CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   

Intel : Security Vulnerabilities (CVSS score between 3 and 8.99)

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-24436 203 2022-06-15 2022-06-28
4.0
 None Remote Low ??? Partial None None
Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access.
2 CVE-2022-23098 835 2022-01-28 2022-09-29
5.0
 None Remote Low Not required None None Partial
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received.
3 CVE-2022-23097 125 2022-01-28 2022-09-29
6.4
 None Remote Low Not required Partial None Partial
An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read.
4 CVE-2022-23096 125 2022-01-28 2022-09-29
6.4
 None Remote Low Not required Partial None Partial
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read.
5 CVE-2022-22139 427 2022-05-12 2022-05-23
4.4
 None Local Medium Not required Partial Partial Partial
Uncontrolled search path in the Intel(R) XTU software before version 7.3.0.33 may allow an authenticated user to potentially enable escalation of privilege via local access.
6 CVE-2022-21220 611 2022-02-09 2022-02-15
4.6
 None Local Low Not required Partial Partial Partial
Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
7 CVE-2022-21205 611 2022-02-09 2022-02-15
5.0
 None Remote Low Not required Partial None None
Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access.
8 CVE-2022-21204 276 2022-02-09 2022-02-15
4.6
 None Local Low Not required Partial Partial Partial
Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
9 CVE-2022-21203 281 2022-02-09 2022-02-15
4.6
 None Local Low Not required Partial Partial Partial
Improper permissions in the SafeNet Sentinel driver for Intel(R) Quartus(R) Prime Standard Edition before version 21.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
10 CVE-2022-21174 863 2022-02-09 2022-02-17
4.6
 None Local Low Not required Partial Partial Partial
Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
11 CVE-2022-21128 269 2022-05-12 2022-05-23
4.6
 None Local Low Not required Partial Partial Partial
Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access.
12 CVE-2021-45046 502 Exec Code +Info 2021-12-14 2022-10-06
5.1
 None Remote High Not required Partial Partial Partial
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default.
13 CVE-2021-44454 20 2022-02-09 2022-02-16
4.6
 None Local Low Not required Partial Partial Partial
Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
14 CVE-2021-33833 787 Overflow 2021-06-09 2022-02-09
7.5
 None Remote Low Not required Partial Partial Partial
ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA).
15 CVE-2021-33150 2022-03-11 2022-03-18
4.6
 None Local Low Not required Partial Partial Partial
Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
16 CVE-2021-33137 787 2022-02-09 2022-02-15
4.6
 None Local Low Not required Partial Partial Partial
Out-of-bounds write in the Intel(R) Kernelflinger project may allow an authenticated user to potentially enable escalation of privilege via local access.
17 CVE-2021-33129 276 2022-02-09 2022-02-15
4.6
 None Local Low Not required Partial Partial Partial
Incorrect default permissions in the software installer for the Intel(R) Advisor before version 2021.4.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
18 CVE-2021-33118 863 2021-11-17 2021-11-23
4.6
 None Local Low Not required Partial Partial Partial
Improper access control in the software installer for the Intel(R) Serial IO driver for Intel(R) NUC 11 Gen before version 30.100.2104.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
19 CVE-2021-33108 20 2022-05-12 2022-05-23
4.6
 None Local Low Not required Partial Partial Partial
Improper input validation in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via local access.
20 CVE-2021-33106 190 Overflow 2021-11-17 2021-11-19
4.6
 None Local Low Not required Partial Partial Partial
Integer overflow in the Safestring library maintained by Intel(R) may allow an authenticated user to potentially enable escalation of privilege via local access.
21 CVE-2021-33101 427 2022-02-09 2022-02-15
4.6
 None Local Low Not required Partial Partial Partial
Uncontrolled search path in the Intel(R) GPA software before version 21.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
22 CVE-2021-33097 367 2021-11-17 2021-11-22
6.0
 None Remote Medium ??? Partial Partial Partial
Time-of-check time-of-use vulnerability in the Crypto API Toolkit for Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via network access.
23 CVE-2021-33071 276 2021-11-17 2021-11-22
4.6
 None Local Low Not required Partial Partial Partial
Incorrect default permissions in the installer for the Intel(R) oneAPI Rendering Toolkit before version 2021.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
24 CVE-2021-33068 476 DoS 2022-02-09 2022-02-15
4.0
 None Remote Low ??? None None Partial
Null pointer dereference in subsystem for Intel(R) AMT before versions 15.0.35 may allow an authenticated user to potentially enable denial of service via network access.
25 CVE-2021-33062 276 2021-11-17 2021-11-22
4.6
 None Local Low Not required Partial Partial Partial
Incorrect default permissions in the software installer for the Intel(R) VTune(TM) Profiler before version 2021.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
26 CVE-2021-33059 20 2021-11-17 2021-12-14
4.6
 None Local Low Not required Partial Partial Partial
Improper input validation in the Intel(R) Administrative Tools for Intel(R) Network Adapters driver for Windows before version 1.4.0.15, may allow a privileged user to potentially enable escalation of privilege via local access.
27 CVE-2021-33058 863 2021-11-17 2021-12-14
4.6
 None Local Low Not required Partial Partial Partial
Improper access control in the installer Intel(R)Administrative Tools for Intel(R) Network Adaptersfor Windowsbefore version 1.4.0.21 may allow an unauthenticated user to potentially enable escalation of privilege via local access.
28 CVE-2021-26676 +Info 2021-02-09 2022-05-06
3.3
 None Local Network Low Not required Partial None None
gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp.
29 CVE-2021-26675 787 Exec Code Overflow 2021-02-09 2022-05-23
5.8
 None Local Network Low Not required Partial Partial Partial
A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code.
30 CVE-2021-26258 2022-05-12 2022-07-12
4.6
 None Local Low Not required Partial Partial Partial
Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may allow an authorized user to potentially enable escalation of privilege via local access.
31 CVE-2021-23152 2022-02-09 2022-07-12
4.6
 None Local Low Not required Partial Partial Partial
Improper access control in the Intel(R) Advisor software before version 2021.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
32 CVE-2021-0194 2022-05-12 2022-07-12
6.5
 None Remote Low ??? Partial Partial Partial
Improper access control in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access.
33 CVE-2021-0186 20 2021-11-17 2021-11-23
4.6
 None Local Low Not required Partial Partial Partial
Improper input validation in the Intel(R) SGX SDK applications compiled for SGX2 enabled processors may allow a privileged user to potentially escalation of privilege via local access.
34 CVE-2021-0180 400 2021-11-17 2021-11-22
4.6
 None Local Low Not required Partial Partial Partial
Uncontrolled resource consumption in the Intel(R) HAXM software before version 7.6.6 may allow an unauthenticated user to potentially enable privilege escalation via local access.
35 CVE-2021-0158 20 2021-11-17 2021-11-22
4.6
 None Local Low Not required Partial Partial Partial
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
36 CVE-2021-0157 2021-11-17 2022-05-03
4.6
 None Local Low Not required Partial Partial Partial
Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
37 CVE-2021-0144 1188 2021-07-14 2022-02-24
7.2
 None Local Low Not required Complete Complete Complete
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access.
38 CVE-2021-0143 276 2021-06-17 2021-06-23
4.6
 None Local Low Not required Partial Partial Partial
Improper permissions in the installer for the Intel(R) Brand Verification Tool before version 11.0.0.1225 may allow an authenticated user to potentially enable escalation of privilege via local access.
39 CVE-2021-0135 20 2021-11-17 2021-11-22
4.6
 None Local Low Not required Partial Partial Partial
Improper input validation in the Intel(R) Ethernet Diagnostic Driver for Windows before version 1.4.0.10 may allow a privileged user to potentially enable escalation of privilege via local access.
40 CVE-2021-0126 20 2022-05-12 2022-05-21
5.2
 None Local Network Low ??? Partial Partial Partial
Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.
41 CVE-2021-0115 120 Overflow 2022-02-09 2022-02-25
4.6
 None Local Low Not required Partial Partial Partial
Buffer overflow in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
42 CVE-2021-0114 1188 2021-08-16 2022-05-03
7.2
 None Local Low Not required Complete Complete Complete
Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
43 CVE-2021-0112 428 2021-06-09 2021-06-22
4.4
 None Local Medium Not required Partial Partial Partial
Unquoted service path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.
44 CVE-2021-0111 476 2022-02-09 2022-02-25
4.6
 None Local Low Not required Partial Partial Partial
NULL pointer dereference in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
45 CVE-2021-0108 427 2021-06-09 2021-06-22
4.4
 None Local Medium Not required Partial Partial Partial
Uncontrolled search path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.
46 CVE-2021-0107 252 2022-02-09 2022-02-25
4.6
 None Local Low Not required Partial Partial Partial
Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
47 CVE-2021-0104 427 2021-06-09 2021-06-28
4.4
 None Local Medium Not required Partial Partial Partial
Uncontrolled search path element in the installer for the Intel(R) Rapid Storage Technology software, before versions 17.9.0.34, 18.0.0.640 and 18.1.0.24, may allow an authenticated user to potentially enable escalation of privilege via local access.
48 CVE-2021-0103 2022-02-09 2022-07-12
4.6
 None Local Low Not required Partial Partial Partial
Insufficient control flow management in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
49 CVE-2021-0102 732 2021-06-09 2021-06-22
4.6
 None Local Low Not required Partial Partial Partial
Insecure inherited permissions in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.
50 CVE-2021-0100 276 2021-06-09 2021-06-17
4.6
 None Local Low Not required Partial Partial Partial
Incorrect default permissions in the installer for the Intel(R) SSD Data Center Tool, versions downloaded before 12/31/2020, may allow an authenticated user to potentially enable escalation of privilege via local access.
Total number of vulnerabilities : 399   Page : 1 (This Page)2 3 4 5 6 7 8
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.