Filtered by vendor Intel
Subscribe
Search
Total
1216 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-12353 | 1 Intel | 1 Data Center Manager | 2020-11-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| Improper permissions in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable denial of service via network access. | |||||
| CVE-2020-8669 | 1 Intel | 1 Data Center Manager | 2020-11-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable information disclosure via network access. | |||||
| CVE-2020-12346 | 1 Intel | 1 Battery Life Diagnostic Tool | 2020-11-24 | 4.6 MEDIUM | 7.8 HIGH |
| Improper permissions in the installer for the Intel(R) Battery Life Diagnostic Tool before version 1.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-12311 | 1 Intel | 30 Optane Ssd 900p, Optane Ssd 900p Firmware, Optane Ssd 905p and 27 more | 2020-11-24 | 2.1 LOW | 4.6 MEDIUM |
| Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access. | |||||
| CVE-2020-12355 | 1 Intel | 1 Trusted Execution Engine | 2020-11-24 | 4.6 MEDIUM | 6.8 MEDIUM |
| Authentication bypass by capture-replay in RPMB protocol message authentication subsystem in Intel(R) TXE versions before 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||||
| CVE-2020-12354 | 1 Intel | 1 Active Management Technology Software Development Kit | 2020-11-24 | 4.6 MEDIUM | 7.8 HIGH |
| Incorrect default permissions in Windows(R) installer in Intel(R) AMT SDK versions before 14.0.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-12310 | 1 Intel | 30 Optane Ssd 900p, Optane Ssd 900p Firmware, Optane Ssd 905p and 27 more | 2020-11-24 | 2.1 LOW | 4.6 MEDIUM |
| Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access. | |||||
| CVE-2020-12309 | 1 Intel | 30 Optane Ssd 900p, Optane Ssd 900p Firmware, Optane Ssd 905p and 27 more | 2020-11-24 | 2.1 LOW | 4.6 MEDIUM |
| Insufficiently protected credentialsin subsystem in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access. | |||||
| CVE-2020-12307 | 1 Intel | 1 High Definition Audio Driver | 2020-11-24 | 4.6 MEDIUM | 7.8 HIGH |
| Improper permissions in some Intel(R) High Definition Audio drivers before version 9.21.00.4561 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-12308 | 1 Intel | 1 Computing Improvement Program | 2020-11-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| Improper access control for the Intel(R) Computing Improvement Program before version 2.4.5982 may allow an unprivileged user to potentially enable information disclosure via network access. | |||||
| CVE-2020-12306 | 2 Intel, Microsoft | 2 Realsense D400 Series Dynamic Calibration Tool, Windows | 2020-11-24 | 4.6 MEDIUM | 7.8 HIGH |
| Incorrect default permissions in the Intel(R) RealSense(TM) D400 Series Dynamic Calibration Tool before version 2.11, may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-12303 | 1 Intel | 2 Converged Security And Manageability Engine, Trusted Execution Technology | 2020-11-24 | 4.6 MEDIUM | 7.8 HIGH |
| Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access. | |||||
| CVE-2020-8756 | 1 Intel | 1 Converged Security And Manageability Engine | 2020-11-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper input validation in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-8753 | 1 Intel | 2 Active Management Technology, Standard Manageability | 2020-11-24 | 5.0 MEDIUM | 7.5 HIGH |
| Out-of-bounds read in DHCP subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access. | |||||
| CVE-2020-12322 | 1 Intel | 22 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 19 more | 2020-11-24 | 3.3 LOW | 6.5 MEDIUM |
| Improper input validation in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2020-12327 | 1 Intel | 1 Thunderbolt Dch Driver | 2020-11-24 | 2.1 LOW | 4.4 MEDIUM |
| Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2020-12326 | 1 Intel | 1 Thunderbolt Dch Driver | 2020-11-24 | 2.1 LOW | 5.5 MEDIUM |
| Improper initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2020-12332 | 1 Intel | 1 Hid Event Filter Driver | 2020-11-24 | 4.6 MEDIUM | 7.8 HIGH |
| Improper permissions in the installer for the Intel(R) HID Event Filter Driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-12334 | 1 Intel | 1 Advisor Tools | 2020-11-24 | 4.6 MEDIUM | 7.8 HIGH |
| Improper permissions in the installer for the Intel(R) Advisor tools before version 2020 Update 2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-12338 | 1 Intel | 1 Open Webrtc Toolkit | 2020-11-23 | 7.5 HIGH | 9.8 CRITICAL |
| Insufficient control flow management in the Open WebRTC Toolkit before version 4.3.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2020-12314 | 1 Intel | 12 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3168, Dual Band Wireless-ac 8260 and 9 more | 2020-11-20 | 3.3 LOW | 6.5 MEDIUM |
| Improper input validation in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2020-12318 | 1 Intel | 12 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3168, Dual Band Wireless-ac 8260 and 9 more | 2020-11-20 | 4.6 MEDIUM | 7.8 HIGH |
| Protection mechanism failure in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-12319 | 1 Intel | 12 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3168, Dual Band Wireless-ac 8260 and 9 more | 2020-11-20 | 3.3 LOW | 6.5 MEDIUM |
| Insufficient control flow management in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2020-24460 | 1 Intel | 1 Driver \& Support Assistant | 2020-11-20 | 2.1 LOW | 5.5 MEDIUM |
| Incorrect default permissions in the Intel(R) DSA before version 20.8.30.6 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2020-24456 | 1 Intel | 1 Board Id Tool | 2020-11-20 | 4.6 MEDIUM | 7.8 HIGH |
| Incorrect default permissions in the Intel(R) Board ID Tool version v.1.01 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-8755 | 1 Intel | 2 Converged Security And Management Engine, Server Platform Services | 2020-11-20 | 4.4 MEDIUM | 6.4 MEDIUM |
| Race condition in subsystem for Intel(R) CSME versions before 12.0.70 and 14.0.45, Intel(R) SPS versions before E5_04.01.04.400 and E3_05.01.04.200 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||||
| CVE-2020-12316 | 1 Intel | 1 Endpoint Management Assistant | 2020-11-20 | 2.1 LOW | 5.5 MEDIUM |
| Insufficiently protected credentials in the Intel(R) EMA before version 1.3.3 may allow an authorized user to potentially enable information disclosure via local access. | |||||
| CVE-2020-12315 | 1 Intel | 1 Endpoint Management Assistant | 2020-11-20 | 7.5 HIGH | 9.8 CRITICAL |
| Path traversal in the Intel(R) EMA before version 1.3.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2020-0572 | 1 Intel | 7 Server Board S2600st Firmware, Server Board S2600stbr, Server Board S2600stqr and 4 more | 2020-11-20 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper input validation in the firmware for Intel(R) Server Board S2600ST and S2600WF families may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-12349 | 1 Intel | 1 Data Center Manager | 2020-11-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable information disclosure via network access. | |||||
| CVE-2020-12347 | 1 Intel | 1 Data Center Manager | 2020-11-20 | 6.5 MEDIUM | 8.8 HIGH |
| Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2020-12345 | 1 Intel | 1 Data Center Manager | 2020-11-20 | 4.6 MEDIUM | 7.8 HIGH |
| Improper permissions in the installer for the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-0592 | 1 Intel | 230 Bios, Core I5-7640x, Core I7-3820 and 227 more | 2020-11-19 | 4.6 MEDIUM | 6.7 MEDIUM |
| Out of bounds write in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access. | |||||
| CVE-2020-0584 | 1 Intel | 8 Optane Ssd 900p, Optane Ssd 900p Firmware, Optane Ssd 905p and 5 more | 2020-11-19 | 2.1 LOW | 6.2 MEDIUM |
| Buffer overflow in firmware for Intel(R) SSD DC P4800X and P4801X Series, Intel(R) Optane(TM) SSD 900P and 905P Series may allow an unauthenticated user to potentially enable a denial of service via local access. | |||||
| CVE-2019-11121 | 2 Intel, Microsoft | 2 Media Sdk, Windows | 2020-11-19 | 4.6 MEDIUM | 7.8 HIGH |
| Improper file permissions in the installer for the Intel(R) Media SDK for Windows before version 2019 R1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-0588 | 1 Intel | 76 Bios, Xeon Bronze 3204, Xeon Bronze 3206r and 73 more | 2020-11-19 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper conditions check in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-0587 | 1 Intel | 114 Bios, Core I5-7640x, Core I7-3820 and 111 more | 2020-11-19 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper conditions check in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-8749 | 2 Intel, Netapp | 2 Active Management Technology, Cloud Backup | 2020-11-18 | 5.8 MEDIUM | 8.8 HIGH |
| Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | |||||
| CVE-2020-8760 | 2 Intel, Netapp | 2 Active Management Technology, Cloud Backup | 2020-11-18 | 4.6 MEDIUM | 7.8 HIGH |
| Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-8757 | 2 Intel, Netapp | 2 Active Management Technology, Cloud Backup | 2020-11-18 | 4.6 MEDIUM | 6.7 MEDIUM |
| Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-8747 | 2 Intel, Netapp | 2 Active Management Technology, Cloud Backup | 2020-11-18 | 6.4 MEDIUM | 9.1 CRITICAL |
| Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access. | |||||
| CVE-2020-8746 | 2 Intel, Netapp | 2 Active Management Technology, Cloud Backup | 2020-11-18 | 3.3 LOW | 6.5 MEDIUM |
| Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2020-12356 | 2 Intel, Netapp | 2 Active Management Technology, Cloud Backup | 2020-11-18 | 2.1 LOW | 4.4 MEDIUM |
| Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2020-8752 | 2 Intel, Netapp | 3 Active Management Technology, Standard Manageability, Cloud Backup | 2020-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow an unauthenticated user to potentially enable escalation of privileges via network access. | |||||
| CVE-2020-8754 | 2 Intel, Netapp | 3 Active Management Technology, Standard Manageability, Cloud Backup | 2020-11-18 | 5.0 MEDIUM | 7.5 HIGH |
| Out-of-bounds read in subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access. | |||||
| CVE-2020-11487 | 2 Intel, Nvidia | 4 Bmc Firmware, Dgx-1, Dgx-2 and 1 more | 2020-11-12 | 5.0 MEDIUM | 7.5 HIGH |
| NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerability in the AMI BMC firmware in which the use of a hard-coded RSA 1024 key with weak ciphers may lead to information disclosure. | |||||
| CVE-2020-11485 | 2 Intel, Nvidia | 2 Bmc Firmware, Dgx-1 | 2020-11-05 | 6.8 MEDIUM | 8.8 HIGH |
| NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request, which can lead to information disclosure or code execution. | |||||
| CVE-2020-11486 | 2 Intel, Nvidia | 2 Bmc Firmware, Dgx-1 | 2020-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product's environment, which may lead to remote code execution. | |||||
| CVE-2020-11483 | 2 Intel, Nvidia | 3 Bmc Firmware, Dgx-1, Dgx-2 | 2020-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or information disclosure. | |||||
| CVE-2020-11615 | 2 Intel, Nvidia | 2 Bmc Firmware, Dgx-1 | 2020-11-05 | 5.0 MEDIUM | 7.5 HIGH |
| NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure. | |||||