Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-3628

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-10 Jul, 2018 | 21:00
Updated At-05 Aug, 2024 | 04:50
Rejected At-
Credits

Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:10 Jul, 2018 | 21:00
Updated At:05 Aug, 2024 | 04:50
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet.

Affected Products
Vendor
Intel CorporationIntel Corporation
Product
Intel Active Management Technology
Versions
Affected
  • 3.x,4.x,5.x,6.x,7.x,8.x,9.x,10.x,11.x
Problem Types
TypeCWE IDDescription
textN/AElevation of Privilege
Type: text
CWE ID: N/A
Description: Elevation of Privilege
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securitytracker.com/id/1041362
vdb-entry
x_refsource_SECTRACK
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00112.html
x_refsource_CONFIRM
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03868en_us
x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20190327-0001/
x_refsource_CONFIRM
Hyperlink: http://www.securitytracker.com/id/1041362
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00112.html
Resource:
x_refsource_CONFIRM
Hyperlink: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03868en_us
Resource:
x_refsource_CONFIRM
Hyperlink: https://security.netapp.com/advisory/ntap-20190327-0001/
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securitytracker.com/id/1041362
vdb-entry
x_refsource_SECTRACK
x_transferred
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00112.html
x_refsource_CONFIRM
x_transferred
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03868en_us
x_refsource_CONFIRM
x_transferred
https://security.netapp.com/advisory/ntap-20190327-0001/
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securitytracker.com/id/1041362
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00112.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03868en_us
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://security.netapp.com/advisory/ntap-20190327-0001/
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:10 Jul, 2018 | 21:29
Updated At:24 Aug, 2020 | 17:37

Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.08.3HIGH
AV:A/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 8.3
Base severity: HIGH
Vector:
AV:A/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Intel Corporation
intel
>>active_management_technology_firmware>>Versions from 3.0(inclusive) to 11.22.70(inclusive)
cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e4300
cpe:2.3:h:intel:core_2_duo:e4300:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e4400
cpe:2.3:h:intel:core_2_duo:e4400:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e4500
cpe:2.3:h:intel:core_2_duo:e4500:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e4600
cpe:2.3:h:intel:core_2_duo:e4600:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e4700
cpe:2.3:h:intel:core_2_duo:e4700:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e6300
cpe:2.3:h:intel:core_2_duo:e6300:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e6320
cpe:2.3:h:intel:core_2_duo:e6320:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e6400
cpe:2.3:h:intel:core_2_duo:e6400:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e6420
cpe:2.3:h:intel:core_2_duo:e6420:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e6540
cpe:2.3:h:intel:core_2_duo:e6540:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e6550
cpe:2.3:h:intel:core_2_duo:e6550:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e6600
cpe:2.3:h:intel:core_2_duo:e6600:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e6700
cpe:2.3:h:intel:core_2_duo:e6700:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e6750
cpe:2.3:h:intel:core_2_duo:e6750:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e6850
cpe:2.3:h:intel:core_2_duo:e6850:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e7200
cpe:2.3:h:intel:core_2_duo:e7200:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e7300
cpe:2.3:h:intel:core_2_duo:e7300:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e7400
cpe:2.3:h:intel:core_2_duo:e7400:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e7500
cpe:2.3:h:intel:core_2_duo:e7500:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e7600
cpe:2.3:h:intel:core_2_duo:e7600:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e8190
cpe:2.3:h:intel:core_2_duo:e8190:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e8200
cpe:2.3:h:intel:core_2_duo:e8200:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e8300
cpe:2.3:h:intel:core_2_duo:e8300:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e8400
cpe:2.3:h:intel:core_2_duo:e8400:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e8500
cpe:2.3:h:intel:core_2_duo:e8500:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>e8600
cpe:2.3:h:intel:core_2_duo:e8600:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>l7200
cpe:2.3:h:intel:core_2_duo:l7200:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>l7300
cpe:2.3:h:intel:core_2_duo:l7300:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>l7400
cpe:2.3:h:intel:core_2_duo:l7400:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>l7500
cpe:2.3:h:intel:core_2_duo:l7500:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>l7700
cpe:2.3:h:intel:core_2_duo:l7700:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>p7350
cpe:2.3:h:intel:core_2_duo:p7350:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>p7370
cpe:2.3:h:intel:core_2_duo:p7370:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>p7450
cpe:2.3:h:intel:core_2_duo:p7450:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>p7550
cpe:2.3:h:intel:core_2_duo:p7550:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>p7570
cpe:2.3:h:intel:core_2_duo:p7570:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>p8400
cpe:2.3:h:intel:core_2_duo:p8400:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>p8600
cpe:2.3:h:intel:core_2_duo:p8600:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>p8700
cpe:2.3:h:intel:core_2_duo:p8700:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>p8800
cpe:2.3:h:intel:core_2_duo:p8800:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>p9500
cpe:2.3:h:intel:core_2_duo:p9500:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>p9600
cpe:2.3:h:intel:core_2_duo:p9600:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>p9700
cpe:2.3:h:intel:core_2_duo:p9700:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>sl9300
cpe:2.3:h:intel:core_2_duo:sl9300:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>sl9380
cpe:2.3:h:intel:core_2_duo:sl9380:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>sl9400
cpe:2.3:h:intel:core_2_duo:sl9400:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>sl9600
cpe:2.3:h:intel:core_2_duo:sl9600:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>sp9300
cpe:2.3:h:intel:core_2_duo:sp9300:*:*:*:*:*:*:*
Intel Corporation
intel
>>core_2_duo>>sp9400
cpe:2.3:h:intel:core_2_duo:sp9400:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securitytracker.com/id/1041362secure@intel.com
Third Party Advisory
VDB Entry
https://security.netapp.com/advisory/ntap-20190327-0001/secure@intel.com
Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03868en_ussecure@intel.com
Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00112.htmlsecure@intel.com
Vendor Advisory
Hyperlink: http://www.securitytracker.com/id/1041362
Source: secure@intel.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://security.netapp.com/advisory/ntap-20190327-0001/
Source: secure@intel.com
Resource:
Third Party Advisory
Hyperlink: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03868en_us
Source: secure@intel.com
Resource:
Third Party Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00112.html
Source: secure@intel.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

161Records found
CVE-2022-23182
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.29% / 52.01%
||
7 Day CHG+0.06%
Published-18 Aug, 2022 | 19:52
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel(R) Data Center Manager software before version 4.1 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managerIntel(R) Data Center Manager software
CVE-2021-0163
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.22% / 44.66%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Validation of Consistency within input in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset_ac_3165amt_wi-fi_6_ax201proset_ac_9462amt_ac_9560_firmwareproset_ac_8265killer_wi-fi_6_ax1650amt_wi-fi_6_ax201_firmwareproset_ac_3165_firmwareamt_ac_8265_firmwareproset_ac_8260proset_ac_9461_firmwareproset_wi-fi_6_ax201_firmwareproset_wi-fi_6e_ax210proset_wireless_7265_\(rev_d\)_firmwareamt_wi-fi_6_ax210_firmwareproset_wi-fi_6_ax200_firmwarekiller_wi-fi_6_ax1650_firmwareproset_wi-fi_6_ax200proset_ac_9461proset_ac_8260_firmwareamt_wi-fi_6_ax200amt_wi-fi_6_ax210amt_ac_8260_firmwareamt_ac_8260killer_ac_1550_firmwareamt_ac_9260_firmwareproset_ac_8265_firmwareproset_wireless_7265_\(rev_d\)proset_ac_9462_firmwareproset_wi-fi_6_ax201killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwareproset_ac_9260killer_wi-fi_6e_ax1675proset_ac_9560amt_wi-fi_6_ax200_firmwareamt_ac_9260proset_ac_9260_firmwareamt_ac_8265amt_ac_9560proset_ac_9560_firmwarekiller_ac_1550proset_ac_3168proset_ac_3168_firmwareIntel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0071
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.22% / 44.66%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:29
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) PROSet/Wireless WiFi in UEFI may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ac_8265ac_9462ac_3165_firmwareac_9560_firmwareac_8265_firmwareax200ac_3165ac_9461ac_8260ac_9260ac_9461_firmware9260_firmwareac_3168ac_9462_firmwareac_9560ax200_firmware7265_firmwareac_3168_firmwareax201ax210_firmwareax201_firmwareac_9260_firmwareac_8260_firmwareax2107265Intel(R) PROSet/Wireless WiFi in UEFI
CWE ID-CWE-20
Improper Input Validation
CVE-2021-33115
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.51% / 65.46%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) PROSet/Wireless WiFi in UEFI may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-uefi_wifi_driverac_9461ac_7265ac_3168ac_9560ac_8260ac_8265ac_9260ax201ax210ax200ac_3165ac_9462Intel(R) PROSet/Wireless WiFi in UEFI
CWE ID-CWE-20
Improper Input Validation
CVE-2021-26675
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.22% / 44.56%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 15:47
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code.

Action-Not Available
Vendor-n/aIntel CorporationopenSUSEDebian GNU/Linux
Product-connmandebian_linuxleapn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-12313
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.33% / 55.57%
||
7 Day CHG~0.00%
Published-13 Nov, 2020 | 20:00
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient control flow management in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wireless-ac_9461wireless-ac_9560wi-fi_6_ax201dual_band_wireless-ac_3165dual_band_wireless-ac_8260wireless-ac_9260dual_band_wireless-ac_3168wireless_7265_\(rev_d\)wi-fi_6_ax200wireless-ac_9462dual_band_wireless-ac_8265proset\/wireless_wifiIntel(R) PROSet/Wireless WiFi
CVE-2020-12321
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.29% / 51.48%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:12
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wireless-ac_9560wi-fi_6_ax201_firmwarewireless-ac_9461_firmwaredual_band_wireless-ac_8260_firmwaredual_band_wireless-ac_8265_firmwarewireless-ac_9260_firmwarewireless-ac_9462_firmwarewireless-ac_9560_firmwarewi-fi_6_ax200dual_band_wireless-ac_8265wireless-ac_9462wireless-ac_9461dual_band_wireless-ac_3168_firmwarewi-fi_6_ax200_firmwarewi-fi_6_ax201dual_band_wireless-ac_3165wireless_7265_\(rev_d\)_firmwaredual_band_wireless-ac_8260wireless_7265_\(rev_d\)dual_band_wireless-ac_3168wireless-ac_9260dual_band_wireless-ac_3165_firmwareIntel(R) Wireless Bluetooth(R)
CVE-2019-11088
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.22% / 45.02%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0101
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.14% / 34.63%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:00
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the BMC firmware for Intel(R) Server BoardM10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable an escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-efi_bios_7215server_board_m10jnp2sbIntel(R) Server BoardM10JNP2SB
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8706
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.27% / 50.12%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:55
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in a daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8708
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.35% / 56.43%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:23
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-287
Improper Authentication
CVE-2020-8732
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.27% / 50.27%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:52
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-8749
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.54% / 66.48%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:09
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-cloud_backupactive_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-0578
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.28% / 50.78%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 16:58
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper conditions check for Intel(R) Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_mfs2600ki_firmwarecompute_module_mfs2600kiIntel(R) Modular Server Compute Module
CVE-2020-8713
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.35% / 56.62%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:53
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-287
Improper Authentication
CVE-2020-0577
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.29% / 51.89%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 16:58
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient control flow for Intel(R) Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_mfs2600ki_firmwarecompute_module_mfs2600kiIntel(R) Modular Server Compute Module
CVE-2023-32641
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.09% / 26.88%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11152
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.18% / 40.37%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:55
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable escalation of privilege, denial of service, and information disclosure via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wireless-ac_9560wireless-n_7265wi-fi_6_ax201_firmwarewireless-ac_9461_firmwaredual_band_wireless-ac_8260_firmwaredual_band_wireless-ac_8265_firmwarewireless-ac_9260_firmwaredual_band_wireless-ac_7265wireless-ac_9462_firmwarewireless-ac_9560_firmwaredual_band_wireless-ac_7265_firmwarewi-fi_6_ax200wireless-ac_9462dual_band_wireless-n_7265wireless-ac_9461dual_band_wireless-ac_3168_firmwarewi-fi_6_ax200_firmwarewi-fi_6_ax201dual_band_wireless-ac_3165dual_band_wireless-ac_8260wireless-ac_9260dual_band_wireless-ac_3168dual_band_wireless-ac_3165_firmwaredual_band_wireless-n_7265_firmwaredual_band_wireless-ac_8265wireless-n_7265_firmwareIntel(R) WIFI Drivers and Intel(R) PROSet/Wireless WiFi Software extension DLL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-0140
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.37% / 57.95%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:20
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an unauthenticated user to potentially enable an escalation of privilege via an adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_x710-at2_firmwareethernet_controller_x710-tm4_firmwareethernet_controller_x710-bm2_firmwareethernet_controller_710-bm1ethernet_controller_xxv710-am2ethernet_controller_xxv710-am1_firmwareethernet_controller_xxv710-am1ethernet_controller_x710-bm2ethernet_controller_xxv710-am2_firmwareethernet_700_series_softwareethernet_controller_x710-at2ethernet_controller_710-bm1_firmwareethernet_controller_x710-tm42019.2 IPU – Intel(R) Ethernet 700 Series Controllers
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-0169
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.28% / 51.00%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:07
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) TXE
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-3679
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-9.6||CRITICAL
EPSS-0.38% / 58.36%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-17 Sep, 2024 | 02:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Escalation of privilege in Reference UI in Intel Data Center Manager SDK 5.0 and before may allow an unauthorized remote unauthenticated user to potentially execute code via administrator privileges.

Action-Not Available
Vendor-Intel Corporation
Product-data_center_managerIntel(R) Data Center Manager SDK
CVE-2022-21139
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.24% / 47.62%
||
7 Day CHG+0.08%
Published-18 Aug, 2022 | 19:41
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wi-fi_6e_ax411_firmwarewireless-ac_9461wireless-ac_9560_firmwarewireless-ac_9260_firmwarewireless-ac_9260wi-fi_6e_ax211_firmwarewi-fi_6_ax200_firmwarewi-fi_6_ax201_firmwarewi-fi_6e_ax411proset_wi-fi_6e_ax210proset_wi-fi_6e_ax210_firmwarewireless-ac_9462wireless-ac_9462_firmwarewi-fi_6_ax200wi-fi_6_ax201wireless-ac_9461_firmwarewireless-ac_9560wi-fi_6e_ax211Intel(R) PROSet/Wireless WiFi products
CWE ID-CWE-326
Inadequate Encryption Strength
CVE-2022-33942
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.15% / 36.71%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Protection mechanism failure in the Intel(R) DCM software before version 5.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managerIntel(R) DCM software
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2021-0070
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.11% / 30.57%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:00
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable an escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-efi_bios_7215server_board_m10jnp2sbIntel(R) Server Board M10JNP2SB
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0162
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.22% / 44.66%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset_ac_3165amt_wi-fi_6_ax201proset_ac_9462amt_ac_9560_firmwareproset_ac_8265killer_wi-fi_6_ax1650amt_wi-fi_6_ax201_firmwareproset_ac_3165_firmwareamt_ac_8265_firmwareproset_ac_8260proset_ac_9461_firmwareproset_wi-fi_6_ax201_firmwareproset_wi-fi_6e_ax210proset_wireless_7265_\(rev_d\)_firmwareamt_wi-fi_6_ax210_firmwareproset_wi-fi_6_ax200_firmwarekiller_wi-fi_6_ax1650_firmwareproset_wi-fi_6_ax200proset_ac_9461proset_ac_8260_firmwareamt_wi-fi_6_ax200amt_wi-fi_6_ax210amt_ac_8260_firmwareamt_ac_8260killer_ac_1550_firmwareamt_ac_9260_firmwareproset_ac_8265_firmwareproset_wireless_7265_\(rev_d\)proset_ac_9462_firmwareproset_wi-fi_6_ax201killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwareproset_ac_9260killer_wi-fi_6e_ax1675proset_ac_9560amt_wi-fi_6_ax200_firmwareamt_ac_9260proset_ac_9260_firmwareamt_ac_8265amt_ac_9560proset_ac_9560_firmwarekiller_ac_1550proset_ac_3168proset_ac_3168_firmwareIntel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11
CWE ID-CWE-20
Improper Input Validation
CVE-2020-8709
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.35% / 56.43%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:52
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication in socket services for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-287
Improper Authentication
CVE-2020-8707
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.27% / 50.12%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:27
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-28410
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.06% / 17.89%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-18 Mar, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-i915_graphicsIntel(R) i915 Graphics drivers for linux
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-12210
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.12% / 32.03%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-17 Sep, 2024 | 03:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple pointer dereferences in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause a denial of service via local access.

Action-Not Available
Vendor-Microsoft CorporationIntel Corporation
Product-graphics_driverwindowsIntel(R) Graphics Driver for Windows
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-27506
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 18.20%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-02 Oct, 2024 | 13:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in the Intel(R) Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-optimization_for_tensorflowIntel(R) Optimization for Tensorflow software
CWE ID-CWE-92
DEPRECATED: Improper Sanitization of Custom Special Characters
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-12159
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.88%
||
7 Day CHG~0.00%
Published-18 Feb, 2019 | 17:00
Updated-16 Sep, 2024 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the command-line interface for Intel(R) PROSet Wireless v20.50 and before may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset\/wirelessn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-25545
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.09% / 26.19%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_system_d50tnp1mhcpacserver_system_d50tnp2mhsvac_firmwareserver_system_m50cyp2ur312_firmwareserver_system_d50tnp2mhsvacserver_system_d50tnp1mhcrac_firmwareserver_system_d50tnp2mhstacserver_system_m50cyp2ur208server_system_d50tnp2mfalacserver_system_d50tnp1mhcrlc_firmwareserver_system_m50cyp1ur212_firmwareserver_system_m50cyp2ur208_firmwareserver_system_m50cyp2ur312server_system_m50cyp1ur204_firmwareserver_system_d50tnp1mhcracserver_system_d50tnp1mhcrlcserver_system_d50tnp2mhstac_firmwareserver_system_m50cyp1ur204server_system_d50tnp1mhcpac_firmwareserver_system_d50tnp2mfalac_firmwareserver_system_m50cyp1ur212Intel(R) Server Board BMC firmware
CWE ID-CWE-92
DEPRECATED: Improper Sanitization of Custom Special Characters
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-22297
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.08% / 23.85%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Access of memory location after end of buffer in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_system_d50tnp1mhcpacserver_system_d50tnp2mhsvac_firmwareserver_system_m50cyp2ur312_firmwareserver_system_d50tnp2mhsvacserver_system_d50tnp1mhcrac_firmwareserver_system_d50tnp2mhstacserver_system_d50tnp2mfalacserver_system_m50cyp2ur208server_system_d50tnp1mhcrlc_firmwareserver_system_m50cyp1ur212_firmwareserver_system_m50cyp2ur208_firmwareserver_system_m50cyp2ur312server_system_m50cyp1ur204_firmwareserver_system_d50tnp1mhcracserver_system_d50tnp1mhcrlcserver_system_d50tnp2mhstac_firmwareserver_system_m50cyp1ur204server_system_d50tnp1mhcpac_firmwareserver_system_d50tnp2mfalac_firmwareserver_system_m50cyp1ur212Intel(R) Server Board BMC firmware
CWE ID-CWE-788
Access of Memory Location After End of Buffer
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-22313
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-2.3||LOW
EPSS-0.04% / 11.01%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:05
Updated-02 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in some Intel(R) QAT Library software before version 22.07.1 may allow a privileged user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technology_libraryqat_driverquickassist_technology_driverquickassist_technology_driver_firmwareqat_driver_firmwareIntel(R) QAT Library software
CWE ID-CWE-92
DEPRECATED: Improper Sanitization of Custom Special Characters
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-21237
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 16.01%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:35
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_11_pro_kit_nuc11tnhi30l_firmwarenuc11dbbi7_firmwarenuc_9_pro_compute_element_nuc9vxqnb_firmwarenuc_11_pro_kit_nuc11tnki7nuc11pa_firmwarenuc8i3cysnnuc_9_pro_kit_nuc9vxqnx_firmwarenuc_11_compute_element_cm11ebi58w_firmwarenuc_11_pro_board_nuc11tnbi50znuc_11_pro_kit_nuc11tnki30z_firmwarenuc_8_compute_element_cm8pcbnuc_8_compute_element_cm8pcb_firmwarelapkc71fnuc_11_pro_board_nuc11tnbi70z_firmwarenuc_11_pro_board_nuc11tnbi7nuc_11_compute_element_cm11ebc4w_firmwarenuc_11_pro_kit_nuc11tnki50znuc_11_pro_kit_nuc11tnki5nuc_kit_nuc8i5benuc8i3cysmlapbc710nuc_11_pro_kit_nuc11tnhi50znuc_8_compute_element_cm8i3cbnuc8i3cysn_firmwarenuc_kit_nuc8i5be_firmwarenuc11pahnuc_11_pro_board_nuc11tnbi30z_firmwarenuc_9_pro_kit_nuc9v7qnx_firmwarenuc_8_compute_element_cm8ccbnuc11dbbi9_firmwarenuc_11_pro_board_nuc11tnbi5nuc_9_pro_compute_element_nuc9v7qnblapbc710_firmwarelapkc51enuc_11_pro_kit_nuc11tnki3nuc_11_pro_kit_nuc11tnki70znuc_8_compute_element_cm8i7cblapkc71f_firmwarenuc_11_enthusiast_kit_nuc11phki7cnuc11panuc_11_pro_kit_nuc11tnhi70lnuc_11_pro_kit_nuc11tnhi50lnuc_8_compute_element_cm8i7cb_firmwarenuc9i9qnnuc_11_pro_board_nuc11tnbi70znuc_11_pro_kit_nuc11tnhi30znuc_11_pro_kit_nuc11tnhi50w_firmwarelapbc510_firmwarenuc_11_compute_element_cm11ebi716wnuc_11_pro_kit_nuc11tnki30znuc_kit_nuc8i3b_firmwarenuc11btmi9nuc11btmi7nuc9i7qnnuc9i7qn_firmwarenuc_8_compute_element_cm8i5cb_firmwarenuc_11_compute_element_cm11ebi38w_firmwarenuc_11_pro_kit_nuc11tnhi70l_firmwarenuc_11_pro_kit_nuc11tnhi70qnuc_11_pro_kit_nuc11tnhi70znuc9i5qn_firmwarenuc_kit_nuc8i7be_firmwarenuc_11_pro_kit_nuc11tnhi30lnuc8i3cysm_firmwarelapkc71e_firmwarenuc_11_pro_kit_nuc11tnhi30z_firmwarenuc_11_pro_board_nuc11tnbi5_firmwarenuc_11_pro_kit_nuc11tnki50z_firmwarenuc11paq_firmwarenuc_11_pro_board_nuc11tnbi3_firmwarenuc_11_pro_kit_nuc11tnhi5_firmwarenuc_11_pro_kit_nuc11tnhi7_firmwarenuc_kit_nuc8i3bnuc_11_pro_kit_nuc11tnhi50l_firmwarenuc_11_enthusiast_mini_pc_nuc11phki7caanuc11btmi9_firmwarenuc_9_pro_kit_nuc9vxqnxnuc_11_pro_board_nuc11tnbi30znuc_11_pro_kit_nuc11tnhi3nuc_11_enthusiast_kit_nuc11phki7c_firmwarenuc_11_pro_board_nuc11tnbi3nuc_11_pro_kit_nuc11tnhi7nuc_11_pro_board_nuc11tnbi7_firmwarenuc_11_pro_kit_nuc11tnki5_firmwarelapbc510nuc_11_pro_kit_nuc11tnki3_firmwarenuc_8_compute_element_cm8i5cbnuc_11_pro_kit_nuc11tnhi70q_firmwarenuc11pah_firmwarenuc_8_compute_element_cm8i3cb_firmwarelapkc51e_firmwarenuc_11_compute_element_cm11ebi716w_firmwarenuc11paqnuc_9_pro_compute_element_nuc9v7qnb_firmwarenuc_11_pro_kit_nuc11tnki70z_firmwarenuc_9_pro_kit_nuc9v7qnxnuc_11_compute_element_cm11ebi58wnuc_11_pro_kit_nuc11tnhi5nuc_11_pro_kit_nuc11tnhi3_firmwarenuc_11_pro_board_nuc11tnbi50z_firmwarenuc_11_compute_element_cm11ebc4wnuc11dbbi9nuc11btmi7_firmwarenuc_11_pro_kit_nuc11tnhi50wnuc_kit_nuc8i7benuc_11_pro_kit_nuc11tnki7_firmwarenuc_11_pro_kit_nuc11tnhi30p_firmwarenuc_11_pro_kit_nuc11tnhi30pnuc_11_pro_kit_nuc11tnhi70z_firmwarenuc_8_compute_element_cm8ccb_firmwarenuc_11_enthusiast_mini_pc_nuc11phki7caa_firmwarenuc9i5qnnuc11dbbi7nuc9i9qn_firmwarenuc_11_pro_kit_nuc11tnhi50z_firmwarenuc_9_pro_compute_element_nuc9vxqnblapkc71enuc_11_compute_element_cm11ebi38wIntel(R) NUCs
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-12865
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.76% / 87.57%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable.

Action-Not Available
Vendor-n/aDebian GNU/LinuxIntel Corporation
Product-debian_linuxconnmann/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-41808
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-3.3||LOW
EPSS-0.06% / 17.58%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restriction in software for the Intel QAT Driver for Linux before version 1.7.l.4.12 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel QAT Driver for Linux
CWE ID-CWE-92
DEPRECATED: Improper Sanitization of Custom Special Characters
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-8104
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.55%
||
7 Day CHG~0.00%
Published-08 Dec, 2016 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Intel PROSet/Wireless Software and Drivers in versions before 19.20.3 allows a local user to crash iframewrk.exe causing a potential denial of service.

Action-Not Available
Vendor-Intel Corporation
Product-proset\/wireless_software_and_driversIntel PROSet/Wireless Software and Drivers
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-23980
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.08% / 24.73%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:46
Updated-20 Aug, 2024 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in PlatformPfrDxe driver in UEFI firmware for some Intel(R) Server D50FCP Family products may allow a privileged user to enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-UEFI firmware for some Intel(R) Server D50FCP Family productsserver_system_d50tnp2mhsvac_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-41342
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6||MEDIUM
EPSS-0.05% / 16.30%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 18:58
Updated-27 Jan, 2025 | 18:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in the Intel(R) C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-c\+\+_compilerIntel(R) C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-3635
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-4.27% / 88.38%
||
7 Day CHG~0.00%
Published-10 Sep, 2008 | 16:00
Updated-07 Aug, 2024 | 09:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an unspecified third-party Indeo v3.2 (aka IV32) codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationIntel Corporation
Product-windows_vistawindows-ntwindows_xpquicktimeindeon/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-36372
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.04% / 11.68%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-09 Oct, 2024 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_enthusiast_nuc8i7hvkva_firmwarenuc_business_nuc8i7hnkqc_firmwarenuc_8_compute_element_cm8ccb4rnuc_kit_nuc8i7hnkqcnuc_pro_kit_nuc8i3pnh_firmwarenuc_business_nuc8i7hnkqcnuc_pro_compute_element_nuc9v7qnb_firmwarenuc_pro_compute_element_nuc9v7qnx_firmwarenuc_8_compute_element_cm8i3cb4nnuc_rugged_kit_nuc8cchbnnuc_8_compute_element_cm8i7cb8nnuc_kit_nuc8i7hnknuc_rugged_kit_nuc8cchkrnuc_business_nuc8i7hvkva_firmwarenuc_enthusiast_nuc8i7hvkvanuc_8_compute_element_cm8i5cb8nnuc_pro_board_nuc8i3pnh_firmwarenuc_kit_nuc8i7hvknuc_pro_compute_element_nuc9v7qnbnuc_pro_compute_element_nuc9vxqnb_firmwarenuc_business_nuc8i7hvkvanuc_kit_nuc8i7hnk_firmwarenuc_pro_kit_nuc8i3pnknuc_enthusiast_nuc8i7hnknuc_pro_compute_element_nuc9vxqnxnuc_pro_board_nuc8i3pnk_firmwarenuc_business_nuc8i7hvkvawnuc_business_nuc8i7hnknuc_kit_nuc8i7hvkvawnuc_8_compute_element_cm8pcb4r_firmwarenuc_pro_board_nuc8i3pnb_firmwarenuc_pro_board_nuc8i3pnhnuc_8_compute_element_cm8ccb4r_firmwarenuc_enthusiast_nuc8i7hnkqcnuc_business_nuc8i7hnk_firmwarenuc_rugged_kit_nuc8cchbn_firmwarenuc_kit_nuc8i7hvk_firmwarenuc_8_compute_element_cm8pcb4rnuc_pro_kit_nuc8i3pnbnuc_enthusiast_nuc8i7hvkvaw_firmwarenuc_rugged_kit_nuc8cchbnuc_enthusiast_nuc8i7hvknuc_kit_nuc8i7hvkva_firmwarenuc_pro_kit_nuc8i3pnb_firmwarenuc_8_compute_element_cm8i3cb4n_firmwarenuc_rugged_kit_nuc8cchkr_firmwarenuc_kit_nuc8i7hvkvanuc_pro_kit_nuc8i3pnk_firmwarenuc_enthusiast_nuc8i7hvk_firmwarenuc_business_nuc8i7hvk_firmwarenuc_kit_nuc8i7hnkqc_firmwarenuc_8_compute_element_cm8i7cb8n_firmwarenuc_8_compute_element_cm8i5cb8n_firmwarenuc_kit_nuc8i7hvkvaw_firmwarenuc_rugged_kit_nuc8cchb_firmwarenuc_enthusiast_nuc8i7hnk_firmwarenuc_pro_compute_element_nuc9vxqnx_firmwarenuc_pro_board_nuc8i3pnknuc_pro_kit_nuc8i3pnhnuc_pro_board_nuc8i3pnbnuc_pro_compute_element_nuc9v7qnxnuc_pro_compute_element_nuc9vxqnbnuc_rugged_kit_nuc8cchkrn_firmwarenuc_rugged_kit_nuc8cchkrnnuc_enthusiast_nuc8i7hvkvawnuc_business_nuc8i7hvkvaw_firmwarenuc_enthusiast_nuc8i7hnkqc_firmwarenuc_business_nuc8i7hvkIntel(R) NUC BIOS firmwarebios
CWE ID-CWE-92
DEPRECATED: Improper Sanitization of Custom Special Characters
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-34841
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.08% / 24.09%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-media_software_development_kitIntel(R) Media SDK software
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-29510
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.08% / 25.55%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:05
Updated-03 Aug, 2024 | 06:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in some Intel(R) Server Board M10JNP2SB BIOS firmware before version 7.219 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bps24compute_module_hns2600bpblc24rserver_board_s2600bpsserver_board_s2600bpqrcompute_module_hns2600bps_firmwarecompute_module_hns2600bpcompute_module_hns2600bpq24_firmwarecompute_module_hns2600bpb24rcompute_module_hns2600bpq_firmwarecompute_module_hns2600bpblc24_firmwareserver_board_s2600bpqr_firmwareserver_system_vrn2224bphy6compute_module_hns2600bpq24r_firmwarecompute_module_hns2600bps24rcompute_module_hns2600bpbserver_board_s2600bpb_firmwarecompute_module_hns2600bpsrserver_system_m70klp4s2uhhserver_system_vrn2224bphy6_firmwarecompute_module_hns2600bpblc_firmwarecompute_module_hns2600bpbrctcompute_module_hns2600bpblcrcompute_module_hns2600bpbr_firmwareserver_system_m20ntp1ur304server_system_vrn2224bpaf6compute_module_hns2600bpqrcompute_module_hns2600bpbrserver_system_vrn2224bpaf6_firmwarecompute_module_hns2600bpb_firmwarecompute_module_hns2600bpr_firmwareserver_board_m20ntp2sbserver_board_m10jnp2sb_firmwareserver_board_s2600bpbrserver_system_m70klp4s2uhh_firmwarecompute_module_hns2600bps24_firmwareserver_board_m70klp2sbcompute_module_hns2600bps24r_firmwareserver_system_zsb2224bpaf2compute_module_hns2600bprcompute_module_hns2600bp_firmwarecompute_module_hns2600bpsr_firmwarecompute_module_hns2600bpb24_firmwareserver_system_mcb2208wfaf5_firmwareserver_board_s2600bpbr_firmwarecompute_module_hns2600bpqcompute_module_hns2600bpblcr_firmwarecompute_module_hns2600bpblc24server_board_s2600bpbserver_system_zsb2224bphy1_firmwareserver_system_m20ntp1ur304_firmwarecompute_module_hns2600bpblc24r_firmwareserver_board_m70klp2sb_firmwareserver_board_s2600bpqserver_board_m10jnp2sbserver_system_zsb2224bpaf1server_board_s2600bpq_firmwarecompute_module_hns2600bpblcserver_system_zsb2224bpaf1_firmwareserver_board_s2600bpsrcompute_module_hns2600bpqr_firmwareserver_board_s2600bps_firmwarecompute_module_hns2600bpb24r_firmwarecompute_module_hns2600bpsserver_board_s2600bpsr_firmwarecompute_module_hns2600bpb24server_system_zsb2224bphy1compute_module_hns2600bpbrct_firmwareserver_system_zsb2224bpaf2_firmwarecompute_module_hns2600bpq24rcompute_module_hns2600bpq24server_board_m20ntp2sb_firmwareserver_system_mcb2208wfaf5Intel(R) Server Board M10JNP2SB BIOS firmware
CWE ID-CWE-92
DEPRECATED: Improper Sanitization of Custom Special Characters
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-29486
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.29% / 51.71%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in the Hyperscan library maintained by Intel(R) all versions downloaded before 04/29/2022 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hyperscanHyperscan library maintained by Intel(R)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-33847
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.54%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:43
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wi-fi_6_ax210wireless-ac_9461wireless-ac_9560_firmwarewireless-ac_9260_firmwaredual_band_wireless-ac_3168killer_wi-fi_6_ax1650dual_band_wireless-ac_3165_firmwarewi-fi_6_ax211wi-fi_6_ax200_firmwarewi-fi_6_ax210_firmwarewi-fi_6_ax201_firmwarewi-fi_6_ax411_firmwaredual_band_wireless-ac_8265killer_wi-fi_6_ax1650_firmwarewireless-ac_9462wi-fi_6_ax411dual_band_wireless-ac_3165wireless-ac_9462_firmwarewi-fi_6_ax211_firmwarewi-fi_6_ax200dual_band_wireless-ac_3168_firmwarekiller_wi-fi_6e_ax1690_firmwarewireless-ac_9260killer_wireless-ac_1550dual_band_wireless-ac_8260_firmwarekiller_wi-fi_6e_ax1675_firmwarewireless_7265killer_wi-fi_6e_ax1675killer_wireless-ac_1550_firmwarekiller_wi-fi_6e_ax1690dual_band_wireless-ac_8260wireless_7265_firmwaredual_band_wireless-ac_8265_firmwarewi-fi_6_ax201wireless-ac_9461_firmwarewireless-ac_9560Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-48368
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.01% / 1.92%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-27 Aug, 2025 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in Intel(R) Media SDK software all versions may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-media_sdkIntel(R) Media SDK softwaremedia_sdk
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2021-26257
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 16.54%
||
7 Day CHG-0.14%
Published-18 Aug, 2022 | 19:44
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wi-fi_6_ax210wireless-ac_9461wireless-ac_9560_firmwarewireless-ac_9260_firmwaredual_band_wireless-ac_3168killer_wi-fi_6_ax1650dual_band_wireless-ac_3165_firmwarewi-fi_6_ax211wi-fi_6_ax200_firmwarewi-fi_6_ax210_firmwarewi-fi_6_ax201_firmwarewi-fi_6_ax411_firmwaredual_band_wireless-ac_8265killer_wi-fi_6_ax1650_firmwarewireless-ac_9462wi-fi_6_ax411dual_band_wireless-ac_3165wireless-ac_9462_firmwarewi-fi_6_ax211_firmwarewi-fi_6_ax200dual_band_wireless-ac_3168_firmwarekiller_wi-fi_6e_ax1690_firmwarewireless-ac_9260killer_wireless-ac_1550dual_band_wireless-ac_8260_firmwarekiller_wi-fi_6e_ax1675_firmwarewireless_7265killer_wi-fi_6e_ax1675killer_wireless-ac_1550_firmwarekiller_wi-fi_6e_ax1690dual_band_wireless-ac_8260wireless_7265_firmwaredual_band_wireless-ac_8265_firmwarewi-fi_6_ax201wireless-ac_9461_firmwarewireless-ac_9560Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-12373
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.46%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:54
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hns2600bpb24rr1304wftysrr2208wf0zsrr1208wftysr2208wftzsrr1304wf0ysr2312wf0nprhns2600bpbr1304wftyshns2600bpqr2224wfqzsr1000wfhns2600bpblc24rs2600bpqrhns2600bpbrs2600stqhns2600bpblcr2308wftzshns2600bpsrr1208wftysrr2208wf0zsr2208wftzsr2312wf0npr1208wfqysrr2224wftzsrr2208wfqzsrs2600stbr2224wftzsr2312wftzsrr2308wftzsrs2600wf0bmc_firmwarehns2600bps24rhns2600bpqrs2600wfqr2208wfqzshns2600bpshns2600bpq24rhns2600bpb24hns2600bps24r1304wf0ysrhns2600bpq24s2600wfts2600bpbrhns2600bpblc24s2600bpsrr2312wfqzsr2312wftzsIntel(R) Graphics Drivers
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-12365
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.17%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 14:03
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Untrusted pointer dereference in some Intel(R) Graphics Drivers before versions 15.33.51.5146, 15.45.32.5145, 15.36.39.5144 and 15.40.46.5143 may allow an authenticated user to potentially denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) Graphics Drivers
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found