CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   

Intel : Security Vulnerabilities (CVSS score between 6 and 8.99)

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-23097 125 2022-01-28 2022-09-29
6.4
 None Remote Low Not required Partial None Partial
An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read.
2 CVE-2022-23096 125 2022-01-28 2022-09-29
6.4
 None Remote Low Not required Partial None Partial
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read.
3 CVE-2021-33833 787 Overflow 2021-06-09 2022-02-09
7.5
 None Remote Low Not required Partial Partial Partial
ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA).
4 CVE-2021-33097 367 2021-11-17 2021-11-22
6.0
 None Remote Medium ??? Partial Partial Partial
Time-of-check time-of-use vulnerability in the Crypto API Toolkit for Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via network access.
5 CVE-2021-0194 2022-05-12 2022-07-12
6.5
 None Remote Low ??? Partial Partial Partial
Improper access control in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access.
6 CVE-2021-0144 1188 2021-07-14 2022-02-24
7.2
 None Local Low Not required Complete Complete Complete
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access.
7 CVE-2021-0114 1188 2021-08-16 2022-05-03
7.2
 None Local Low Not required Complete Complete Complete
Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
8 CVE-2021-0091 2022-02-09 2022-07-12
7.2
 None Local Low Not required Complete Complete Complete
Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access.
9 CVE-2020-12347 20 2020-11-12 2020-11-20
6.5
 None Remote Low ??? Partial Partial Partial
Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable escalation of privilege via network access.
10 CVE-2020-12339 2021-02-17 2021-02-22
6.5
 None Remote Low ??? Partial Partial Partial
Insufficient control flow management in the API for the Intel(R) Collaboration Suite for WebRTC before version 4.3.1 may allow an authenticated user to potentially enable escalation of privilege via network access.
11 CVE-2020-12338 2020-11-13 2020-11-23
7.5
 None Remote Low Not required Partial Partial Partial
Insufficient control flow management in the Open WebRTC Toolkit before version 4.3.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
12 CVE-2020-12315 22 Dir. Trav. 2020-11-12 2020-11-20
7.5
 None Remote Low Not required Partial Partial Partial
Path traversal in the Intel(R) EMA before version 1.3.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
13 CVE-2020-8758 2020-09-10 2023-05-22
7.5
 None Remote Low Not required Partial Partial Partial
Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned systems, an authenticated user may potentially enable escalation of privilege via local access.
14 CVE-2020-8752 787 2020-11-12 2023-05-22
7.5
 None Remote Low Not required Partial Partial Partial
Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow an unauthenticated user to potentially enable escalation of privileges via network access.
15 CVE-2020-8747 125 DoS 2020-11-12 2023-05-22
6.4
 None Remote Low Not required Partial None Partial
Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access.
16 CVE-2020-0595 416 2020-06-15 2021-03-18
7.5
 None Remote Low Not required Partial Partial Partial
Use after free in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
17 CVE-2020-0594 125 2020-06-15 2021-03-18
7.5
 None Remote Low Not required Partial Partial Partial
Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
18 CVE-2019-11132 79 XSS 2019-12-18 2019-12-31
6.8
 None Remote Medium Not required Partial Partial Partial
Cross site scripting in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow a privileged user to potentially enable escalation of privilege via network access.
19 CVE-2019-11131 2019-12-18 2020-08-24
7.5
 None Remote Low Not required Partial Partial Partial
Logic issue in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
20 CVE-2019-11119 2019-06-13 2023-03-01
7.5
 None Remote Low Not required Partial Partial Partial
Insufficient session validation in the service API for Intel(R) RWC3 version 4.186 and before may allow an unauthenticated user to potentially enable escalation of privilege via network access.
21 CVE-2019-11112 787 Mem. Corr. 2019-11-14 2022-03-31
7.2
 None Local Low Not required Complete Complete Complete
Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via local access.
22 CVE-2019-11107 20 2019-12-18 2020-01-02
7.5
 None Remote Low Not required Partial Partial Partial
Insufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
23 CVE-2019-0172 2019-05-17 2020-08-24
7.5
 None Remote Low Not required Partial Partial Partial
A logic issue in Intel Unite(R) Client for Android prior to version 4.0 may allow a remote attacker to potentially enable escalation of privilege via network access.
24 CVE-2019-0155 2019-11-14 2022-04-22
7.2
 None Local Low Not required Complete Complete Complete
Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.
25 CVE-2019-0153 119 Overflow 2019-05-17 2019-05-28
7.5
 None Remote Low Not required Partial Partial Partial
Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
26 CVE-2019-0145 120 Overflow 2019-11-14 2023-02-24
7.2
 None Local Low Not required Complete Complete Complete
Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.
27 CVE-2019-0142 269 2019-11-14 2021-07-21
7.2
 None Local Low Not required Complete Complete Complete
Insufficient access control in ilp60x64.sys driver for Intel(R) Ethernet 700 Series Controllers before version 1.33.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.
28 CVE-2019-0101 Bypass 2019-02-18 2020-08-24
7.5
 None Remote Low Not required Partial Partial Partial
Authentication bypass in the Intel Unite(R) solution versions 3.2 through 3.3 may allow an unauthenticated user to potentially enable escalation of privilege to the Intel Unite(R) Solution administrative portal via network access.
29 CVE-2019-0098 2019-05-17 2020-08-24
7.2
 None Local Low Not required Complete Complete Complete
Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
30 CVE-2019-0091 94 2019-05-17 2019-06-20
7.2
 None Local Low Not required Complete Complete Complete
Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.
31 CVE-2018-12220 Exec Code 2019-03-14 2019-10-03
7.2
 None Local Low Not required Complete Complete Complete
Logic bug in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to execute arbitrary code via local access.
32 CVE-2018-12216 20 Exec Code 2019-03-14 2019-04-04
7.2
 None Local Low Not required Complete Complete Complete
Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to execute arbitrary code via local access via local access.
33 CVE-2018-12214 119 Exec Code Overflow Mem. Corr. 2019-03-14 2019-04-04
7.2
 None Local Low Not required Complete Complete Complete
Potential memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to execute arbitrary code via local access.
34 CVE-2018-12199 119 Exec Code Overflow 2019-03-14 2019-04-23
7.2
 None Local Low Not required Complete Complete Complete
Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access.
35 CVE-2018-12192 287 Bypass 2019-03-14 2019-04-04
7.2
 None Local Low Not required Complete Complete Complete
Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.
36 CVE-2018-12191 119 Exec Code Overflow 2019-03-14 2020-09-10
7.2
 None Local Low Not required Complete Complete Complete
Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.
37 CVE-2018-12168 732 Exec Code 2018-09-12 2019-10-03
7.2
 None Local Low Not required Complete Complete Complete
Privilege escalation in file permissions in Intel Computing Improvement Program before version 2.2.0.03942 may allow an authenticated user to potentially execute code as administrator via local access.
38 CVE-2018-12163 427 2018-09-12 2019-10-03
6.8
 None Remote Medium Not required Partial Partial Partial
A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access.
39 CVE-2018-12148 732 Exec Code 2018-09-12 2019-10-03
7.2
 None Local Low Not required Complete Complete Complete
Privilege escalation in file permissions in Intel Driver and Support Assistant before 3.5.0.1 may allow an authenticated user to potentially execute code as administrator via local access.
40 CVE-2018-12147 20 2019-06-13 2020-08-24
7.2
 None Local Low Not required Complete Complete Complete
Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, IntelĀ® Server Platform Services before version 4.0 and IntelĀ® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of privileges via local access.
41 CVE-2018-3679 Exec Code 2018-09-12 2019-10-03
8.3
 None Local Network Low Not required Complete Complete Complete
Escalation of privilege in Reference UI in Intel Data Center Manager SDK 5.0 and before may allow an unauthorized remote unauthenticated user to potentially execute code via administrator privileges.
42 CVE-2018-3672 Exec Code 2018-08-01 2019-10-03
7.2
 None Local Low Not required Complete Complete Complete
Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a system calls.
43 CVE-2018-3670 119 Exec Code Overflow 2018-08-01 2018-10-01
7.2
 None Local Low Not required Complete Complete Complete
Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a buffer overflow.
44 CVE-2018-3666 Exec Code Overflow 2018-08-01 2019-10-03
7.2
 None Local Low Not required Complete Complete Complete
Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a non-paged pool overflow.
45 CVE-2018-3662 Exec Code 2018-08-01 2019-10-03
7.7
 None Local Network Low ??? Complete Complete Complete
Escalation of privilege in Intel Saffron MemoryBase before version 11.4 potentially allows an authorized user of the Saffron application to execute arbitrary code as root.
46 CVE-2018-3657 119 Exec Code Overflow 2018-09-12 2021-05-26
7.2
 None Local Low Not required Complete Complete Complete
Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.
47 CVE-2018-3612 20 2018-05-10 2018-06-18
7.2
 None Local Low Not required Complete Complete Complete
Intel NUC kits with insufficient input validation in system firmware, potentially allows a local attacker to elevate privileges to System Management Mode (SMM).
48 CVE-2017-12865 119 DoS Exec Code Overflow 2017-08-29 2020-03-05
7.5
 None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable.
49 CVE-2017-5738 200 DoS +Info 2017-11-16 2019-10-03
6.4
 None Remote Low Not required Partial None Partial
Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1.41.18 and 3.1.45.26 allows an attacker with network access to cause a denial of service and/or information disclosure.
50 CVE-2017-5736 269 Exec Code 2018-03-20 2019-10-03
7.2
 None Local Low Not required Complete Complete Complete
An elevation of privilege in Intel Software Guard Extensions Platform Software Component before 1.9.105.42329 allows a local attacker to execute arbitrary code as administrator.
Total number of vulnerabilities : 82   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.