CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Intel : Security Vulnerabilities Published In 2019

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-14605 276 2019-12-16 2019-12-23
4.6
None Local Low Not required Partial Partial Partial
Improper permissions in the installer for the Intel(R) SCS Platform Discovery Utility, all versions, may allow an authenticated user to potentially enable escalation of privilege via local attack.
2 CVE-2019-14604 476 DoS 2019-12-16 2019-12-23
2.1
None Local Low Not required None None Partial
Null pointer dereference in the FPGA kernel driver for Intel(R) Quartus(R) Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable denial of service via local access.
3 CVE-2019-14603 276 2019-12-16 2020-02-10
4.6
None Local Low Not required Partial Partial Partial
Improper permissions in the installer for the License Server software for Intel® Quartus® Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
4 CVE-2019-14599 426 2019-12-16 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
Unquoted service path in Control Center-I version 2.1.0.0 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.
5 CVE-2019-14591 20 DoS 2019-11-14 2020-03-20
2.1
None Local Low Not required None None Partial
Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.
6 CVE-2019-14590 2019-11-14 2020-08-24
2.1
None Local Low Not required Partial None None
Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access.
7 CVE-2019-14574 125 DoS 2019-11-14 2020-03-20
2.1
None Local Low Not required None None Partial
Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.
8 CVE-2019-14568 276 2019-12-16 2020-01-09
4.6
None Local Low Not required Partial Partial Partial
Improper permissions in the executable for Intel(R) RST before version 17.7.0.1006 may allow an authenticated user to potentially enable escalation of privilege via local access.
9 CVE-2019-11167 732 2019-10-11 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
Improper file permission in software installer for Intel(R) Smart Connect Technology for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access.
10 CVE-2019-11166 732 2019-09-16 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
Improper file permissions in the installer for Intel(R) Easy Streaming Wizard before version 2.1.0731 may allow an authenticated user to potentially enable escalation of privilege via local attack.
11 CVE-2019-11165 754 DoS 2019-12-16 2019-12-27
2.1
None Local Low Not required None None Partial
Improper conditions check in the Linux kernel driver for the Intel(R) FPGA SDK for OpenCL(TM) Pro Edition before version 19.4 may allow an authenticated user to potentially enable denial of service via local access.
12 CVE-2019-11163 DoS 2019-08-19 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
Insufficient access control in a hardware abstraction driver for Intel(R) Processor Identification Utility for Windows before version 6.1.0731 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
13 CVE-2019-11162 DoS 2019-08-19 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
Insufficient access control in hardware abstraction in SEMA driver for Intel(R) Computing Improvement Program before version 2.4.0.04733 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
14 CVE-2019-11148 2019-08-19 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
Improper permissions in the installer for Intel(R) Remote Displays SDK before version 2.0.1 R2 may allow an authenticated user to potentially enable escalation of privilege via local access.
15 CVE-2019-11147 2019-12-18 2020-01-02
4.6
None Local Low Not required Partial Partial Partial
Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL-SA-00125 Detection Tool version 1.0.45.0 or before may allow an authenticated user to potentially enable escalation of privilege via local access.
16 CVE-2019-11146 275 2019-08-19 2020-02-10
4.6
None Local Low Not required Partial Partial Partial
Improper file verification in Intel® Driver & Support Assistant before 19.7.30.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
17 CVE-2019-11145 275 2019-08-19 2020-02-10
4.6
None Local Low Not required Partial Partial Partial
Improper file verification in Intel® Driver & Support Assistant before 19.7.30.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
18 CVE-2019-11143 2019-08-19 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
Improper permissions in the software installer for Intel(R) Authenticate before 3.8 may allow an authenticated user to potentially enable escalation of privilege via local access.
19 CVE-2019-11133 DoS 2019-07-11 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
Improper access control in the Intel(R) Processor Diagnostic Tool before version 4.1.2.24 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.
20 CVE-2019-11132 79 XSS 2019-12-18 2019-12-31
6.8
None Remote Medium Not required Partial Partial Partial
Cross site scripting in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow a privileged user to potentially enable escalation of privilege via network access.
21 CVE-2019-11131 2019-12-18 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
Logic issue in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
22 CVE-2019-11119 2019-06-13 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
Insufficient session validation in the service API for Intel(R) RWC3 version 4.186 and before may allow an unauthenticated user to potentially enable escalation of privilege via network access.
23 CVE-2019-11117 2019-06-13 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
Improper permissions in the installer for Intel(R) Omni-Path Fabric Manager GUI before version 10.9.2.1.1 may allow an authenticated user to potentially enable escalation of privilege via local attack.
24 CVE-2019-11114 20 DoS 2019-05-17 2019-05-21
2.1
None Local Low Not required None None Partial
Insufficient input validation in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable denial of service via local access.
25 CVE-2019-11113 119 Overflow 2019-11-14 2020-03-20
2.1
None Local Low Not required Partial None None
Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local access.
26 CVE-2019-11112 269 Mem. Corr. 2019-11-14 2020-03-20
7.2
None Local Low Not required Complete Complete Complete
Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via local access.
27 CVE-2019-11111 476 2019-11-14 2020-03-20
4.6
None Local Low Not required Partial Partial Partial
Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege via local access.
28 CVE-2019-11110 Bypass 2019-12-18 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.
29 CVE-2019-11109 DoS 2019-12-18 2020-01-03
4.6
None Local Low Not required Partial Partial Partial
Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0 may allow a privileged user to potentially enable denial of service via local access.
30 CVE-2019-11108 20 2019-12-18 2019-12-31
4.6
None Local Low Not required Partial Partial Partial
Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access.
31 CVE-2019-11107 20 2019-12-18 2020-01-02
7.5
None Remote Low Not required Partial Partial Partial
Insufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
32 CVE-2019-11106 613 2019-12-18 2019-12-31
4.6
None Local Low Not required Partial Partial Partial
Insufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.
33 CVE-2019-11105 269 2019-12-18 2019-12-31
4.6
None Local Low Not required Partial Partial Partial
Logic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13.0.10 and 14.0.10 may allow a privileged user to potentially enable escalation of privilege and information disclosure via local access.
34 CVE-2019-11104 20 2019-12-18 2020-01-02
4.6
None Local Low Not required Partial Partial Partial
Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.
35 CVE-2019-11103 20 2019-12-18 2020-01-02
4.6
None Local Low Not required Partial Partial Partial
Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.
36 CVE-2019-11102 20 2019-12-18 2020-01-02
2.1
None Local Low Not required Partial None None
Insufficient input validation in Intel(R) DAL software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.
37 CVE-2019-11101 20 2019-12-18 2020-01-02
2.1
None Local Low Not required Partial None None
Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.
38 CVE-2019-11100 20 2019-12-18 2020-01-02
2.1
None Local Low Not required Partial None None
Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via physical access.
39 CVE-2019-11097 276 2019-12-18 2020-01-02
4.6
None Local Low Not required Partial Partial Partial
Improper directory permissions in the installer for Intel(R) Management Engine Consumer Driver for Windows before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45,13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.
40 CVE-2019-11095 2019-05-17 2020-08-24
2.1
None Local Low Not required Partial None None
Insufficient access control in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access.
41 CVE-2019-11093 428 2019-05-17 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.
42 CVE-2019-11092 522 2019-06-13 2020-08-24
3.6
None Local Low Not required Partial Partial None
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
43 CVE-2019-11090 362 2019-12-18 2020-01-03
4.3
None Remote Medium Not required Partial None None
Cryptographic timing conditions in the subsystem for Intel(R) PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; Intel(R) TXE 3.1.70 and 4.0.20; Intel(R) SPS before versions SPS_E5_04.01.04.305.0, SPS_SoC-X_04.00.04.108.0, SPS_SoC-A_04.00.04.191.0, SPS_E3_04.01.04.086.0, SPS_E3_04.08.04.047.0 may allow an unauthenticated user to potentially enable information disclosure via network access.
44 CVE-2019-11089 20 DoS 2019-11-14 2020-03-20
2.1
None Local Low Not required None None Partial
Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access.
45 CVE-2019-11088 20 2019-12-18 2019-12-31
5.8
None Local Network Low Not required Partial Partial Partial
Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
46 CVE-2019-11087 20 DoS 2019-12-18 2020-01-02
4.6
None Local Low Not required Partial Partial Partial
Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access.
47 CVE-2019-11086 20 2019-12-18 2020-01-02
4.6
None Local Low Not required Partial Partial Partial
Insufficient input validation in subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
48 CVE-2019-0183 522 2019-06-13 2020-08-24
2.1
None Local Low Not required Partial None None
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
49 CVE-2019-0182 522 2019-06-13 2020-08-24
2.1
None Local Low Not required Partial None None
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
50 CVE-2019-0181 2019-06-13 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.
Total number of vulnerabilities : 150   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.