 7.5epss 0.01

    Detection bypass vulnerability in Intel Security Advanced Threat Defense (ATD) 3.4.6 and earlier allows malware samples to bypass ATD detection via renaming the malware.

  • CVE-2013-7462HigMar 14, 2017
    risk 0.49cvss 7.5epss 0.02

    A directory traversal vulnerability in the web application in McAfee (now Intel Security) SaaS Control Console (SCC) Platform 6.14 before patch 1070, and 6.15 before patch 1076 allows unauthenticated users to view contents of arbitrary system files that did not have file system…

  • CVE-2017-5681HigMar 7, 2017
    risk 0.49cvss 7.5epss 0.01

    The RSA-CRT implementation in the Intel QuickAssist Technology (QAT) Engine for OpenSSL versions prior to 0.5.19 may allow remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack.

  • CVE-2017-5927HigFeb 27, 2017
    risk 0.49cvss 7.5epss 0.02

    Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking…

  • CVE-2017-5926HigFeb 27, 2017
    risk 0.49cvss 7.5epss 0.02

    Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking…

  • CVE-2017-5925HigFeb 27, 2017
    risk 0.49cvss 7.5epss 0.02

    Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript,…

  • CVE-2016-1349HigMar 26, 2016
    risk 0.49cvss 7.5epss 0.02

    The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410.

  • CVE-2016-1493HigJan 29, 2016
    risk 0.49cvss 7.5epss 0.01

    Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file.

  • CVE-2025-35967HigNov 11, 2025
    risk 0.48cvss 7.4epss 0.00

    Out-of-bounds read for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable denial…

  • CVE-2025-35963HigNov 11, 2025
    risk 0.48cvss 7.4epss 0.00

    Insufficient control flow management for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack…

  • CVE-2025-33029HigNov 11, 2025
    risk 0.48cvss 7.4epss 0.00

    Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable denial…

  • CVE-2025-22840HigAug 12, 2025
    risk 0.48cvss 7.4epss 0.00

    Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access

  • CVE-2025-20625HigAug 12, 2025
    risk 0.48cvss 7.4epss 0.00

    Improper conditions check for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.110.0.5 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

  • CVE-2024-41168HigFeb 12, 2025
    risk 0.48cvss 7.4epss 0.00

    Use after free in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software for Windows before version 23.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

  • CVE-2024-39356HigFeb 12, 2025
    risk 0.48cvss 7.4epss 0.00

    NULL pointer dereference in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software for Windows before version 23.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

  • CVE-2018-3615HigAug 14, 2018
    risk 0.48cvss 7.3epss 0.06

    Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.

  • CVE-2017-5729HigNov 21, 2017
    risk 0.48cvss 7.4epss 0.01

    Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and Tri-Band Wireless-AC Products allows remote attacker to replay frames via channel-based man-in-the-middle.

  • CVE-2017-5682HigFeb 28, 2017
    risk 0.48cvss 7.3epss 0.01

    Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated…

  • CVE-2025-32086HigAug 12, 2025
    risk 0.47cvss 7.2epss 0.00

    Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2025-26403HigAug 12, 2025
    risk 0.47cvss 7.2epss 0.00

    Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2025-24305HigAug 12, 2025
    risk 0.47cvss 7.2epss 0.00

    Insufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware for some Intel(R) Xeon(R) processors may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2025-23241HigAug 12, 2025
    risk 0.47cvss 7.3epss 0.00

    Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2025-20053HigAug 12, 2025
    risk 0.47cvss 7.2epss 0.00

    Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2025-20037HigAug 12, 2025
    risk 0.47cvss 7.2epss 0.00

    Time-of-check time-of-use race condition in firmware for some Intel(R) Converged Security and Management Engine may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2025-20104HigMay 13, 2025
    risk 0.47cvss 7.3epss 0.00

    Race condition in some Administrative Tools for some Intel(R) Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2025-20052HigMay 13, 2025
    risk 0.47cvss 7.3epss 0.00

    Improper access control for some Intel(R) Graphics software may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2025-20004HigMay 13, 2025
    risk 0.47cvss 7.2epss 0.00

    Insufficient control flow management in the Alias Checking Trusted Module for some Intel(R) Xeon(R) 6 processor E-Cores firmware may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2024-45333HigMay 13, 2025
    risk 0.47cvss 7.3epss 0.00

    Improper access control for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2024-36292HigMay 13, 2025
    risk 0.47cvss 7.3epss 0.00

    Improper buffer restrictions for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2024-36328HigApr 2, 2025
    risk 0.47cvss 7.3epss 0.00

    Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of integrity or availability.

  • CVE-2024-36262HigFeb 12, 2025
    risk 0.47cvss 7.2epss 0.00

    Race condition in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2023-29164HigFeb 12, 2025
    risk 0.47cvss 7.3epss 0.00

    Improper access control in BMC Firmware for the Intel(R) Server Board S2600WF, Intel(R) Server Board S2600ST, Intel(R) Server Board S2600BP, before version 02.01.0017 and Intel(R) Server Board M50CYP and Intel(R) Server Board D50TNP before version R01.01.0009 may allow an…

  • CVE-2024-24985HigNov 13, 2024
    risk 0.47cvss 7.2epss 0.00

    Exposure of resource to wrong sphere in some Intel(R) processors with Intel(R) ACTM may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2024-22185HigNov 13, 2024
    risk 0.47cvss 7.2epss 0.00

    Time-of-check Time-of-use Race Condition in some Intel(R) processors with Intel(R) ACTM may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2024-21820HigNov 13, 2024
    risk 0.47cvss 7.2epss 0.00

    Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2024-21781HigSep 16, 2024
    risk 0.47cvss 7.2epss 0.00

    Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to enable information disclosure or denial of service via local access.

  • CVE-2024-24853HigAug 14, 2024
    risk 0.47cvss 7.2epss 0.00

    Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2024-22095HigMay 16, 2024
    risk 0.47cvss 7.2epss 0.00

    Improper input validation in PlatformVariableInitDxe driver in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local access.

  • CVE-2023-28402HigMay 16, 2024
    risk 0.47cvss 7.2epss 0.00

    Improper input validation in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2023-27504HigMay 16, 2024
    risk 0.47cvss 7.2epss 0.00

    Improper conditions check in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2023-32666HigMar 14, 2024
    risk 0.47cvss 7.2epss 0.00

    On-chip debug and test interface with improper access control in some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

Page 4 of 43