Filtered by vendor Intel
Subscribe
Search
Total
1216 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-11488 | 2 Intel, Nvidia | 3 Bmc Firmware, Dgx-1, Dgx-2 | 2020-11-05 | 4.6 MEDIUM | 6.7 MEDIUM |
| NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which software does not validate the RSA 1024 public key used to verify the firmware signature, which may lead to information disclosure or code execution. | |||||
| CVE-2013-4786 | 2 Intel, Oracle | 2 Intelligent Platform Management Interface, Fujitsu M10 Firmware | 2020-10-29 | 7.8 HIGH | 7.5 HIGH |
| The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC. | |||||
| CVE-2019-14557 | 1 Intel | 55 Bios, Celeron 4205u, Celeron 4305u and 52 more | 2020-10-19 | 5.2 MEDIUM | 8.0 HIGH |
| Buffer overflow in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable elevation of privilege or denial of service via adjacent access. | |||||
| CVE-2019-14556 | 1 Intel | 55 Bios, Celeron 4205u, Celeron 4305u and 52 more | 2020-10-13 | 2.1 LOW | 4.4 MEDIUM |
| Improper initialization in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2020-24457 | 1 Intel | 100 Core I7-10510u, Core I7-10510u Firmware, Core I7-10510y and 97 more | 2020-09-22 | 4.6 MEDIUM | 7.6 HIGH |
| Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processors may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access. | |||||
| CVE-2018-12191 | 1 Intel | 3 Converged Security Management Engine Firmware, Server Platform Services Firmware, Trusted Execution Engine Firmware | 2020-09-10 | 7.2 HIGH | 7.6 HIGH |
| Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access. | |||||
| CVE-2019-14565 | 3 Intel, Linux, Microsoft | 3 Software Guard Extensions Sdk, Linux Kernel, Windows | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access. | |||||
| CVE-2019-0159 | 1 Intel | 1 Administrative Tools For Intel Network Adapters | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient memory protection in the Linux Administrative Tools for Intel(R) Network Adapters before version 24.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-0158 | 1 Intel | 1 Graphics Performance Analyzer | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient path checking in the installation package for Intel(R) Graphics Performance Analyzer for Linux version 18.4 and before may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-0154 | 2 Canonical, Intel | 295 Ubuntu Linux, Atom X5-a3930, Atom X5-a3930 Firmware and 292 more | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2019-0138 | 1 Intel | 1 Acu Wizard | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Improper directory permissions in Intel(R) ACU Wizard version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-0136 | 4 Google, Intel, Linux and 1 more | 6 Chrome Os, Proset\/wireless Wifi, Linux Kernel and 3 more | 2020-08-24 | 3.3 LOW | 7.4 HIGH |
| Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2019-0127 | 2 Intel, Linux | 2 Openvino, Linux Kernel | 2020-08-24 | 2.1 LOW | 3.9 LOW |
| Logic error in the installer for Intel(R) OpenVINO(TM) 2018 R3 and before for Linux may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0120 | 1 Intel | 56 Atom 230, Atom 230 Firmware, Atom 330 and 53 more | 2020-08-24 | 2.1 LOW | 4.4 MEDIUM |
| Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2019-0117 | 1 Intel | 326 Core I5-7200u, Core I5-7200u Firmware, Core I5-7260u and 323 more | 2020-08-24 | 2.1 LOW | 4.4 MEDIUM |
| Insufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5, v6 Families; Intel(R) Xeon(R) E-2100 & E-2200 Processor Families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0111 | 1 Intel | 1 Data Center Manager | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0110 | 1 Intel | 1 Data Center Manager | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient key management for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0109 | 1 Intel | 1 Data Center Manager | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Improper folder permissions in Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-0108 | 1 Intel | 1 Data Center Manager | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable disclosure of information via local access. | |||||
| CVE-2019-0107 | 1 Intel | 1 Data Center Manager | 2020-08-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| Insufficient user prompt in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-0105 | 1 Intel | 1 Data Center Manager | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient file permissions checking in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-0104 | 1 Intel | 1 Data Center Manager | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient file protection in uninstall routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0175 | 1 Intel | 2 Open Cloud Integrity Tehnology, Openattestation | 2020-08-24 | 3.6 LOW | 4.4 MEDIUM |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0171 | 1 Intel | 2 Quartus Ii, Quartus Prime | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Improper directory permissions in the installer for Intel(R) Quartus(R) software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-0172 | 1 Intel | 1 Unite | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| A logic issue in Intel Unite(R) Client for Android prior to version 4.0 may allow a remote attacker to potentially enable escalation of privilege via network access. | |||||
| CVE-2019-0173 | 1 Intel | 1 Raid Web Console 2 | 2020-08-24 | 5.8 MEDIUM | 7.6 HIGH |
| Authentication bypass in the web console for Intel(R) Raid Web Console 2 all versions may allow an unauthenticated attacker to potentially enable disclosure of information via network access. | |||||
| CVE-2019-0174 | 1 Intel | 376 2000e, 2000e Firmware, 2002e and 373 more | 2020-08-24 | 2.1 LOW | 3.3 LOW |
| Logic condition in specific microprocessors may allow an authenticated user to potentially enable partial physical address information disclosure via local access. | |||||
| CVE-2019-0103 | 1 Intel | 1 Data Center Manager | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient file protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0101 | 1 Intel | 1 Unite | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Authentication bypass in the Intel Unite(R) solution versions 3.2 through 3.3 may allow an unauthenticated user to potentially enable escalation of privilege to the Intel Unite(R) Solution administrative portal via network access. | |||||
| CVE-2019-0099 | 1 Intel | 1 Server Platform Services Firmware | 2020-08-24 | 4.6 MEDIUM | 6.8 MEDIUM |
| Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||||
| CVE-2019-0098 | 1 Intel | 2 Converged Security Management Engine Firmware, Trusted Execution Engine Firmware | 2020-08-24 | 7.2 HIGH | 6.8 MEDIUM |
| Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||||
| CVE-2019-0093 | 1 Intel | 1 Converged Security And Management Engine | 2020-08-24 | 2.1 LOW | 4.4 MEDIUM |
| Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0090 | 1 Intel | 2 Converged Security And Management Engine, Server Platform Services | 2020-08-24 | 4.4 MEDIUM | 7.1 HIGH |
| Insufficient access control vulnerability in subsystem for Intel(R) CSME before versions 11.x, 12.0.35 Intel(R) TXE 3.x, 4.x, Intel(R) Server Platform Services 3.x, 4.x, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||||
| CVE-2019-0088 | 1 Intel | 1 System Support Utility | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient path checking in Intel(R) System Support Utility for Windows before 2.5.0.15 may allow an authenticated user to potentially enable an escalation of privilege via local access. | |||||
| CVE-2019-0086 | 1 Intel | 2 Converged Security Management Engine Firmware, Trusted Execution Engine Firmware | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2018-3702 | 2 Intel, Microsoft | 2 Ite Tech Consumer Infrared Driver, Windows 10 | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Improper permissions in the installer for the ITE Tech* Consumer Infrared Driver for Windows 10 versions before 5.4.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-0177 | 1 Intel | 2 Open Cloud Integrity Tehnology, Openattestation | 2020-08-24 | 3.6 LOW | 4.4 MEDIUM |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0179 | 1 Intel | 2 Open Cloud Integrity Tehnology, Openattestation | 2020-08-24 | 3.6 LOW | 4.4 MEDIUM |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0180 | 1 Intel | 2 Open Cloud Integrity Tehnology, Openattestation | 2020-08-24 | 3.6 LOW | 4.4 MEDIUM |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0181 | 1 Intel | 2 Open Cloud Integrity Tehnology, Openattestation | 2020-08-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0182 | 1 Intel | 2 Open Cloud Integrity Tehnology, Openattestation | 2020-08-24 | 2.1 LOW | 3.3 LOW |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0183 | 1 Intel | 2 Open Cloud Integrity Tehnology, Openattestation | 2020-08-24 | 2.1 LOW | 3.3 LOW |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0184 | 1 Intel | 256 Core I5-6360u, Core I5-6360u Firmware, Core I5-6440eq and 253 more | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient access control in protected memory subsystem for Intel(R) TXT for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 Families; Intel(R) Xeon(R) E-2100 and E-2200 Processor Families with Intel(R) Processor Graphics and Intel(R) TXT may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2019-0185 | 1 Intel | 284 Core I5-7200u, Core I5-7200u Firmware, Core I5-7260u and 281 more | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 families; Intel(R) Xeon(R) E-2100 and E-2200 Processor families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2019-11162 | 1 Intel | 1 Computing Improvement Program | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient access control in hardware abstraction in SEMA driver for Intel(R) Computing Improvement Program before version 2.4.0.04733 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access. | |||||
| CVE-2019-11163 | 1 Intel | 1 Processor Identification Utility | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient access control in a hardware abstraction driver for Intel(R) Processor Identification Utility for Windows before version 6.1.0731 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access. | |||||
| CVE-2019-11091 | 2 Fedoraproject, Intel | 3 Fedora, Microarchitectural Data Sampling Uncacheable Memory, Microarchitectural Data Sampling Uncacheable Memory Firmware | 2020-08-24 | 4.7 MEDIUM | 5.6 MEDIUM |
| Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf | |||||
| CVE-2019-11092 | 1 Intel | 2 Open Cloud Integrity Tehnology, Openattestation | 2020-08-24 | 3.6 LOW | 4.4 MEDIUM |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-11093 | 1 Intel | 1 Scs Discovery Utility | 2020-08-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-11095 | 1 Intel | 1 Driver \& Support Assistant | 2020-08-24 | 2.1 LOW | 4.4 MEDIUM |
| Insufficient access control in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access. | |||||