Filtered by vendor Intel
Subscribe
Total
715 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-12210 | 2 Intel, Microsoft | 2 Graphics Driver, Windows | 2023-12-10 | 2.1 LOW | 6.5 MEDIUM |
Multiple pointer dereferences in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause a denial of service via local access. | |||||
CVE-2018-12150 | 1 Intel | 1 Extreme Tuning Utility | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially execute code or disclose information as administrator via local access. | |||||
CVE-2018-10932 | 1 Intel | 1 Lldptool | 2023-12-10 | 3.3 LOW | 4.3 MEDIUM |
lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal. | |||||
CVE-2018-12161 | 1 Intel | 1 Raid Web Console | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Insufficient session validation in the webserver component of the Intel Rapid Web Server 3 may allow an unauthenticated user to potentially disclose information via network access. | |||||
CVE-2018-3620 | 1 Intel | 8 Core I3, Core I5, Core I7 and 5 more | 2023-12-10 | 4.7 MEDIUM | 5.6 MEDIUM |
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. | |||||
CVE-2018-3646 | 1 Intel | 8 Core I3, Core I5, Core I7 and 5 more | 2023-12-10 | 4.7 MEDIUM | 5.6 MEDIUM |
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. | |||||
CVE-2018-3621 | 1 Intel | 1 Driver\&support Assistant | 2023-12-10 | 3.3 LOW | 6.5 MEDIUM |
Insufficient input validation in the Intel Driver & Support Assistant before 3.6.0.4 may allow an unauthenticated user to potentially enable information disclosure via adjacent access. | |||||
CVE-2018-3671 | 1 Intel | 1 Saffron Memorybase | 2023-12-10 | 2.7 LOW | 5.7 MEDIUM |
Escalation of privilege in Intel Saffron admin application before 11.4 allows an authenticated user to access unauthorized information. | |||||
CVE-2018-3616 | 2 Intel, Siemens | 25 Active Management Technology Firmware, Converged Security Management Engine Firmware, Manageability Engine Firmware and 22 more | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network. | |||||
CVE-2018-12172 | 1 Intel | 8 Hns7200ap, Hns7200ap Firmware, Hns7200apr and 5 more | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Improper password hashing in firmware in Intel Server Board (S7200AP,S7200APR) and Intel Compute Module (HNS7200AP, HNS7200AP) may allow a privileged user to potentially disclose firmware passwords via local access. | |||||
CVE-2018-12149 | 1 Intel | 1 Extreme Tuning Utility | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Buffer overflow in input handling in Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially deny service to the application via local access. | |||||
CVE-2019-0111 | 1 Intel | 1 Data Center Manager | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
CVE-2018-3659 | 1 Intel | 2 Converged Security Management Engine Firmware, Trusted Execution Engine Firmware | 2023-12-10 | 4.6 MEDIUM | 6.8 MEDIUM |
A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may allow an unauthenticated user to potentially disclose information via physical access. | |||||
CVE-2018-12167 | 1 Intel | 2 Optane Ssd Dc P4800x, Optane Ssd Dc P4800x Firmware | 2023-12-10 | 2.1 LOW | 4.4 MEDIUM |
Firmware update routine in bootloader for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access. | |||||
CVE-2018-12158 | 1 Intel | 1 Next Unit Of Computing Firmware | 2023-12-10 | 5.6 MEDIUM | 6.0 MEDIUM |
Insufficient input validation in BIOS update utility in Intel NUC FW kits downloaded before May 24, 2018 may allow a privileged user to potentially trigger a denial of service or information disclosure via local access. | |||||
CVE-2019-0110 | 1 Intel | 1 Data Center Manager | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Insufficient key management for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
CVE-2018-12151 | 1 Intel | 1 Extreme Tuning Utility | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Buffer overflow in installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially cause a buffer overflow potentially leading to a denial of service via local access. | |||||
CVE-2018-3657 | 2 Intel, Siemens | 25 Active Management Technology Firmware, Converged Security Management Engine Firmware, Manageability Engine Firmware and 22 more | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access. | |||||
CVE-2018-3699 | 1 Intel | 1 Raid Web Console 3 | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting in the Intel RAID Web Console v3 for Windows may allow an unauthenticated user to elevate privilege via remote access. | |||||
CVE-2018-12163 | 1 Intel | 1 Iot Developers Kit | 2023-12-10 | 6.8 MEDIUM | 4.8 MEDIUM |
A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access. |