Filtered by vendor Intel
Subscribe
Total
1596 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-46748 | 2 Amd, Intel | 123 Radeon Pro Vega 56, Radeon Pro Vega 56 Firmware, Radeon Pro Vega 64 and 120 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of service. | |||||
| CVE-2021-45046 | 7 Apache, Cvat, Debian and 4 more | 61 Log4j, Computer Vision Annotation Tool, Debian Linux and 58 more | 2024-11-21 | 5.1 MEDIUM | 9.0 CRITICAL |
| It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default. | |||||
| CVE-2021-44545 | 1 Intel | 18 Killer Ac 1550, Killer Ac 1550 Firmware, Killer Wi-fi 6 Ax1650 and 15 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2021-44470 | 1 Intel | 1 Connect M | 2024-11-21 | N/A | 5.5 MEDIUM |
| Incorrect default permissions for the Intel(R) Connect M Android application before version 1.7.4 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2021-44454 | 1 Intel | 1 Quartus Prime | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-44228 | 12 Apache, Apple, Bentley and 9 more | 157 Log4j, Xcode, Synchro and 154 more | 2024-11-21 | 9.3 HIGH | 10.0 CRITICAL |
| Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. | |||||
| CVE-2021-37409 | 1 Intel | 26 Killer Ac 1550, Killer Ac 1550 Firmware, Killer Wi-fi 6 Ax1650 and 23 more | 2024-11-21 | N/A | 7.8 HIGH |
| Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-33847 | 1 Intel | 36 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 33 more | 2024-11-21 | N/A | 7.8 HIGH |
| Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-33833 | 2 Debian, Intel | 2 Debian Linux, Connection Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA). | |||||
| CVE-2021-33166 | 1 Intel | 1 Retail Experience Tool | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Incorrect default permissions for the Intel(R) RXT for Chromebook application, all versions, may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2021-33164 | 1 Intel | 8 Nuc 8 Mainstream-g Kit Nuc8i5inh, Nuc 8 Mainstream-g Kit Nuc8i5inh Firmware, Nuc 8 Mainstream-g Kit Nuc8i7inh and 5 more | 2024-11-21 | N/A | 8.2 HIGH |
| Improper access control in BIOS firmware for some Intel(R) NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-33159 | 1 Intel | 1 Active Management Technology Firmware | 2024-11-21 | N/A | 7.4 HIGH |
| Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-33155 | 1 Intel | 32 Ac3168, Ac3168 Firmware, Ac 1550 and 29 more | 2024-11-21 | 2.7 LOW | 5.7 MEDIUM |
| Improper input validation in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2021-33150 | 1 Intel | 419 Atom C2308, Atom C2316, Atom C2338 and 416 more | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||||
| CVE-2021-33149 | 1 Intel | 16 Atom Processors, Atom Processors Firmware, Celeron Processors and 13 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | |||||
| CVE-2021-33147 | 1 Intel | 1 Integrated Performance Primitives Cryptography | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Improper conditions check in the Intel(R) IPP Crypto library before version 2021.2 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2021-33139 | 1 Intel | 32 Ac3168, Ac3168 Firmware, Ac 1550 and 29 more | 2024-11-21 | 2.7 LOW | 5.7 MEDIUM |
| Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2021-33137 | 1 Intel | 1 Kernelflinger | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Out-of-bounds write in the Intel(R) Kernelflinger project may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-33135 | 1 Intel | 1 Software Guard Extensions | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Uncontrolled resource consumption in the Linux kernel drivers for Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2021-33130 | 1 Intel | 2 Realsense Id F450, Realsense Id F450 Firmware | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
| Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access. | |||||