Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24478 | 1 Intel | 1 Quartus Prime | 2023-12-10 | N/A | 5.5 MEDIUM |
| Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R) Quartus(R) Prime Pro Edition for linux before version 22.4 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2023-24016 | 2 Intel, Linux | 2 Quartus Prime, Linux Kernel | 2023-12-10 | N/A | 7.3 HIGH |
| Uncontrolled search path element in some Intel(R) Quartus(R) Prime Pro and Standard edition software for linux may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-43474 | 1 Intel | 2 Dsp Builder, Quartus Prime | 2023-12-10 | N/A | 7.8 HIGH |
| Uncontrolled search path for the DSP Builder software installer before version 22.4 for Intel(R) FPGAs Pro Edition may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-41693 | 1 Intel | 1 Quartus Prime | 2023-12-10 | N/A | 7.8 HIGH |
| Uncontrolled search path in the Intel(R) Quartus(R) Prime Pro edition software before version 22.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-34157 | 1 Intel | 2 Fpga Software Development Kit, Quartus Prime | 2023-12-10 | N/A | 7.8 HIGH |
| Improper access control in the Intel(R) FPGA SDK for OpenCL(TM) with Intel(R) Quartus(R) Prime Pro Edition software before version 22.1 may allow authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26840 | 1 Intel | 1 Quartus Prime | 2023-12-10 | N/A | 7.8 HIGH |
| Improper neutralization in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-37329 | 1 Intel | 2 Fpga Software Development Kit, Quartus Prime | 2023-12-10 | N/A | 7.3 HIGH |
| Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro and Standard Edition software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-33902 | 1 Intel | 1 Quartus Prime | 2023-12-10 | N/A | 7.8 HIGH |
| Insufficient control flow management in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-32570 | 1 Intel | 1 Quartus Prime | 2023-12-10 | N/A | 7.8 HIGH |
| Improper authentication in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-33892 | 1 Intel | 1 Quartus Prime | 2023-12-10 | N/A | 7.8 HIGH |
| Path traversal in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26888 | 1 Intel | 1 Quartus Prime | 2023-12-10 | N/A | 4.1 MEDIUM |
| Cross-site scripting in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2022-27187 | 1 Intel | 1 Quartus Prime | 2023-12-10 | N/A | 7.8 HIGH |
| Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-27233 | 1 Intel | 1 Quartus Prime | 2023-12-10 | N/A | 7.5 HIGH |
| XML injection in the Quartus(R) Prime Programmer included in the Intel(R) Quartus Prime Pro and Standard edition software may allow an unauthenticated user to potentially enable information disclosure via network access. | |||||
| CVE-2021-44454 | 1 Intel | 1 Quartus Prime | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
| Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-21174 | 1 Intel | 1 Quartus Prime | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
| Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-21203 | 1 Intel | 1 Quartus Prime | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
| Improper permissions in the SafeNet Sentinel driver for Intel(R) Quartus(R) Prime Standard Edition before version 21.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-21204 | 1 Intel | 1 Quartus Prime | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
| Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-21205 | 1 Intel | 1 Quartus Prime | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access. | |||||
| CVE-2022-21220 | 1 Intel | 1 Quartus Prime | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
| Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-8737 | 1 Intel | 3 Quartus Prime, Stratix 10 Fpga, Stratix 10 Fpga Firmware | 2023-12-10 | 4.6 MEDIUM | 6.8 MEDIUM |
| Improper buffer restrictions in the Intel(R) Stratix(R) 10 FPGA firmware provided with the Intel(R) Quartus(R) Prime Pro software before version 20.1 may allow an unauthenticated user to potentially enable escalation of privilege and/or information disclosure via physical access. | |||||