Filtered by vendor Intel
Subscribe
Total
1494 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32576 | 1 Intel | 1 Unite | 2023-11-07 | N/A | 7.8 HIGH |
| Uncontrolled search path in the Intel(R) Unite(R) Plugin SDK before version 4.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-31477 | 1 Intel | 70 Cm11ebc4w, Cm11ebc4w Firmware, Cm11ebi38w and 67 more | 2023-11-07 | N/A | 4.4 MEDIUM |
| Improper initialization for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2022-30338 | 1 Intel | 1 Virtual Raid On Cpu | 2023-11-07 | N/A | 7.8 HIGH |
| Incorrect default permissions in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-29919 | 1 Intel | 1 Virtual Raid On Cpu | 2023-11-07 | N/A | 7.8 HIGH |
| Use after free in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-29887 | 1 Intel | 1 Manageability Commander | 2023-11-07 | N/A | 9.6 CRITICAL |
| Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2022-29871 | 1 Intel | 431 Atom X5-e3930, Atom X5-e3940, Atom X6200fe and 428 more | 2023-11-07 | N/A | 7.8 HIGH |
| Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-29508 | 1 Intel | 1 Virtual Raid On Cpu | 2023-11-07 | N/A | 7.8 HIGH |
| Null pointer dereference in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-28699 | 1 Intel | 38 Nuc7cjyh, Nuc7cjyh Firmware, Nuc7cjyhn and 35 more | 2023-11-07 | N/A | 6.7 MEDIUM |
| Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-27879 | 1 Intel | 142 Atom X5-e3930, Atom X5-e3930 Firmware, Atom X5-e3940 and 139 more | 2023-11-07 | N/A | 4.4 MEDIUM |
| Improper buffer restrictions in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2022-27635 | 3 Debian, Fedoraproject, Intel | 17 Debian Linux, Fedora, Killer and 14 more | 2023-11-07 | N/A | 6.7 MEDIUM |
| Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-27180 | 1 Intel | 1 Maccpuid | 2023-11-07 | N/A | 7.8 HIGH |
| Uncontrolled search path in the Intel(R) MacCPUID software before version 3.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-25976 | 1 Intel | 1 Virtual Raid On Cpu | 2023-11-07 | N/A | 5.5 MEDIUM |
| Improper input validation in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2022-25864 | 1 Intel | 1 Oneapi Math Kernel Library | 2023-11-07 | N/A | 7.8 HIGH |
| Uncontrolled search path in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-21804 | 1 Intel | 1 Quickassist Technology | 2023-11-07 | N/A | 7.8 HIGH |
| Out-of-bounds write in software for the Intel QAT Driver for Windows before version 1.9.0-0008 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-21239 | 1 Intel | 1 Quickassist Technology | 2023-11-07 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in software for the Intel QAT Driver for Windows before version 1.9.0-0008 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2022-21166 | 5 Debian, Fedoraproject, Intel and 2 more | 7 Debian Linux, Fedora, Sgx Dcap and 4 more | 2023-11-07 | 2.1 LOW | 5.5 MEDIUM |
| Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2022-21162 | 1 Intel | 1 Nuc Hdmi Firmware Update Tool | 2023-11-07 | N/A | 7.3 HIGH |
| Uncontrolled search path for the Intel(R) HDMI Firmware Update tool for NUC before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-21125 | 5 Debian, Fedoraproject, Intel and 2 more | 7 Debian Linux, Fedora, Sgx Dcap and 4 more | 2023-11-07 | 2.1 LOW | 5.5 MEDIUM |
| Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2022-21123 | 5 Debian, Fedoraproject, Intel and 2 more | 7 Debian Linux, Fedora, Sgx Dcap and 4 more | 2023-11-07 | 2.1 LOW | 5.5 MEDIUM |
| Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2021-44228 | 11 Apache, Bentley, Cisco and 8 more | 156 Log4j, Synchro, Synchro 4d and 153 more | 2023-11-07 | 9.3 HIGH | 10.0 CRITICAL |
| Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. | |||||