Vulnerabilities (CVE)

Filtered by vendor Intel Subscribe
Total 1596 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-12131 1 Intel 3 Client Nvme, Datacenter Nvme, Rapid Storage Technology 2024-11-21 4.6 MEDIUM 7.8 HIGH
Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access.
CVE-2018-12130 2 Fedoraproject, Intel 3 Fedora, Microarchitectural Fill Buffer Data Sampling, Microarchitectural Fill Buffer Data Sampling Firmware 2024-11-21 4.7 MEDIUM 5.6 MEDIUM
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
CVE-2018-12127 2 Fedoraproject, Intel 3 Fedora, Microarchitectural Load Port Data Sampling, Microarchitectural Load Port Data Sampling Firmware 2024-11-21 4.7 MEDIUM 5.6 MEDIUM
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
CVE-2018-12126 2 Fedoraproject, Intel 3 Fedora, Microarchitectural Store Buffer Data Sampling, Microarchitectural Store Buffer Data Sampling Firmware 2024-11-21 4.7 MEDIUM 5.6 MEDIUM
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
CVE-2018-10932 1 Intel 1 Lldptool 2024-11-21 3.3 LOW 4.3 MEDIUM
lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal.
CVE-2017-5927 5 Allwinner, Amd, Intel and 2 more 20 A64, Athlon Ii 640 X4, E-350 and 17 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
CVE-2017-5926 5 Allwinner, Amd, Intel and 2 more 20 A64, Athlon Ii 640 X4, E-350 and 17 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
CVE-2017-5925 5 Allwinner, Amd, Intel and 2 more 20 A64, Athlon Ii 640 X4, E-350 and 17 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
CVE-2017-5754 2 Arm, Intel 209 Cortex-a, Atom C, Atom E and 206 more 2024-11-21 4.7 MEDIUM 5.6 MEDIUM
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
CVE-2017-5753 13 Arm, Canonical, Debian and 10 more 387 Cortex-a12, Cortex-a12 Firmware, Cortex-a15 and 384 more 2024-11-21 4.7 MEDIUM 5.6 MEDIUM
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-5738 1 Intel 1 Unite 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1.41.18 and 3.1.45.26 allows an attacker with network access to cause a denial of service and/or information disclosure.
CVE-2017-5736 1 Intel 1 Software Guard Extensions Platform Software Component 2024-11-21 7.2 HIGH 8.8 HIGH
An elevation of privilege in Intel Software Guard Extensions Platform Software Component before 1.9.105.42329 allows a local attacker to execute arbitrary code as administrator.
CVE-2017-5729 1 Intel 16 Active Management Technology Firmware, Dual Band Wireless-ac 3160, Dual Band Wireless-ac 3165 and 13 more 2024-11-21 5.8 MEDIUM 7.4 HIGH
Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and Tri-Band Wireless-AC Products allows remote attacker to replay frames via channel-based man-in-the-middle.
CVE-2017-5727 1 Intel 1 Graphics Driver 2024-11-21 7.2 HIGH 7.8 HIGH
Pointer dereference in subsystem in Intel Graphics Driver 15.40.x.x, 15.45.x.x, 15.46.x.x allows unprivileged user to elevate privileges via local access.
CVE-2017-5722 1 Intel 10 Nuc7i3bnh, Nuc7i3bnh Firmware, Nuc7i3bnk and 7 more 2024-11-21 4.4 MEDIUM 7.5 HIGH
Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass enforcement of integrity protections via manipulation of firmware storage.
CVE-2017-5721 1 Intel 10 Nuc7i3bnh, Nuc7i3bnh Firmware, Nuc7i3bnk and 7 more 2024-11-21 4.4 MEDIUM 7.5 HIGH
Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory.
CVE-2017-5719 1 Intel 1 Deep Learning Training Tool 2024-11-21 7.5 HIGH 9.8 CRITICAL
A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows a network attacker to remotely execute code as a local user.
CVE-2017-5717 1 Intel 1 Graphics Driver 2024-11-21 7.2 HIGH 7.8 HIGH
Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access.
CVE-2017-5715 7 Arm, Canonical, Debian and 4 more 221 Cortex-a, Ubuntu Linux, Debian Linux and 218 more 2024-11-21 1.9 LOW 5.6 MEDIUM
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-5712 3 Asus, Intel, Siemens 394 B150-a, B150-a Firmware, B150-plus and 391 more 2024-11-21 9.0 HIGH 7.2 HIGH
Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege.