Vendor CVEs
Intel
All CVEs
2,130 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-0109 | 0.00 | — | 0.00 | Feb 18, 2019 | Improper folder permissions in Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2019-0106 | 0.00 | — | 0.00 | Feb 18, 2019 | Insufficient run protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access. | |||
| CVE-2019-0102 | 0.00 | — | 0.01 | Feb 18, 2019 | Insufficient session authentication in web server for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | |||
| CVE-2019-0103 | 0.00 | — | 0.00 | Feb 18, 2019 | Insufficient file protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access. | |||
| CVE-2019-0108 | 0.00 | — | 0.00 | Feb 18, 2019 | Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable disclosure of information via local access. | |||
| CVE-2018-3700 | 0.00 | — | 0.01 | Feb 18, 2019 | Code injection vulnerability in the installer for Intel(R) USB 3.0 eXtensible Host Controller Driver for Microsoft Windows 7 before version 5.0.4.43v2 may allow a user to potentially enable escalation of privilege via local access. | |||
| CVE-2019-0110 | 0.00 | — | 0.00 | Feb 18, 2019 | Insufficient key management for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access. | |||
| CVE-2017-3718 | 0.00 | — | 0.00 | Jan 10, 2019 | Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access. | |||
| CVE-2018-12177 | 0.00 | — | 0.00 | Jan 10, 2019 | Improper directory permissions in the ZeroConfig service in Intel(R) PROSet/Wireless WiFi Software before version 20.90.0.7 may allow an authorized user to potentially enable escalation of privilege via local access. | |||
| CVE-2018-12166 | 0.00 | — | 0.00 | Jan 10, 2019 | Insufficient write protection in firmware for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access. | |||
| CVE-2019-0088 | 0.00 | — | 0.00 | Jan 10, 2019 | Insufficient path checking in Intel(R) System Support Utility for Windows before 2.5.0.15 may allow an authenticated user to potentially enable an escalation of privilege via local access. | |||
| CVE-2018-18098 | 0.00 | — | 0.00 | Jan 10, 2019 | Improper file verification in install routine for Intel(R) SGX SDK and Platform Software for Windows before 2.2.100 may allow an escalation of privilege via local access. | |||
| CVE-2018-3703 | 0.00 | — | 0.00 | Jan 10, 2019 | Improper directory permissions in the installer for the Intel(R) SSD Data Center Tool for Windows before v3.0.17 may allow authenticated users to potentially enable an escalation of privilege via local access. | |||
| CVE-2018-12167 | 0.00 | — | 0.00 | Jan 10, 2019 | Firmware update routine in bootloader for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access. | |||
| CVE-2018-18096 | 0.00 | — | 0.00 | Dec 13, 2018 | Improper memory handling in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access. | |||
| CVE-2018-3704 | 0.00 | — | 0.00 | Dec 13, 2018 | Improper directory permissions in the installer for the Intel Parallel Studio before 2019 Gold may allow authenticated users to potentially enable an escalation of privilege via local access. | |||
| CVE-2018-18097 | 0.00 | — | 0.00 | Dec 13, 2018 | Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2018-3705 | 0.00 | — | 0.00 | Dec 13, 2018 | Improper directory permissions in the installer for the Intel(R) System Defense Utility (all versions) may allow authenticated users to potentially enable a denial of service via local access. | |||
| CVE-2018-18093 | 0.00 | — | 0.00 | Dec 13, 2018 | Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access. | |||
| CVE-2018-12206 | 0.00 | — | 0.00 | Dec 13, 2018 | Improper configuration of hardware access in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access. | |||
| CVE-2018-12155 | 0.00 | — | 0.00 | Dec 5, 2018 | Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information disclosure via local access. | |||
| CVE-2018-3621 | 0.00 | — | 0.01 | Nov 14, 2018 | Insufficient input validation in the Intel Driver & Support Assistant before 3.6.0.4 may allow an unauthenticated user to potentially enable information disclosure via adjacent access. | |||
| CVE-2018-3697 | 0.00 | — | 0.00 | Nov 14, 2018 | Improper directory permissions in the installer for the Intel Media Server Studio may allow unprivileged users to potentially enable an escalation of privilege via local access. | |||
| CVE-2018-3698 | 0.00 | — | 0.00 | Nov 14, 2018 | Improper file permissions in the installer for the Intel Ready Mode Technology may allow an unprivileged user to potentially gain privileged access via local access. | |||
| CVE-2018-3699 | 0.00 | — | 0.01 | Nov 14, 2018 | Cross-site scripting in the Intel RAID Web Console v3 for Windows may allow an unauthenticated user to elevate privilege via remote access. | |||
| CVE-2018-12174 | 0.00 | — | 0.00 | Nov 14, 2018 | Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE 2018 Update 3 may allow an authenticated user to potentially escalate privileges via local access. | |||
| CVE-2018-3696 | 0.00 | — | 0.00 | Nov 14, 2018 | Authentication bypass in the Intel RAID Web Console 3 for Windows before 4.186 may allow an unprivileged user to potentially gain administrative privileges via local access. | |||
| CVE-2018-3635 | 0.00 | — | 0.00 | Nov 14, 2018 | Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access. | |||
| CVE-2018-6260 | 0.00 | — | 0.00 | Nov 13, 2018 | NVIDIA graphics driver contains a vulnerability that may allow access to application data processed on the GPU through a side channel exposed by the GPU performance counters. Local user access is required. This is not a network or remote attack vector. | |||
| CVE-2018-12154 | 0.00 | — | 0.00 | Oct 15, 2018 | Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivileged user to potentially create an infinite loop and crash an application via… | |||
| CVE-2018-12173 | 0.00 | — | 0.00 | Oct 10, 2018 | Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information disclosure, escalation of… | |||
| CVE-2018-12158 | 0.00 | — | 0.00 | Oct 10, 2018 | Insufficient input validation in BIOS update utility in Intel NUC FW kits downloaded before May 24, 2018 may allow a privileged user to potentially trigger a denial of service or information disclosure via local access. | |||
| CVE-2018-12152 | 0.00 | — | 0.01 | Oct 10, 2018 | Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unauthenticated remote user to potentially execute arbitrary WebGL code via local… | |||
| CVE-2018-12172 | 0.00 | — | 0.00 | Oct 10, 2018 | Improper password hashing in firmware in Intel Server Board (S7200AP,S7200APR) and Intel Compute Module (HNS7200AP, HNS7200AP) may allow a privileged user to potentially disclose firmware passwords via local access. | |||
| CVE-2018-12153 | 0.00 | — | 0.00 | Oct 10, 2018 | Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivileged user from a virtual machine guest to potentially crash the host system via… | |||
| CVE-2018-12161 | 0.00 | — | 0.01 | Oct 10, 2018 | Insufficient session validation in the webserver component of the Intel Rapid Web Server 3 may allow an unauthenticated user to potentially disclose information via network access. | |||
| CVE-2018-12193 | 0.00 | — | 0.00 | Oct 10, 2018 | Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access. | |||
| CVE-2018-10932 | Med | 0.00 | 4.3 | 0.01 | Aug 21, 2018 | lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal. | ||
| CVE-2014-3735 | 0.00 | — | 0.01 | May 19, 2014 | ir41_32.ax 4.51.16.3 for Intel Indeo Video 4.5 allows remote attackers to cause a denial of service (crash) via a crafted .avi file. | |||
| CVE-2014-2536 | 0.00 | — | 0.02 | Mar 18, 2014 | Directory traversal vulnerability in McAfee Cloud Identity Manager 3.0, 3.1, and 3.5.1, McAfee Cloud Single Sign On (MCSSO) before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1 and 2.5 allows remote authenticated users to read an unspecified file containing a hash of the… | |||
| CVE-2013-4809 | 0.00 | — | 0.03 | Sep 16, 2013 | Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter. | |||
| CVE-2013-5740 | 0.00 | — | 0.00 | Sep 12, 2013 | Unspecified vulnerability in the Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, and C206 chipsets and Mobile Intel QM67 and QS67 chipsets, when the measured… | |||
| CVE-2013-4219 | 0.00 | — | 0.03 | Aug 25, 2013 | Multiple integer overflows in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices allow remote attackers to cause a denial of service (component crash) or possibly execute arbitrary code via an L5 connection with a crafted PDU value… | |||
| CVE-2013-4218 | 0.00 | — | 0.00 | Aug 25, 2013 | The InitMethodAndPassword function in InfraStack/OSAgnostic/WiMax/Agents/Supplicant/Source/SupplicantAgent.c in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses the same RSA private key in supplicant_key.pem on all systems,… | |||
| CVE-2013-4217 | 0.00 | — | 0.00 | Aug 25, 2013 | The OSAL_Crypt_SetEncryptedPassword function in InfraStack/OSDependent/Linux/OSAL/Services/wimax_osal_crypt_services.c in the OSAL crypt module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices logs a cleartext password during… | |||
| CVE-2013-4216 | 0.00 | — | 0.00 | Aug 25, 2013 | The Trace_OpenLogFile function in InfraStack/OSDependent/Linux/InfraStackModules/TraceModule/TraceModule.c in the Trace module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses world-writable permissions for wimaxd.log, which… | |||
| CVE-2012-5964 | 0.00 | — | 0.37 | Jan 31, 2013 | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) 1.3.1 allows remote attackers to execute arbitrary code via a long ServiceType… | |||
| CVE-2012-6459 | 0.00 | — | 0.01 | Jan 1, 2013 | ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obtain sensitive information via Bluetooth packets. | |||
| CVE-2011-5174 | 0.00 | — | 0.00 | Sep 15, 2012 | Buffer overflow in Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) in Intel Q67 Express, C202, C204, C206 Chipsets, and Mobile Intel QM67, and QS67 Chipset before 2nd_gen_i5_i7_SINIT_51.BIN Express; Intel Q57, 3450 Chipsets and Mobile Intel QM57… | |||
| CVE-2010-5269 | 0.00 | — | 0.00 | Sep 7, 2012 | Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows local users to gain privileges via a Trojan horse tbbmalloc.dll file in the current working directory, as demonstrated by a directory that contains a .pbk file. NOTE: some of… |
- CVE-2019-0109Feb 18, 2019risk 0.00cvss —epss 0.00
Improper folder permissions in Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2019-0106Feb 18, 2019risk 0.00cvss —epss 0.00
Insufficient run protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2019-0102Feb 18, 2019risk 0.00cvss —epss 0.01
Insufficient session authentication in web server for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
- CVE-2019-0103Feb 18, 2019risk 0.00cvss —epss 0.00
Insufficient file protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2019-0108Feb 18, 2019risk 0.00cvss —epss 0.00
Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable disclosure of information via local access.
- CVE-2018-3700Feb 18, 2019risk 0.00cvss —epss 0.01
Code injection vulnerability in the installer for Intel(R) USB 3.0 eXtensible Host Controller Driver for Microsoft Windows 7 before version 5.0.4.43v2 may allow a user to potentially enable escalation of privilege via local access.
- CVE-2019-0110Feb 18, 2019risk 0.00cvss —epss 0.00
Insufficient key management for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2017-3718Jan 10, 2019risk 0.00cvss —epss 0.00
Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access.
- CVE-2018-12177Jan 10, 2019risk 0.00cvss —epss 0.00
Improper directory permissions in the ZeroConfig service in Intel(R) PROSet/Wireless WiFi Software before version 20.90.0.7 may allow an authorized user to potentially enable escalation of privilege via local access.
- CVE-2018-12166Jan 10, 2019risk 0.00cvss —epss 0.00
Insufficient write protection in firmware for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access.
- CVE-2019-0088Jan 10, 2019risk 0.00cvss —epss 0.00
Insufficient path checking in Intel(R) System Support Utility for Windows before 2.5.0.15 may allow an authenticated user to potentially enable an escalation of privilege via local access.
- CVE-2018-18098Jan 10, 2019risk 0.00cvss —epss 0.00
Improper file verification in install routine for Intel(R) SGX SDK and Platform Software for Windows before 2.2.100 may allow an escalation of privilege via local access.
- CVE-2018-3703Jan 10, 2019risk 0.00cvss —epss 0.00
Improper directory permissions in the installer for the Intel(R) SSD Data Center Tool for Windows before v3.0.17 may allow authenticated users to potentially enable an escalation of privilege via local access.
- CVE-2018-12167Jan 10, 2019risk 0.00cvss —epss 0.00
Firmware update routine in bootloader for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access.
- CVE-2018-18096Dec 13, 2018risk 0.00cvss —epss 0.00
Improper memory handling in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access.
- CVE-2018-3704Dec 13, 2018risk 0.00cvss —epss 0.00
Improper directory permissions in the installer for the Intel Parallel Studio before 2019 Gold may allow authenticated users to potentially enable an escalation of privilege via local access.
- CVE-2018-18097Dec 13, 2018risk 0.00cvss —epss 0.00
Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2018-3705Dec 13, 2018risk 0.00cvss —epss 0.00
Improper directory permissions in the installer for the Intel(R) System Defense Utility (all versions) may allow authenticated users to potentially enable a denial of service via local access.
- CVE-2018-18093Dec 13, 2018risk 0.00cvss —epss 0.00
Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access.
- CVE-2018-12206Dec 13, 2018risk 0.00cvss —epss 0.00
Improper configuration of hardware access in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access.
- CVE-2018-12155Dec 5, 2018risk 0.00cvss —epss 0.00
Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2018-3621Nov 14, 2018risk 0.00cvss —epss 0.01
Insufficient input validation in the Intel Driver & Support Assistant before 3.6.0.4 may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
- CVE-2018-3697Nov 14, 2018risk 0.00cvss —epss 0.00
Improper directory permissions in the installer for the Intel Media Server Studio may allow unprivileged users to potentially enable an escalation of privilege via local access.
- CVE-2018-3698Nov 14, 2018risk 0.00cvss —epss 0.00
Improper file permissions in the installer for the Intel Ready Mode Technology may allow an unprivileged user to potentially gain privileged access via local access.
- CVE-2018-3699Nov 14, 2018risk 0.00cvss —epss 0.01
Cross-site scripting in the Intel RAID Web Console v3 for Windows may allow an unauthenticated user to elevate privilege via remote access.
- CVE-2018-12174Nov 14, 2018risk 0.00cvss —epss 0.00
Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE 2018 Update 3 may allow an authenticated user to potentially escalate privileges via local access.
- CVE-2018-3696Nov 14, 2018risk 0.00cvss —epss 0.00
Authentication bypass in the Intel RAID Web Console 3 for Windows before 4.186 may allow an unprivileged user to potentially gain administrative privileges via local access.
- CVE-2018-3635Nov 14, 2018risk 0.00cvss —epss 0.00
Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access.
- CVE-2018-6260Nov 13, 2018risk 0.00cvss —epss 0.00
NVIDIA graphics driver contains a vulnerability that may allow access to application data processed on the GPU through a side channel exposed by the GPU performance counters. Local user access is required. This is not a network or remote attack vector.
- CVE-2018-12154Oct 15, 2018risk 0.00cvss —epss 0.00
Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivileged user to potentially create an infinite loop and crash an application via…
- CVE-2018-12173Oct 10, 2018risk 0.00cvss —epss 0.00
Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information disclosure, escalation of…
- CVE-2018-12158Oct 10, 2018risk 0.00cvss —epss 0.00
Insufficient input validation in BIOS update utility in Intel NUC FW kits downloaded before May 24, 2018 may allow a privileged user to potentially trigger a denial of service or information disclosure via local access.
- CVE-2018-12152Oct 10, 2018risk 0.00cvss —epss 0.01
Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unauthenticated remote user to potentially execute arbitrary WebGL code via local…
- CVE-2018-12172Oct 10, 2018risk 0.00cvss —epss 0.00
Improper password hashing in firmware in Intel Server Board (S7200AP,S7200APR) and Intel Compute Module (HNS7200AP, HNS7200AP) may allow a privileged user to potentially disclose firmware passwords via local access.
- CVE-2018-12153Oct 10, 2018risk 0.00cvss —epss 0.00
Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivileged user from a virtual machine guest to potentially crash the host system via…
- CVE-2018-12161Oct 10, 2018risk 0.00cvss —epss 0.01
Insufficient session validation in the webserver component of the Intel Rapid Web Server 3 may allow an unauthenticated user to potentially disclose information via network access.
- CVE-2018-12193Oct 10, 2018risk 0.00cvss —epss 0.00
Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access.
- risk 0.00cvss 4.3epss 0.01
lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal.
- CVE-2014-3735May 19, 2014risk 0.00cvss —epss 0.01
ir41_32.ax 4.51.16.3 for Intel Indeo Video 4.5 allows remote attackers to cause a denial of service (crash) via a crafted .avi file.
- CVE-2014-2536Mar 18, 2014risk 0.00cvss —epss 0.02
Directory traversal vulnerability in McAfee Cloud Identity Manager 3.0, 3.1, and 3.5.1, McAfee Cloud Single Sign On (MCSSO) before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1 and 2.5 allows remote authenticated users to read an unspecified file containing a hash of the…
- CVE-2013-4809Sep 16, 2013risk 0.00cvss —epss 0.03
Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter.
- CVE-2013-5740Sep 12, 2013risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, and C206 chipsets and Mobile Intel QM67 and QS67 chipsets, when the measured…
- CVE-2013-4219Aug 25, 2013risk 0.00cvss —epss 0.03
Multiple integer overflows in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices allow remote attackers to cause a denial of service (component crash) or possibly execute arbitrary code via an L5 connection with a crafted PDU value…
- CVE-2013-4218Aug 25, 2013risk 0.00cvss —epss 0.00
The InitMethodAndPassword function in InfraStack/OSAgnostic/WiMax/Agents/Supplicant/Source/SupplicantAgent.c in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses the same RSA private key in supplicant_key.pem on all systems,…
- CVE-2013-4217Aug 25, 2013risk 0.00cvss —epss 0.00
The OSAL_Crypt_SetEncryptedPassword function in InfraStack/OSDependent/Linux/OSAL/Services/wimax_osal_crypt_services.c in the OSAL crypt module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices logs a cleartext password during…
- CVE-2013-4216Aug 25, 2013risk 0.00cvss —epss 0.00
The Trace_OpenLogFile function in InfraStack/OSDependent/Linux/InfraStackModules/TraceModule/TraceModule.c in the Trace module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses world-writable permissions for wimaxd.log, which…
- CVE-2012-5964Jan 31, 2013risk 0.00cvss —epss 0.37
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) 1.3.1 allows remote attackers to execute arbitrary code via a long ServiceType…
- CVE-2012-6459Jan 1, 2013risk 0.00cvss —epss 0.01
ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obtain sensitive information via Bluetooth packets.
- CVE-2011-5174Sep 15, 2012risk 0.00cvss —epss 0.00
Buffer overflow in Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) in Intel Q67 Express, C202, C204, C206 Chipsets, and Mobile Intel QM67, and QS67 Chipset before 2nd_gen_i5_i7_SINIT_51.BIN Express; Intel Q57, 3450 Chipsets and Mobile Intel QM57…
- CVE-2010-5269Sep 7, 2012risk 0.00cvss —epss 0.00
Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows local users to gain privileges via a Trojan horse tbbmalloc.dll file in the current working directory, as demonstrated by a directory that contains a .pbk file. NOTE: some of…
Page 42 of 43