Intel : Security Vulnerabilities, CVEs, (Information Leak)
Heap corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via network access.
Max CVSS
9.8
EPSS Score
0.21%
Published
2019-11-14
Updated
2020-08-24
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or information disclosure.
Max CVSS
9.8
EPSS Score
0.21%
Published
2020-10-29
Updated
2020-11-05
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable information disclosure and escalation of privilege via network access.
Max CVSS
9.8
EPSS Score
0.30%
Published
2022-08-18
Updated
2023-05-22
Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1.41.18 and 3.1.45.26 allows an attacker with network access to cause a denial of service and/or information disclosure.
Max CVSS
9.1
EPSS Score
0.16%
Published
2017-11-16
Updated
2019-10-03
Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access.
Max CVSS
9.1
EPSS Score
0.23%
Published
2019-11-14
Updated
2021-07-21
Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access.
Max CVSS
9.1
EPSS Score
0.16%
Published
2020-11-12
Updated
2023-05-22
Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access.
Max CVSS
8.8
EPSS Score
0.08%
Published
2019-12-18
Updated
2020-02-11
Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable escalation of privilege, denial of service, and information disclosure via adjacent access.
Max CVSS
8.8
EPSS Score
0.07%
Published
2019-11-14
Updated
2020-08-24
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request, which can lead to information disclosure or code execution.
Max CVSS
8.8
EPSS Score
0.07%
Published
2020-10-29
Updated
2020-11-05
Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access.
Max CVSS
8.8
EPSS Score
0.04%
Published
2023-11-14
Updated
2023-12-16
Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.
Max CVSS
8.2
EPSS Score
0.04%
Published
2018-09-12
Updated
2019-10-03
Insufficient input validation in system firmware for Intel(R) Broadwell U i5 vPro before version MYBDWi5v.86A may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.
Max CVSS
8.2
EPSS Score
0.04%
Published
2019-04-17
Updated
2019-04-18
Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
Max CVSS
8.2
EPSS Score
0.04%
Published
2019-11-14
Updated
2019-11-22
Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.
Max CVSS
8.1
EPSS Score
0.07%
Published
2019-12-18
Updated
2020-01-02
Stack overflow in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure and/or denial of service via network access.
Max CVSS
8.1
EPSS Score
0.08%
Published
2019-11-14
Updated
2019-11-19
Improper input validation in software for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi in Windows 10 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.
Max CVSS
8.1
EPSS Score
0.06%
Published
2021-11-17
Updated
2021-11-19
Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.
Max CVSS
8.1
EPSS Score
0.06%
Published
2022-02-09
Updated
2022-02-15
Protection mechanism failure in firmware for some Intel(R) SSD DC Products may allow a privileged user to potentially enable information disclosure via local access.
Max CVSS
7.9
EPSS Score
0.04%
Published
2022-09-20
Updated
2022-09-22
Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.
Max CVSS
7.8
EPSS Score
0.04%
Published
2019-05-17
Updated
2019-05-21
Improper access control in the Intel(R) Processor Diagnostic Tool before version 4.1.2.24 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.
Max CVSS
7.8
EPSS Score
0.04%
Published
2019-07-11
Updated
2020-08-24
Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable escalation of privilege, denial of service, and information disclosure via local access.
Max CVSS
7.8
EPSS Score
0.04%
Published
2019-11-14
Updated
2020-08-24
Memory corruption issues in Intel(R) PROSet/Wireless WiFi Software extension DLL before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and a denial of service via local access.
Max CVSS
7.8
EPSS Score
0.04%
Published
2019-11-14
Updated
2020-08-24
Logic errors in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, denial of service, and information disclosure via local access.
Max CVSS
7.8
EPSS Score
0.04%
Published
2019-11-14
Updated
2021-07-21
Insufficient access control in hardware abstraction in SEMA driver for Intel(R) Computing Improvement Program before version 2.4.0.04733 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
Max CVSS
7.8
EPSS Score
0.04%
Published
2019-08-19
Updated
2020-08-24
Insufficient access control in a hardware abstraction driver for Intel(R) Processor Identification Utility for Windows before version 6.1.0731 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
Max CVSS
7.8
EPSS Score
0.04%
Published
2019-08-19
Updated
2020-08-24