Vulnerabilities (CVE)

Filtered by vendor Intel Subscribe
Total 1596 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-3658 2 Intel, Siemens 25 Active Management Technology Firmware, Converged Security Management Engine Firmware, Manageability Engine Firmware and 22 more 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.
CVE-2018-3657 2 Intel, Siemens 25 Active Management Technology Firmware, Converged Security Management Engine Firmware, Manageability Engine Firmware and 22 more 2024-11-21 7.2 HIGH 6.7 MEDIUM
Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.
CVE-2018-3655 1 Intel 3 Converged Security Management Engine Firmware, Server Platform Services Firmware, Trusted Execution Engine Firmware 2024-11-21 3.6 LOW 7.3 HIGH
A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.
CVE-2018-3652 1 Intel 34 Atom C, Xeon, Xeon Bronze 3104 and 31 more 2024-11-21 4.6 MEDIUM 7.6 HIGH
Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces.
CVE-2018-3650 1 Intel 1 Distribution For Python 2024-11-21 4.6 MEDIUM 7.8 HIGH
Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector.
CVE-2018-3649 1 Intel 18 Dual Band Wireless-ac 3160, Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3168 and 15 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
DLL injection vulnerability in the installation executables (Autorun.exe and Setup.exe) for Intel's wireless drivers and related software in Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC family of products allows a local attacker to cause escalation of privilege via remote code execution.
CVE-2018-3646 1 Intel 8 Core I3, Core I5, Core I7 and 5 more 2024-11-21 4.7 MEDIUM 5.6 MEDIUM
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.
CVE-2018-3645 1 Intel 2 Remote Keyboard, Remote Keyboard Mobile App 2024-11-21 4.6 MEDIUM 7.8 HIGH
Escalation of privilege in all versions of the Intel Remote Keyboard allows a local attacker to inject keystrokes into another remote keyboard session.
CVE-2018-3643 1 Intel 2 Converged Security Management Engine Firmware, Server Platform Services Firmware 2024-11-21 4.6 MEDIUM 8.2 HIGH
A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.
CVE-2018-3641 1 Intel 2 Remote Keyboard, Remote Keyboard Mobile App 2024-11-21 7.5 HIGH 9.8 CRITICAL
Escalation of privilege in all versions of the Intel Remote Keyboard allows a network attacker to inject keystrokes as a local user.
CVE-2018-3640 2 Arm, Intel 199 Cortex-a, Atom C, Atom E and 196 more 2024-11-21 4.7 MEDIUM 5.6 MEDIUM
Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.
CVE-2018-3639 12 Arm, Canonical, Debian and 9 more 321 Cortex-a, Ubuntu Linux, Debian Linux and 318 more 2024-11-21 2.1 LOW 5.5 MEDIUM
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
CVE-2018-3638 1 Intel 2 Remote Keyboard, Remote Keyboard Mobile App 2024-11-21 7.2 HIGH 7.8 HIGH
Escalation of privilege in all versions of the Intel Remote Keyboard allows an authorized local attacker to execute arbitrary code as a privileged user.
CVE-2018-3635 1 Intel 1 Rapid Storage Technology 2024-11-21 4.6 MEDIUM 7.8 HIGH
Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access.
CVE-2018-3634 1 Intel 1 Online Connect Access 2024-11-21 4.9 MEDIUM 5.5 MEDIUM
Parameter corruption in NDIS filter driver in Intel Online Connect Access 1.9.22.0 allows an attacker to cause a denial of service via local access.
CVE-2018-3632 1 Intel 15 Active Management Technology Firmware, Core 2 Duo, Core 2 Extreme and 12 more 2024-11-21 7.2 HIGH 6.7 MEDIUM
Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x / 9.x / 10.x / 11.0 / 11.5 / 11.6 / 11.7 / 11.10 / 11.20 could be triggered by an attacker with local administrator permission on the system.
CVE-2018-3629 1 Intel 15 Active Management Technology Firmware, Core 2 Duo, Core 2 Extreme and 12 more 2024-11-21 3.3 LOW 6.5 MEDIUM
Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to cause a denial of service via the same subnet.
CVE-2018-3628 1 Intel 17 Active Management Technology Firmware, Core 2 Duo, Core 2 Extreme and 14 more 2024-11-21 8.3 HIGH 8.8 HIGH
Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet.
CVE-2018-3627 2 Intel, Netapp 26 Converged Security Management Engine Firmware, Core I3, Core I5 and 23 more 2024-11-21 4.6 MEDIUM 8.2 HIGH
Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.
CVE-2018-3626 3 Intel, Linux, Microsoft 3 Sgx Sdk, Linux Kernel, Windows 2024-11-21 1.9 LOW 4.7 MEDIUM
Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9.6 (Windows) may generate code that is susceptible to a side channel potentially allowing a local user to access unauthorized information.