Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-11111

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-14 Nov, 2019 | 19:04
Updated At-04 Aug, 2024 | 22:48
Rejected At-
Credits

Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:14 Nov, 2019 | 19:04
Updated At:04 Aug, 2024 | 22:48
Rejected At:
▼CVE Numbering Authority (CNA)

Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Products
Vendor
n/a
Product
2019.2 IPU – Intel(R) Graphics Driver for Windows* and Linux
Versions
Affected
  • See provided reference
Problem Types
TypeCWE IDDescription
textN/AEscalation of Privilege
Type: text
CWE ID: N/A
Description: Escalation of Privilege
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html
x_refsource_MISC
https://security.netapp.com/advisory/ntap-20200320-0005/
x_refsource_CONFIRM
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html
Resource:
x_refsource_MISC
Hyperlink: https://security.netapp.com/advisory/ntap-20200320-0005/
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html
x_refsource_MISC
x_transferred
https://security.netapp.com/advisory/ntap-20200320-0005/
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://security.netapp.com/advisory/ntap-20200320-0005/
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:14 Nov, 2019 | 20:15
Updated At:10 Nov, 2022 | 03:41

Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Intel Corporation
intel
>>graphics_driver>>Versions before 15.36.37.5074(exclusive)
cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:windows:*:*
NetApp, Inc.
netapp
>>cloud_backup>>-
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>data_availability_services>>-
cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>steelstore_cloud_integrated_storage>>-
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>solidfire_baseboard_management_controller_firmware>>-
cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>solidfire_baseboard_management_controller>>-
cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-476Primarynvd@nist.gov
CWE ID: CWE-476
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://security.netapp.com/advisory/ntap-20200320-0005/secure@intel.com
Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.htmlsecure@intel.com
Vendor Advisory
Hyperlink: https://security.netapp.com/advisory/ntap-20200320-0005/
Source: secure@intel.com
Resource:
Third Party Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html
Source: secure@intel.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

935Records found
CVE-2023-2598
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.64% / 69.66%
||
7 Day CHG~0.00%
Published-01 Jun, 2023 | 00:00
Updated-23 Apr, 2025 | 16:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.
Product-linux_kernelhci_baseboard_management_controllerKernel
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-25944
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.07%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-10 Oct, 2024 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in some Intel(R) VCUST Tool software downloaded before February 3nd 2023 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-vcust_toolIntel(R) VCUST Tool software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-25773
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.06% / 18.58%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-10 Oct, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel(R) Unite(R) Hub software installer for Windows before version 4.2.34962 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-uniteIntel(R) Unite(R) Hub software installer for Windows
CWE ID-CWE-284
Improper Access Control
CVE-2024-38668
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 6.21%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 21:11
Updated-04 Feb, 2025 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) Quartus(R) Prime Standard Edition software for Windows before version 23.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationMicrosoft Corporation
Product-quartus_primewindowsIntel(R) Quartus(R) Prime Standard Edition software for Windowsquartus_prime_standard_edition_design_software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-24592
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.15% / 35.88%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:05
Updated-02 Aug, 2024 | 11:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023.1 may allow authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_base_toolkitmpi_libraryoneapi_hpc_toolkitinspectoradvisorIntel(R) oneAPI Toolkits and Component software
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-25174
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.51%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:37
Updated-12 May, 2025 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) Chipset Driver Software before version 10.1.19444.8378 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-chipset_device_softwareIntel(R) Chipset Driver Software
CWE ID-CWE-284
Improper Access Control
CVE-2023-24460
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.12% / 31.19%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzersIntel(R) GPA software installersgraphics_performance_analyzer
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-24591
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 29.82%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-24 Apr, 2025 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) Binary Configuration Tool software before version 3.4.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-binary_configuration_toolIntel(R) Binary Configuration Tool software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-25075
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 35.35%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-02 Aug, 2024 | 11:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted search path in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_configuration_utilityIntel Server Configuration Utility software
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-25182
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.2||MEDIUM
EPSS-0.05% / 14.20%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-02 Oct, 2024 | 14:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) Unite(R) Client software for Mac before version 4.2.11 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-uniteIntel(R) Unite(R) Client software for Mac
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-23580
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.8||MEDIUM
EPSS-0.08% / 24.47%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trace_analyzer_and_collectoroneapi_hpc_toolkitIntel(R) Trace Analyzer and Collector software
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-23569
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.56%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trace_analyzer_and_collectoroneapi_hpc_toolkitIntel(R) Trace Analyzer and Collector software
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-23910
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-3.9||LOW
EPSS-0.05% / 16.24%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trace_analyzer_and_collectoroneapi_hpc_toolkitIntel(R) Trace Analyzer and Collector software
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-23583
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.04% / 8.73%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-13 Feb, 2025 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access.

Action-Not Available
Vendor-n/aIntel CorporationDebian GNU/LinuxNetApp, Inc.
Product-core_i5-1145gre_firmwarexeon_d-2796tecore_i7-11850he_firmwarexeon_d-1627_firmwarecore_i7-11370h_firmwarexeon_d-2738core_i7-11700fxeon_platinum_8362core_i7-1160g7core_i5-1035g7xeon_gold_6338core_i7-10850hxeon_d-2777nxxeon_d-1527xeon_gold_6338t_firmwarexeon_d-2766ntcore_i7-1185grecore_i3-1125g4_firmwarecore_i7-11375hcore_i7-11800h_firmwarecore_i7-10870h_firmwarexeon_silver_4309yxeon_platinum_8352yxeon_platinum_8380h_firmwarecore_i3-1110g4_firmwarexeon_platinum_8360hl_firmwarecore_i5-11600_firmwarexeon_d-1746ter_firmwarexeon_gold_6354_firmwarexeon_d-2163it_firmwarecore_i5-1140g7_firmwarecore_i3-1110g4core_i5-10210uxeon_gold_6326xeon_d-2776ntxeon_d-1527_firmwarexeon_d-1521_firmwarexeon_d-2798ntxeon_d-1733ntxeon_gold_5317_firmwarecore_i5-10200hxeon_d-1557_firmwarexeon_d-2775te_firmwarecore_i9-11900kf_firmwarexeon_d-2766nt_firmwarexeon_silver_4316core_i5-1035g4core_i5-10400hcore_i7-11700xeon_d-1518xeon_gold_5318y_firmwarecore_i7-10510u_firmwarexeon_d-1714core_i3-10100yxeon_d-2799_firmwarexeon_d-2745nx_firmwarexeon_d-2143itxeon_gold_6348_firmwarexeon_d-2163itcore_i7-11370hcore_i5-10310uxeon_gold_5318s_firmwarecore_i9-11900txeon_d-1734nt_firmwarexeon_d-2161i_firmwarexeon_d-2779_firmwarecore_i7-1195g7_firmwarecore_i5-11600tcore_i5-10310y_firmwarexeon_d-1567_firmwarecore_i7-11850hxeon_d-1567core_i9-11900xeon_d-2777nx_firmwarecore_i7-10510yxeon_platinum_8380hcore_i7-1185g7e_firmwarexeon_d-2173it_firmwarecore_i3-10110ucore_i7-11800hxeon_platinum_8376hxeon_d-1746terxeon_gold_6312u_firmwarexeon_gold_6330xeon_platinum_8362_firmwarecore_i5-10310u_firmwarexeon_silver_4310t_firmwarexeon_d-1531_firmwarexeon_gold_6314ucore_i7-10610u_firmwarexeon_d-2123it_firmwarecore_i5-1155g7core_i7-10710u_firmwarexeon_d-1715tercore_i9-11950hcore_i7-11850hecore_i5-11600core_i5-10300hxeon_d-1571xeon_d-1736_firmwarexeon_platinum_8353hcore_i9-10980hkxeon_gold_6348hcore_i3-1005g1_firmwarexeon_gold_6338_firmwarexeon_d-2173itcore_i7-11700txeon_d-2123itxeon_d-1731nte_firmwarecore_i7-10510ucore_i3-10100y_firmwarexeon_d-2177nt_firmwarexeon_d-1627xeon_d-1533n_firmwarecore_i5-11400h_firmwarexeon_d-2796ntxeon_silver_4309y_firmwarecore_i9-11900hxeon_gold_5320hxeon_platinum_8358p_firmwarecore_i5-11600k_firmwarexeon_gold_5320xeon_platinum_8360yxeon_d-2779xeon_gold_6330h_firmwarexeon_d-1602core_i5-11500h_firmwarecore_i3-11100hecore_i9-11900kxeon_d-1712trxeon_d-1539xeon_d-2796te_firmwarefas9500_firmwarexeon_gold_6338txeon_d-1713ntecore_i7-11700k_firmwarexeon_d-2752ter_firmwarexeon_gold_5318sxeon_d-2733nt_firmwarexeon_d-1649n_firmwarexeon_d-2146ntxeon_d-1577_firmwarecore_i5-11500t_firmwarexeon_platinum_8356h_firmwarecore_i7-1160g7_firmwarexeon_d-2145nt_firmwarecore_i7-11600h_firmwarexeon_d-1726_firmwarexeon_d-2187ntxeon_d-1732texeon_d-2712txeon_d-1537_firmwarecore_i7-10750h_firmwarexeon_d-1541_firmwarecore_i3-1115gre_firmwarexeon_platinum_8380hlxeon_gold_5318nxeon_d-2166nt_firmwarecore_i9-10885hxeon_d-2166ntcore_i5-11400txeon_d-2776nt_firmwarexeon_d-1732te_firmwarecore_i7-1180g7_firmwarexeon_platinum_8358pcore_i5-11300hcore_i9-11900kfxeon_d-2712t_firmwarecore_i5-1145g7core_i3-1125g4xeon_gold_6328h_firmwarexeon_d-1623n_firmwarecore_i7-10750hxeon_d-1548_firmwarexeon_d-1713nte_firmwarexeon_gold_6328hl_firmwarexeon_gold_6342_firmwarexeon_gold_5317core_i7-10875hxeon_d-2183itxeon_platinum_8358_firmwarexeon_platinum_8352m_firmwarexeon_d-1622xeon_d-1559_firmwarexeon_gold_6348h_firmwarexeon_platinum_8356hcore_i9-11900k_firmwarecore_i5-10400h_firmwarexeon_d-2145ntcore_i5-1035g7_firmwarexeon_platinum_8360y_firmwarecore_i5-11400t_firmwarecore_i3-1115g4core_i7-11700f_firmwarefas2820_firmwarexeon_d-1529_firmwarexeon_d-1540_firmwarexeon_d-1637_firmwarexeon_gold_5318h_firmwarexeon_d-1733nt_firmwarexeon_d-2733ntxeon_gold_5320tcore_i5-10210ycore_i5-1140g7xeon_gold_6312uxeon_gold_5320h_firmwarexeon_d-2142it_firmwarexeon_d-2143it_firmwarecore_i5-10210u_firmwarexeon_d-1736xeon_d-1735trxeon_d-1513n_firmwarecore_i3-10110yxeon_d-2795nt_firmwarecore_i5-11400fxeon_d-2752ntexeon_d-1523n_firmwarecore_i5-11500_firmwarexeon_d-2753nt_firmwarexeon_gold_5318n_firmwarexeon_platinum_8352y_firmwarexeon_silver_4314core_i5-1145grecore_i7-1180g7core_i5-11600kfcore_i5-10500h_firmwarexeon_platinum_8358core_i7-11700kfxeon_gold_5315ycore_i7-10870hcore_i9-11950h_firmwarexeon_platinum_8352s_firmwarecore_i5-1035g1core_i5-11260h_firmwarexeon_platinum_8354hcore_i9-11900_firmwarecore_i5-11400f_firmwarexeon_silver_4310_firmwarexeon_gold_6338n_firmwarexeon_d-1718tcore_i3-10110y_firmwarecore_i5-1035g4_firmwarecore_i7-1185g7core_i7-1195g7core_i5-11500txeon_gold_6326_firmwarecore_i7-1165g7xeon_platinum_8351n_firmwarexeon_d-1523nxeon_d-2786nte_firmwarecore_i5-11600kcore_i9-11900h_firmwarecore_i7-11390hxeon_d-2786ntexeon_d-1540xeon_platinum_8368xeon_d-1653ncore_i7-11700kxeon_d-1528xeon_d-1637xeon_d-1577core_i7-11700_firmwarecore_i5-1130g7_firmwarexeon_d-1715ter_firmwarexeon_silver_4310txeon_platinum_8380core_i7-10710uxeon_d-2141ixeon_d-1541xeon_gold_6314u_firmwaredebian_linuxcore_i3-11100he_firmwarexeon_d-1543n_firmwarexeon_platinum_8351nxeon_platinum_8376hl_firmwarecore_i5-11500he_firmwarexeon_d-1633n_firmwarexeon_gold_6330n_firmwarecore_i5-1145g7_firmwarexeon_d-1722ne_firmwarexeon_gold_6336yxeon_platinum_8352vxeon_d-1747ntecore_i5-10210y_firmwarexeon_d-2757nx_firmwarexeon_d-1653n_firmwarexeon_d-1734ntcore_i5-11400hxeon_d-1735tr_firmwarexeon_d-1747nte_firmwarexeon_d-1553nxeon_d-1571_firmwarecore_i9-11900t_firmwarexeon_d-1633nxeon_platinum_8360hlcore_i5-11400_firmwarexeon_d-1548core_i9-11900fxeon_d-1649nxeon_d-1529xeon_platinum_8380_firmwarecore_i7-10510y_firmwarexeon_gold_6330_firmwarecore_i7-11600hcore_i7-11390h_firmwarecore_i9-11980hkxeon_d-1518_firmwarexeon_gold_5320_firmwarexeon_d-2738_firmwarecore_i7-1165g7_firmwarexeon_platinum_8380hl_firmwarexeon_platinum_8360h_firmwarexeon_d-2757nxxeon_d-1713ntcore_i3-1115g4e_firmwarexeon_gold_6354xeon_gold_6336y_firmwarexeon_d-1520xeon_d-2752tercore_i5-1130g7xeon_platinum_8354h_firmwarexeon_d-2799xeon_platinum_8352mcore_i3-1120g4xeon_d-2146nt_firmwarexeon_d-2795ntcore_i3-1120g4_firmwarecore_i5-10310yxeon_d-1739_firmwarexeon_gold_6330hxeon_d-1736ntxeon_d-1713nt_firmwarexeon_gold_5318hxeon_d-1520_firmwarecore_i5-10500hxeon_platinum_8376hlxeon_silver_4316_firmwarecore_i7-1185g7_firmwarexeon_d-2798nt_firmwarexeon_d-1623ncore_i7-10810u_firmwarecore_i5-11600kf_firmwarecore_i5-11320hxeon_d-1531core_i7-10810ucore_i7-11700kf_firmwarecore_i3-1115g4_firmwarexeon_d-1533ncore_i7-11375h_firmwarexeon_d-1722nexeon_gold_6346core_i7-10875h_firmwarecore_i3-1115grexeon_d-2142itcore_i5-11500hxeon_d-1718t_firmwarecore_i7-10610ucore_i5-1035g1_firmwarexeon_d-1622_firmwarexeon_gold_6338ncore_i7-1065g7_firmwarecore_i5-1135g7_firmwarexeon_d-2796nt_firmwareaffa900_firmwarexeon_platinum_8360hxeon_gold_5315y_firmwarecore_i5-11260hxeon_d-1749nt_firmwarexeon_d-1702_firmwarexeon_d-2161iaffa900core_i5-10300h_firmwarexeon_d-2141i_firmwarecore_i3-1115g4ecore_i7-11850h_firmwarexeon_gold_6348xeon_gold_6330ncore_i5-11600t_firmwarecore_i5-10200h_firmwarecore_i9-11900f_firmwarecore_i5-11300h_firmwarexeon_platinum_8368_firmwarecore_i9-11980hk_firmwarecore_i7-11700t_firmwarexeon_d-2798nxxeon_platinum_8352v_firmwarecore_i9-10885h_firmwarexeon_d-2745nxcore_i5-1145g7exeon_gold_5320t_firmwarecore_i5-11500hexeon_d-1748tecore_i5-1145g7e_firmwarexeon_silver_4310core_i7-1185gre_firmwarexeon_silver_4314_firmwarexeon_d-1513nxeon_d-1537xeon_gold_6334xeon_d-2187nt_firmwarexeon_d-2752nte_firmwarecore_i5-11500core_i5-1135g7xeon_d-1739fas2820core_i3-10110u_firmwarexeon_d-1543nxeon_d-1528_firmwarexeon_d-1539_firmwarexeon_d-1559xeon_d-1702xeon_d-1521fas9500xeon_gold_6342xeon_d-1748te_firmwarexeon_d-1749ntxeon_platinum_8353h_firmwarexeon_platinum_8376h_firmwarexeon_d-1712tr_firmwarexeon_d-2798nx_firmwarecore_i7-1185g7exeon_platinum_8352sxeon_gold_6346_firmwarexeon_gold_5318ycore_i3-1005g1xeon_gold_6328hxeon_d-2183it_firmwarexeon_d-2753ntxeon_d-1557xeon_d-2775tecore_i5-11400xeon_gold_6334_firmwarexeon_d-1731ntecore_i7-10850h_firmwarecore_i7-1065g7xeon_d-1714_firmwarexeon_d-1736nt_firmwarexeon_d-1602_firmwarexeon_gold_6328hlxeon_d-1726core_i9-10980hk_firmwarexeon_d-2177ntxeon_d-1553n_firmwareIntel(R) Processors
CWE ID-CWE-1281
Sequence of Processor Instructions Leads to Unexpected Behavior
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-23559
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.89%
||
7 Day CHG~0.00%
Published-13 Jan, 2023 | 00:00
Updated-05 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-hci_baseboard_management_controllerlinux_kerneldebian_linuxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-36276
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.02% / 3.37%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 21:11
Updated-04 Feb, 2025 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-computing_improvement_programIntel(R) CIP software*
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-22292
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.07% / 22.56%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 17:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncaught exception for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationApple Inc.Google LLCMicrosoft Corporation
Product-androidwindowsunison_softwareiphone_osIntel Unison software
CWE ID-CWE-248
Uncaught Exception
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2024-36294
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.02% / 3.37%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 21:11
Updated-04 Feb, 2025 | 18:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions for some Intel(R) DSA software before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-driver_\&_support_assistantIntel(R) DSA softwaredsa_software
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-22297
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.08% / 23.85%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Access of memory location after end of buffer in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_system_d50tnp1mhcpacserver_system_d50tnp2mhsvac_firmwareserver_system_m50cyp2ur312_firmwareserver_system_d50tnp2mhsvacserver_system_d50tnp1mhcrac_firmwareserver_system_d50tnp2mhstacserver_system_d50tnp2mfalacserver_system_m50cyp2ur208server_system_d50tnp1mhcrlc_firmwareserver_system_m50cyp1ur212_firmwareserver_system_m50cyp2ur208_firmwareserver_system_m50cyp2ur312server_system_m50cyp1ur204_firmwareserver_system_d50tnp1mhcracserver_system_d50tnp1mhcrlcserver_system_d50tnp2mhstac_firmwareserver_system_m50cyp1ur204server_system_d50tnp1mhcpac_firmwareserver_system_d50tnp2mfalac_firmwareserver_system_m50cyp1ur212Intel(R) Server Board BMC firmware
CWE ID-CWE-788
Access of Memory Location After End of Buffer
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-22355
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.05%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_dpc\+\+_libraryoneapi_rendering_toolkitdpc\+\+_compatibility_tooloneapi_dpc\+\+\/c\+\+_compileroneapi_data_analytics_libraryosprayoneapi_iot_toolkitimplicit_spmd_program_compilerdistribution_for_pythonopen_image_denoiseoneapi_deep_neural_network_libraryinspectoroneapi_video_processing_libraryintegrated_performance_primitivesfortran_compileroneapi_threading_building_blocksintegrated_performance_primitives_cryptographyoneapi_toolkit_and_component_software_installersvtune_profileroneapi_base_toolkitmpi_libraryoneapi_hpc_toolkitcpu_runtimeoneapi_math_kernel_libraryopen_volume_kernel_librarytrace_analyzer_and_collectorospray_studioembree_ray_tracing_kernel_libraryadvisorIntel(R) oneAPI Toolkit and component software installers
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-2236
Matching Score-8
Assigner-Google LLC
ShareView Details
Matching Score-8
Assigner-Google LLC
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.02%
||
7 Day CHG~0.00%
Published-01 May, 2023 | 12:50
Updated-05 Mar, 2025 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-after-free in Linux kernel's Performance Events subsystem

A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Both io_install_fixed_file and its callers call fput in a file in case of an error, causing a reference underflow which leads to a use-after-free vulnerability. We recommend upgrading past commit 9d94c04c0db024922e886c9fd429659f22f48ea4.

Action-Not Available
Vendor-Linux Kernel Organization, IncNetApp, Inc.
Product-linux_kernelhci_baseboard_management_controllerLinux Kernel
CWE ID-CWE-416
Use After Free
CVE-2023-22312
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 22.96%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc11dbbi7_firmwarenuc_11_pro_kit_nuc11tnkv7_firmwarenuc_11_enthusiast_kit_nuc11phki7cnuc_11_pro_kit_nuc11tnhv7nuc_11_performance_kit_nuc11pahi3_firmwarenuc_board_nuc8cchbnuc_11_pro_kit_nuc11tnhv50lnuc_11_pro_mini_pc_nuc11tnkv7_firmwarenuc_11_pro_mini_pc_nuc11tnkv5lapkc71f_firmwarenuc_11_performance_kit_nuc11pahi3nuc_11_compute_element_cm11ebi58wnuc_8_rugged_kit_nuc8cchkrn_firmwarenuc_11_performance_mini_pc_nuc11paqi50wanuc11dbbi7nuc_m15_laptop_kit_lapbc710_firmwarenuc_11_performance_kit_nuc11paki7_firmwarenuc_11_performance_mini_pc_nuc11paqi50wa_firmwarenuc_board_nuc8cchb_firmwarenuc_8_rugged_board_nuc8cchbn_firmwarenuc_11_performance_kit_nuc11pahi50z_firmwarenuc_11_performance_kit_nuc11pahi7nuc_11_pro_kit_nuc11tnhv7_firmwarenuc_11_performance_mini_pc_nuc11paqi70qa_firmwarenuc_11_pro_kit_nuc11tnkv5_firmwarenuc_11_performance_kit_nuc11pahi50znuc_11_compute_element_cm11ebc4wnuc11dbbi9nuc_11_performance_kit_nuc11pahi30znuc_11_pro_board_nuc11tnbv7_firmwarenuc_11_pro_kit_nuc11tnhv70lnuc_11_performance_kit_nuc11pahi30z_firmwarenuc_11_compute_element_cm11ebc4w_firmwarenuc_8_rugged_board_nuc8cchbnnuc_11_pro_mini_pc_nuc11tnkv5_firmwarenuc_11_pro_board_nuc11tnbv5nuc_11_pro_board_nuc11tnbv5_firmwarenuc_11_performance_kit_nuc11paki5nuc_11_compute_element_cm11ebi38w_firmwarenuc_11_performance_kit_nuc11paki3_firmwarenuc_m15_laptop_kit_lapbc710nuc_11_performance_kit_nuc11paki5_firmwarenuc_11_compute_element_cm11ebi716w_firmwarenuc_11_performance_kit_nuc11pahi70z_firmwarenuc11btmi9nuc_11_compute_element_cm11ebi38wlapkc71flapkc51e_firmwarenuc_11_enthusiast_mini_pc_nuc11phki7caanuc_11_performance_kit_nuc11pahi5_firmwarenuc_11_pro_kit_nuc11tnhv5_firmwarenuc_11_pro_kit_nuc11tnkv5nuc_11_performance_kit_nuc11paki7nuc_11_compute_element_cm11ebi58w_firmwarenuc_8_rugged_kit_nuc8cchkrnuc_11_performance_kit_nuc11pahi70znuc_11_performance_kit_nuc11pahi5nuc11dbbi9_firmwarenuc_11_performance_kit_nuc11paki3nuc_11_performance_kit_nuc11pahi7_firmwarenuc_11_pro_kit_nuc11tnkv50z_firmwarenuc_8_rugged_kit_nuc8cchkr_firmwarenuc_11_enthusiast_mini_pc_nuc11phki7caa_firmwarenuc_11_pro_kit_nuc11tnhv50l_firmwarenuc_11_pro_mini_pc_nuc11tnkv7nuc_11_performance_mini_pc_nuc11paqi70qalapkc71enuc_11_pro_kit_nuc11tnkv7nuc_m15_laptop_kit_lapbc510nuc_11_compute_element_cm11ebi716wnuc_11_pro_kit_nuc11tnkv50znuc_11_enthusiast_kit_nuc11phki7c_firmwarenuc_11_pro_board_nuc11tnbv7lapkc51enuc_11_pro_kit_nuc11tnhv5nuc_8_rugged_kit_nuc8cchkrnnuc11btmi7_firmwarelapkc71e_firmwarenuc11btmi9_firmwarenuc_m15_laptop_kit_lapbc510_firmwarenuc_11_pro_kit_nuc11tnhv70l_firmwarenuc11btmi7Intel(R) NUC BIOS firmware
CWE ID-CWE-284
Improper Access Control
CVE-2023-22440
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.36%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the Intel(R) SCS Add-on software installer for Microsoft SCCM all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-setup_and_configuration_softwareIntel(R) SCS Add-on software installer for Microsoft SCCM
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-34153
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 6.68%
||
7 Day CHG~0.00%
Published-16 Sep, 2024 | 16:38
Updated-23 Sep, 2024 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-raid_web_consoleIntel(R) RAID Web Console softwareraid_web_console
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-21148
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.54%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:47
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-edge_insights_for_industrialIntel(R) Edge Insights for Industrial software
CVE-2023-2124
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.34%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 00:00
Updated-02 Aug, 2024 | 06:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-debian_linuxlinux_kernelh500sh410s_firmwareh700s_firmwareh300s_firmwareh410c_firmwareh500s_firmwareh410sh410ch300sh700sKernel
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-2007
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.46%
||
7 Day CHG~0.00%
Published-24 Apr, 2023 | 00:00
Updated-02 Aug, 2024 | 06:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-debian_linuxlinux_kernelh500sh410s_firmwaresolidfire_\&_hci_management_nodeh700s_firmwareh300s_firmwareh500s_firmwareh410c_firmwareh410sh410ch300sh700sLinux kernel's DPT I2O Controller driver
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE ID-CWE-667
Improper Locking
CVE-2021-0146
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.38% / 58.77%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:25
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-celeron_j1750celeron_j4125_firmwarepentium_silver_n5000_firmwareceleron_n2940_firmwareceleron_j1850_firmwarepentium_j2850pentium_silver_n5030celeron_j1900_firmwareceleron_n2920_firmwareceleron_n3350celeron_n3050celeron_j1850celeron_n6210pentium_j3710_firmwarepentium_n6415_firmwarepentium_silver_j5005celeron_n3000celeron_n2930_firmwareceleron_n2807celeron_n2815pentium_j3710pentium_j2900atom_x5-e3940_firmwareceleron_n4100_firmwareatom_c3000_firmwareceleron_n2940celeron_n2830_firmwarepentium_silver_j5005_firmwareatom_x5-e3930_firmwareceleron_n5105celeron_n3000_firmwarepentium_j2850_firmwarepentium_n3530celeron_j3455pentium_silver_n6000celeron_n3350_firmwareceleron_n2807_firmwareceleron_n4500celeron_n2820pentium_n6415celeron_n4500_firmwareceleron_j3160celeron_j3355e_firmwareceleron_n3150_firmwareceleron_n3450_firmwareceleron_n3150celeron_n4100celeron_n5100_firmwareceleron_n2805celeron_n2806celeron_n3060celeron_j1750_firmwareatom_x5-e3940pentium_n3530_firmwarepentium_silver_n6000_firmwareceleron_n5105_firmwarepentium_n3710_firmwareceleron_n4120_firmwarepentium_n4200celeron_n4120celeron_n3350eceleron_n3050_firmwareceleron_n4000_firmwareceleron_j3455_firmwareceleron_n3010celeron_n2840celeron_n2806_firmwarepentium_j6426celeron_n2808pentium_n4200e_firmwareceleron_j4025celeron_n2910pentium_j4205celeron_n2930celeron_j1800_firmwareceleron_n2840_firmwarepentium_silver_n6005_firmwarepentium_n3540_firmwarepentium_n3510pentium_silver_n5030_firmwareceleron_j6413celeron_j3160_firmwareceleron_j3455e_firmwareceleron_j4005_firmwarepentium_j2900_firmwareceleron_j3060_firmwarepentium_n3700celeron_n2920pentium_n3520_firmwareceleron_n3160_firmwarepentium_n3520celeron_n2815_firmwarepentium_n3700_firmwareceleron_j3060pentium_silver_n6005pentium_j4205_firmwareceleron_n2820_firmwareceleron_j4105_firmwareceleron_n3160celeron_n6211atom_x7-e3950_firmwareceleron_n4020_firmwarepentium_n4200_firmwareceleron_n6210_firmwareceleron_n4505_firmwareceleron_n6211_firmwareceleron_n3060_firmwareceleron_n3010_firmwarepentium_silver_n5000pentium_n3540celeron_n4000celeron_j3455eceleron_n2830pentium_n4200eceleron_n3350e_firmwareceleron_n3450celeron_n5100celeron_j6413_firmwareceleron_n2805_firmwarepentium_n3710celeron_n4020celeron_j4105celeron_j6412celeron_n2810celeron_j4025_firmwarepentium_n3510_firmwarepentium_silver_j5040_firmwareceleron_j1800celeron_j6412_firmwareceleron_j1900celeron_n2808_firmwareatom_c3000celeron_n4505celeron_j3355_firmwareceleron_j4005atom_x5-e3930celeron_j3355atom_x7-e3950celeron_n2910_firmwarepentium_silver_j5040celeron_n2810_firmwarepentium_j6426_firmwareceleron_j3355eceleron_j4125Intel(R) processors which
CVE-2021-0154
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.75%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:36
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_e3-1565l_v5xeon_e5-2650l_v4xeon_e-2286gxeon_e7-4820_v4xeon_e5-1650_v4_firmwarexeon_e5-2603_v4_firmwarexeon_e3-1240_v6_firmwarecore_i9-7900xxeon_d-2733nt_firmwarexeon_d-1548xeon_d-1622_firmwarexeon_e3-1220_v5core_i7-7820x_firmwarexeon_e-2174g_firmwarexeon_d-1633nxeon_d-1527_firmwarexeon_e-2276ml_firmwarexeon_e3-1505m_v5_firmwarexeon_d-1653nxeon_e3-1578l_v5_firmwarexeon_d-2145nt_firmwarexeon_e-2246gxeon_d-2173it_firmwarexeon_e5-2637_v4xeon_d-1633n_firmwarecore_i9-7920xcore_i9-9960xxeon_d-1513n_firmwarexeon_e3-1230_v6core_i9-7960x_firmwarexeon_e-2374gxeon_d-1749nt_firmwarexeon_e3-1501l_v6xeon_e-2254ml_firmwarexeon_e7-4809_v4_firmwarexeon_e-2378xeon_e7-8867_v4xeon_d-1557_firmwarexeon_e5-2630_v4_firmwarexeon_e-2236xeon_e3-1220_v5_firmwarecore_i7-7820xcore_i7-3970x_firmwarexeon_e5-2699r_v4_firmwarexeon_e-2374g_firmwarexeon_e5-4640_v4xeon_d-1747nte_firmwarexeon_d-2163it_firmwarecore_i5-7640xcore_i7-7800xxeon_d-1531xeon_d-1726_firmwarexeon_e-2386g_firmwarexeon_e-2176m_firmwarexeon_e7-8891_v4xeon_e-2278g_firmwarexeon_e3-1240_v6core_i9-9920xxeon_e3-1230_v5xeon_e3-1240_v5_firmwarexeon_e-2278gexeon_d-1533n_firmwarexeon_e3-1545m_v5_firmwarexeon_e5-2650_v4_firmwarexeon_d-2146nt_firmwarexeon_d-2177ntxeon_e5-2630l_v4_firmwarexeon_e3-1275_v5_firmwarexeon_e-2278gel_firmwarexeon_e7-8894_v4xeon_d-2786nte_firmwarexeon_d-1518_firmwarexeon_e3-1505l_v6xeon_e-2254me_firmwarexeon_e5-4650_v4xeon_e-2236_firmwarexeon_d-2775te_firmwarexeon_e5-2680_v4_firmwarexeon_e-2244g_firmwarexeon_d-1571_firmwarexeon_e5-2660_v4xeon_d-1715ter_firmwarexeon_e-2126gcore_i7-6900k_firmwarexeon_e7-8893_v4_firmwarexeon_e5-4650_v4_firmwarexeon_e3-1285_v6xeon_e3-1505l_v6_firmwarexeon_e5-4627_v4core_i7-4940mxxeon_e-2276mlxeon_e5-4610_v4_firmwarexeon_e3-1235l_v5xeon_e5-1630_v4xeon_e3-1225_v5_firmwarexeon_e3-1245_v6_firmwarecore_i9-10920x_firmwarecore_i9-10940xxeon_d-2796texeon_d-1541_firmwarexeon_e3-1270_v6core_i7-5820k_firmwarecore_i9-10900xxeon_e3-1545m_v5xeon_d-1577_firmwarexeon_d-1531_firmwarexeon_e-2334_firmwarexeon_e3-1515m_v5_firmwarexeon_d-2142itxeon_e-2276me_firmwarexeon_d-1748texeon_e7-8891_v4_firmwarexeon_e5-2699r_v4xeon_d-2187ntxeon_d-2775texeon_e5-2640_v4_firmwarexeon_d-1518core_i7-9800xcore_i7-6800k_firmwarexeon_e-2136_firmwarexeon_d-1726xeon_d-1735tr_firmwarexeon_e5-2648l_v4xeon_e-2276mecore_i7-3820_firmwarexeon_e-2146gcore_i7-6950xxeon_e5-4620_v4xeon_d-2752nte_firmwarexeon_e7-8870_v4xeon_d-2796nt_firmwarexeon_e7-8880_v4_firmwarexeon_d-1637xeon_e-2356g_firmwarexeon_e5-4660_v4xeon_e-2146g_firmwarexeon_e5-2698_v4core_i7-3970xxeon_e-2286g_firmwarexeon_e3-1515m_v5xeon_d-1539_firmwarecore_i7-3960xcore_i7-6800kxeon_d-1718txeon_e-2126g_firmwarexeon_d-2753nt_firmwarexeon_d-1602xeon_e5-4655_v4core_i7-4820kxeon_d-1533nxeon_d-1529_firmwarexeon_e3-1260l_v5_firmwarexeon_d-2799xeon_e3-1240l_v5xeon_e-2136xeon_e5-4640_v4_firmwarexeon_e-2378_firmwarexeon_d-1712trcore_i9-9940x_firmwarexeon_d-2145ntxeon_e5-2697a_v4xeon_d-1736_firmwarexeon_e-2288g_firmwarexeon_e-2276mxeon_e-2224gxeon_d-2173itxeon_d-2766ntxeon_d-2161ixeon_d-2163itxeon_e5-1620_v4xeon_e5-4669_v4core_i7-3930kxeon_d-2123itxeon_e5-2609_v4_firmwarexeon_e3-1505m_v5xeon_d-1623nxeon_e3-1535m_v6_firmwarecore_i7-4960x_firmwarecore_i7-4820k_firmwarexeon_d-1521xeon_e5-2628l_v4xeon_d-1722nexeon_e5-2650_v4xeon_e7-4820_v4_firmwarexeon_d-2776ntcore_i7-3820xeon_d-2161i_firmwarexeon_e-2144g_firmwarexeon_e5-2687w_v4_firmwarexeon_d-1713nt_firmwarexeon_e3-1585l_v5xeon_e-2378g_firmwarecore_i7-3940xmxeon_e3-1275_v5xeon_e5-4610_v4xeon_e-2246g_firmwarexeon_e5-2658_v4xeon_e5-1630_v4_firmwarexeon_e-2388gxeon_e3-1558l_v5_firmwarexeon_e5-4620_v4_firmwarexeon_d-2786ntexeon_d-1537_firmwarexeon_e-2226gxeon_d-2796te_firmwarecore_i7-3920xmxeon_e-2226ge_firmwarexeon_d-2143itxeon_e-2226gexeon_e3-1225_v6_firmwarexeon_d-2753ntxeon_e-2278gxeon_d-1540_firmwarexeon_e7-8890_v4_firmwarexeon_e5-2683_v4_firmwarecore_i7-5930k_firmwarexeon_e-2124xeon_e-2186g_firmwarexeon_d-1553n_firmwarexeon_e5-2695_v4core_i9-7980xe_firmwarexeon_d-2177nt_firmwarecore_i7-3940xm_firmwarecore_i7-3930k_firmwarexeon_e3-1270_v5_firmwarecore_i9-10920xxeon_d-2798ntxeon_e5-2667_v4_firmwarexeon_d-1712tr_firmwarexeon_e3-1240l_v5_firmwarexeon_e7-8860_v4_firmwarecore_i7-6950x_firmwarexeon_e3-1501l_v6_firmwarexeon_e5-1660_v4_firmwarexeon_e3-1260l_v5xeon_d-1739_firmwarexeon_e-2386gxeon_d-1736xeon_d-2738xeon_d-1567_firmwarexeon_e5-2683_v4xeon_e-2134xeon_d-1733nt_firmwarexeon_e-2388g_firmwarexeon_d-1749ntcore_i9-9820x_firmwarexeon_d-2142it_firmwarexeon_e-2336xeon_d-1627xeon_e3-1575m_v5_firmwarexeon_d-2779_firmwarexeon_e3-1225_v5xeon_e-2186mxeon_d-1602_firmwarexeon_e3-1558l_v5xeon_e-2176mxeon_d-2733ntxeon_e-2286mxeon_d-1559_firmwarecore_i7-4930mx_firmwarexeon_d-1623n_firmwarexeon_d-1702xeon_e-2274gxeon_d-1722ne_firmwarexeon_e5-2630l_v4xeon_e7-8893_v4xeon_e7-4830_v4xeon_e5-2699_v4_firmwarexeon_e-2134_firmwarexeon_e5-4669_v4_firmwarexeon_e5-4667_v4xeon_d-1528_firmwarexeon_d-2795ntxeon_e5-4628l_v4xeon_d-1732te_firmwarecore_i5-7640x_firmwarexeon_d-2779xeon_e3-1268l_v5xeon_e-2226g_firmwarexeon_d-1529xeon_e5-1650_v4core_i9-7960xcore_i7-5930kxeon_e-2324g_firmwarexeon_d-1715terxeon_d-1559xeon_e-2278ge_firmwarexeon_e-2174gxeon_e3-1535m_v6xeon_e3-1220_v6xeon_e3-1585_v5_firmwarecore_i9-9820xxeon_e-2276m_firmwarexeon_d-1537xeon_d-1714xeon_e7-4850_v4xeon_d-1567xeon_e3-1220_v6_firmwarexeon_e7-4850_v4_firmwarexeon_e-2286m_firmwarexeon_e3-1501m_v6_firmwarexeon_e3-1245_v5xeon_d-1734nt_firmwarexeon_d-2141ixeon_e-2176gxeon_e-2288gcore_i7-3920xm_firmwarexeon_e-2274g_firmwarexeon_d-2141i_firmwarexeon_e3-1225_v6core_i7-6850k_firmwarecore_i7-3960x_firmwarexeon_e3-1280_v6xeon_e7-8880_v4xeon_e-2176g_firmwarexeon_d-2752ntexeon_d-2776nt_firmwarexeon_e-2254mlxeon_e-2124g_firmwarexeon_e5-2667_v4xeon_d-1734ntxeon_e5-2695_v4_firmwarexeon_e-2224_firmwarexeon_e5-4655_v4_firmwarexeon_e5-2608l_v4_firmwarexeon_d-1649nxeon_e7-8890_v4xeon_e5-2609_v4xeon_d-1540xeon_d-1736nt_firmwarexeon_d-2712t_firmwarexeon_d-1513ncore_i7-9800x_firmwarexeon_d-2183itxeon_d-2123it_firmwarexeon_e3-1275_v6_firmwarecore_i7-5960x_firmwarexeon_e-2224g_firmwarecore_i9-7940x_firmwarexeon_e5-2643_v4_firmwarexeon_d-1527xeon_e3-1505m_v6xeon_e7-8860_v4core_i9-9940xxeon_d-2712txeon_e5-2690_v4xeon_d-1649n_firmwarecore_i9-9980xe_firmwarexeon_e3-1535m_v5core_i9-9900xxeon_e5-2650l_v4_firmwarecore_i9-7940xxeon_e5-2699a_v4_firmwarecore_i9-7900x_firmwarexeon_e3-1505m_v6_firmwarexeon_e7-8870_v4_firmwarexeon_e-2254mexeon_d-1523nxeon_e3-1505l_v5core_i9-9900x_firmwarexeon_e7-4830_v4_firmwarexeon_d-1748te_firmwarexeon_e5-4667_v4_firmwarexeon_e5-2618l_v4xeon_d-1520xeon_d-2187nt_firmwarexeon_e3-1280_v6_firmwarecore_i7-7800x_firmwarexeon_e5-2699_v4xeon_e5-2603_v4xeon_d-2146ntxeon_e-2144gxeon_d-1713ntxeon_d-1543nxeon_e3-1270_v6_firmwarexeon_d-2752terxeon_d-1541xeon_d-1543n_firmwarexeon_e-2244gxeon_e7-8867_v4_firmwarexeon_d-2799_firmwarexeon_e3-1245_v5_firmwarexeon_d-1732texeon_d-1622xeon_d-1520_firmwarexeon_e5-2640_v4xeon_e5-4660_v4_firmwarexeon_e5-2680_v4xeon_e5-2697a_v4_firmwarexeon_e3-1235l_v5_firmwarecore_i7-7740xxeon_d-2795nt_firmwarexeon_d-1713nte_firmwarexeon_e5-2637_v4_firmwarexeon_e5-2660_v4_firmwarexeon_e3-1575m_v5xeon_e-2124gcore_i9-9920x_firmwarexeon_e5-2687w_v4core_i7-4930kcore_i9-10980xe_firmwarecore_i7-4960xcore_i7-5960xxeon_d-1521_firmwarexeon_e3-1285_v6_firmwarecore_i7-5820kcore_i9-7920x_firmwarexeon_e-2356gcore_i7-6900kcore_i9-9980xexeon_d-1557xeon_e5-2623_v4xeon_d-2796ntxeon_e3-1240_v5xeon_e3-1585l_v5_firmwarexeon_e-2336_firmwarexeon_d-1713ntexeon_e3-1585_v5xeon_d-1739xeon_e-2334xeon_d-2752ter_firmwarexeon_d-1637_firmwarexeon_d-1577xeon_e3-1501m_v6xeon_d-1735trxeon_d-2766nt_firmwarecore_i7-4930k_firmwarecore_i9-10980xexeon_e3-1505l_v5_firmwarexeon_e-2314xeon_e3-1535m_v5_firmwarexeon_e5-2690_v4_firmwarexeon_d-2166ntxeon_e3-1280_v5_firmwarexeon_e5-2608l_v4xeon_e5-2697_v4xeon_e-2186gxeon_e-2314_firmwarexeon_d-1539xeon_e5-4627_v4_firmwarexeon_e5-2658_v4_firmwarexeon_d-1718t_firmwarexeon_e5-2648l_v4_firmwarexeon_e3-1280_v5xeon_e5-1680_v4_firmwarecore_i9-10900x_firmwarecore_i7-4930mxxeon_e5-2630_v4xeon_e7-4809_v4xeon_d-1746ter_firmwarexeon_e5-2620_v4xeon_d-2143it_firmwarexeon_e3-1230_v6_firmwarexeon_e3-1275_v6xeon_e3-1565l_v5_firmwarexeon_e5-1660_v4xeon_e5-4628l_v4_firmwarexeon_e5-1680_v4xeon_e-2276g_firmwarexeon_e5-2698_v4_firmwarexeon_d-1627_firmwarexeon_d-1702_firmwarexeon_d-1733ntxeon_e-2224xeon_e5-2618l_v4_firmwarexeon_e-2124_firmwarecore_i7-4940mx_firmwarexeon_d-1653n_firmwarexeon_e5-2623_v4_firmwarexeon_e3-1230_v5_firmwarecore_i9-9960x_firmwarexeon_d-1736ntxeon_e-2278gelxeon_d-1553nxeon_e3-1578l_v5core_i9-10940x_firmwarexeon_e3-1245_v6xeon_e-2378gxeon_d-2798nt_firmwarexeon_e-2234_firmwarexeon_d-1747ntexeon_d-2166nt_firmwarexeon_e5-2699a_v4xeon_d-1523n_firmwarexeon_d-2183it_firmwarecore_i7-6850kxeon_e5-2643_v4xeon_e-2324gxeon_e3-1268l_v5_firmwarexeon_e5-2628l_v4_firmwarecore_i9-7980xexeon_e7-8894_v4_firmwarexeon_e-2276gxeon_e5-2697_v4_firmwarexeon_e3-1270_v5xeon_d-1548_firmwarexeon_d-1746terxeon_e5-1620_v4_firmwarexeon_d-1571xeon_e-2186m_firmwarexeon_d-1528xeon_d-2738_firmwarexeon_e-2234xeon_e5-2620_v4_firmwarecore_i7-7740x_firmwarexeon_d-1714_firmwareIntel(R) Processors
CWE ID-CWE-20
Improper Input Validation
CVE-2023-1295
Matching Score-8
Assigner-Google LLC
ShareView Details
Matching Score-8
Assigner-Google LLC
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.65%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 11:08
Updated-13 Feb, 2025 | 16:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege escalation with IO_RING_OP_CLOSE in the Linux Kernel

A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in 9eac1904d3364254d622bf2c771c4f85cd435fc2, backported to stable in 788d0824269bef539fe31a785b1517882eafed93.

Action-Not Available
Vendor-Linux Kernel Organization, IncNetApp, Inc.
Product-linux_kernelh500sh410sh410ch300sh700sLinux Kernel
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2020-15852
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.16% / 37.37%
||
7 Day CHG~0.00%
Published-20 Jul, 2020 | 18:54
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Xen Project
Product-linux_kernelcloud_backupxensolidfire_baseboard_management_controllersteelstore_cloud_integrated_storagen/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-0386
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-58.89% / 98.14%
||
7 Day CHG-0.54%
Published-22 Mar, 2023 | 00:00
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-07-08||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

Action-Not Available
Vendor-n/aNetApp, Inc.Linux Kernel Organization, IncCanonical Ltd.Debian GNU/Linux
Product-h410s_firmwareh410c_firmwareubuntu_linuxh300s_firmwareh700sh500s_firmwaredebian_linuxh700s_firmwareh300sh410clinux_kernelh410sh500sKernelKernel
CWE ID-CWE-282
Improper Ownership Management
CVE-2020-15862
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.30%
||
7 Day CHG~0.00%
Published-19 Aug, 2020 | 00:00
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.

Action-Not Available
Vendor-n/aCanonical Ltd.Net-SNMPNetApp, Inc.
Product-net-snmpubuntu_linuxsmi-s_providercloud_backuphci_management_nodesolidfiren/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-8722
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.19% / 41.54%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:51
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8764
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.25% / 47.96%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:04
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-xeon_platinum_8153xeon_w-2223xeon_e7-8893_v3xeon_w-3245mxeon_e5-4610_v4xeon_e7-8894_v4xeon_gold_6230txeon_gold_6146xeon_e5-2660_v3xeon_gold_6126tcore_i7-6950xxeon_w-3225xeon_e5-1680_v3xeon_d-1527xeon_e5-2697_v4xeon_gold_5115xeon_e5-2408l_v3xeon_platinum_8170xeon_gold_6136xeon_w-2125core_i9-10940xxeon_e5-4610_v3xeon_e7-8870_v3xeon_gold_6138xeon_e5-4650_v4xeon_e7-8880_v4xeon_e5-1630_v4xeon_e5-4660_v3xeon_e5-1660_v4xeon_w-2295xeon_e7-8891_v4xeon_platinum_8164core_i7-3960xxeon_gold_6234xeon_e5-2603_v3xeon_e5-2699r_v4xeon_gold_6238rxeon_w-2255xeon_d-1518fas_biosxeon_gold_5215xeon_e5-2667_v3xeon_e5-4655_v3xeon_e7-4820_v3xeon_d-2143itxeon_d-2163itxeon_platinum_8168core_i9-7920xxeon_e5-2683_v4xeon_e5-2608l_v4xeon_e5-2699_v4xeon_e5-2640_v3xeon_gold_5218xeon_e5-1620_v4xeon_e7-8880l_v3xeon_w-1270xeon_d-1567xeon_silver_4109txeon_e5-2630l_v3xeon_e5-4640_v4xeon_e5-2690_v3xeon_gold_5215lxeon_silver_4215rxeon_e5-4655_v4xeon_gold_6138fxeon_e5-2658_v4xeon_gold_5122xeon_w-2245xeon_e5-1630_v3xeon_silver_4210tcore_i9-7960xcore_i7-7820xxeon_e5-2680_v3xeon_e5-2699_v3xeon_gold_6212uxeon_w-1270texeon_e7-4830_v3core_i9-7980xexeon_silver_4114xeon_e5-2698_v3core_i7-6900kcore_i9-9940xxeon_bronze_3104xeon_e7-8870_v4xeon_w-1290txeon_d-1571xeon_gold_6238lxeon_e5-2637_v3xeon_e5-1620_v3xeon_d-2173itxeon_platinum_8156xeon_d-2123itxeon_w-3265mxeon_d-1627core_i7-3930kxeon_e5-2637_v4xeon_w-2265xeon_e5-2667_v4xeon_e5-2687w_v3xeon_d-1602xeon_w-10855mxeon_e7-8890_v4xeon_e5-2680_v4xeon_gold_6126fxeon_d-1539xeon_gold_5218txeon_e5-2697a_v4xeon_gold_6150xeon_e5-1680_v4xeon_gold_5220rxeon_gold_6140xeon_e5-2690_v4xeon_e7-4809_v3xeon_e5-2609_v4xeon_d-2146ntxeon_platinum_8160fxeon_e5-2658_v3xeon_e5-4660_v4xeon_w-1270pxeon_gold_6210ucore_i9-10920xxeon_d-2187ntcore_i7-6850kxeon_gold_6126core_i9-7940xcore_i9-9960xxeon_d-2166ntxeon_w-1250ecore_i7-3920xmxeon_silver_4216xeon_e5-2643_v4xeon_gold_6230xeon_w-2195xeon_e5-2630l_v4xeon_e5-2699a_v4xeon_e5-4667_v4xeon_e5-2628l_v4xeon_d-2183itxeon_silver_4116txeon_e7-8860_v3xeon_e5-2630_v4xeon_d-1622xeon_e5-4667_v3xeon_gold_6142fxeon_e5-2643_v3xeon_d-2145ntxeon_e5-1650_v4xeon_gold_6238xeon_e5-2630_v3xeon_gold_6130xeon_e5-2650l_v4xeon_w-1250pxeon_e5-4650_v3core_i7-7800xcore_i9-9920xxeon_silver_4208xeon_e5-2623_v4xeon_w-2123xeon_gold_5220sxeon_w-3275mcore_i7-3820xeon_e5-2683_v3xeon_e7-4850_v3xeon_silver_4110xeon_bronze_3204xeon_gold_5119txeon_silver_4108xeon_gold_6130txeon_silver_4210core_i7-9800xxeon_gold_5217xeon_e7-8867_v4xeon_gold_6230ncore_i7-4960xxeon_w-3265xeon_gold_5218nxeon_bronze_3106xeon_gold_6138txeon_w-3245xeon_e5-2620_v4xeon_gold_5120xeon_e5-2618l_v3xeon_d-1523nxeon_e7-8880_v3xeon_e5-2608l_v3xeon_d-1540hci_compute_node_biosxeon_gold_5220xeon_platinum_8160txeon_e5-2698_v4xeon_d-1653ncore_i7-7740xxeon_d-1528xeon_silver_4214rcore_i7-5820kxeon_d-1577xeon_d-1637xeon_e5-2697_v3xeon_silver_4114txeon_e5-4627_v4xeon_e5-4669_v4aff_biosxeon_gold_6154xeon_d-2141ixeon_e5-2660_v4xeon_d-1541xeon_e7-4830_v4core_i7-3940xmxeon_w-1250texeon_w-1250xeon_e5-2640_v4hci_storage_node_biosxeon_gold_6208ucore_i7-4940mxxeon_e7-8893_v4xeon_w-1290ecore_i7-4930kxeon_e5-1650_v3xeon_gold_5222xeon_w-3275xeon_e5-2687w_v4xeon_e7-8891_v3xeon_d-1553nxeon_silver_4209txeon_e5-4620_v3xeon_silver_4116xeon_w-1270exeon_d-1633nxeon_d-1548core_i7-4820kxeon_d-1649nxeon_d-1529xeon_e7-4820_v4xeon_e5-2695_v3xeon_platinum_8160xeon_e5-2428l_v3xeon_e7-4809_v4xeon_e5-4648_v3xeon_e5-1660_v3xeon_gold_6148fxeon_d-1520xeon_gold_6132biosxeon_gold_6152core_i9-9820xxeon_e5-2618l_v4xeon_platinum_8158xeon_w-2155xeon_e5-2623_v3core_i9-9900xxeon_e5-2418l_v3xeon_e5-2658a_v3xeon_w-1290pxeon_w-2135xeon_gold_6222vxeon_platinum_8176xeon_d-1623nxeon_w-2145xeon_d-1531xeon_gold_6142xeon_e5-2650_v4xeon_d-1533nxeon_e7-8867_v3xeon_gold_6128core_i9-9980xexeon_silver_4215xeon_w-2235xeon_d-2142itxeon_gold_5118xeon_gold_6130fxeon_e5-2695_v4core_i7-6800kcore_i9-10900xxeon_silver_4214xeon_silver_4210rxeon_d-2161ixeon_silver_4214yxeon_e5-2603_v4core_i9-10980xexeon_e5-2620_v3xeon_e5-4628l_v4xeon_gold_5218bxeon_e5-2670_v3xeon_e7-8860_v4xeon_e5-2648l_v3core_i7-3970xxeon_gold_6138pxeon_e5-2609_v3xeon_e5-2438l_v3xeon_w-1290xeon_platinum_8176fsolidfire_biosxeon_w-10885mxeon_e7-8890_v3xeon_e5-2650_v3xeon_e5-2648l_v4xeon_e5-4620_v4xeon_d-1513nxeon_d-1537xeon_w-2275xeon_w-1290tecore_i9-7900xcore_i5-7640xxeon_d-1543nxeon_gold_6209uxeon_silver_4112xeon_w-3223xeon_d-1559xeon_gold_6226xeon_d-1521core_i7-5960xxeon_gold_5120txeon_gold_6230rxeon_w-3175xxeon_gold_6134xeon_e5-2628l_v3xeon_e5-4640_v3core_i7-4930mxxeon_w-3235core_i7-5930kxeon_gold_5218rxeon_gold_6226rxeon_e5-4669_v3xeon_w-2225xeon_bronze_3206rxeon_w-2133xeon_d-1557xeon_gold_6148xeon_e5-4627_v3xeon_e7-4850_v4xeon_gold_6144xeon_e5-1428l_v3xeon_platinum_8180xeon_d-2177ntxeon_e5-2650l_v3xeon_w-2175xeon_gold_5220tIntel(R) Processors
CVE-2020-8729
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.85%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:56
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer copy without checking size of input for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-15861
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.56% / 67.30%
||
7 Day CHG~0.00%
Published-19 Aug, 2020 | 18:28
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following.

Action-Not Available
Vendor-n/aCanonical Ltd.Net-SNMPNetApp, Inc.
Product-net-snmpubuntu_linuxsmi-s_providercloud_backupsolidfire_\&_hci_management_noden/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-47519
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.25%
||
7 Day CHG~0.00%
Published-18 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from Wi-Fi management frames.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, IncNetApp, Inc.
Product-h410s_firmwareh500slinux_kernelh410sh700sh700s_firmwareh500s_firmwareh410cdebian_linuxh410c_firmwareh300s_firmwareh300sn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-21220
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.46%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus(R) Prime Pro Edition
CWE ID-CWE-611
Improper Restriction of XML External Entity Reference
CVE-2022-21128
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.87%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:35
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-advisorIntel(R) Advisor software
CVE-2022-47518
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.82%
||
7 Day CHG~0.00%
Published-18 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, IncNetApp, Inc.
Product-h410s_firmwareh500slinux_kernelh410sh700sh700s_firmwareh500s_firmwareh410cdebian_linuxh410c_firmwareh300s_firmwareh300sn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-8705
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.60% / 68.46%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:06
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30, Intel(R) SPS versions before E5_04.01.04.400, E3_04.01.04.200, SoC-X_04.00.04.200 and SoC-A_04.00.04.300 may allow an unauthenticated user to potentially enable escalation of privileges via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_platform_servicesconverged_security_and_manageability_enginetrusted_execution_technologyIntel(R) Boot Guard, Intel(R) CSME, Intel(R) TXE, Intel(R) SPS
CWE ID-CWE-1188
Initialization of a Resource with an Insecure Default
CVE-2022-21229
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.12%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 00:00
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions for some Intel(R) NUC 9 Extreme Laptop Kit drivers before version 2.2.0.22 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-lapqc71clapqc71blapqc71acontrol_centerlapqc71dIntel(R) NUC 9 Extreme Laptop Kit drivers
CVE-2022-46656
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.36%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_pro_software_suiteIntel(R) NUC Pro Software Suite
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-21204
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.84%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus(R) Prime Pro Edition
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-29015
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 6.68%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-12 Sep, 2024 | 18:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) VTune(TM) Profiler software before versions 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_base_toolkitvtune_profilerIntel(R) VTune(TM) Profiler softwareoneapi_base_toolkitvtune_profiler
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-45112
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.05% / 15.08%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-10 Oct, 2024 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) VROC software before version 8.0.0.4035 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-virtual_raid_on_cpuIntel(R) VROC software
CWE ID-CWE-284
Improper Access Control
CVE-2024-28887
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 6.68%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-12 Sep, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) IPP software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-integrated_performance_primitivesoneapi_base_toolkitIntel(R) IPP softwareipp_software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-44619
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.14% / 34.34%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managerIntel(R) DCM software
CWE ID-CWE-922
Insecure Storage of Sensitive Information
CVE-2022-1882
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.82%
||
7 Day CHG~0.00%
Published-26 May, 2022 | 00:00
Updated-03 Aug, 2024 | 00:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Action-Not Available
Vendor-n/aNetApp, Inc.Linux Kernel Organization, Inc
Product-h300eh500sh300s_firmwareh410c_firmwareh410sh300sh300e_firmwarelinux_kernelh500eh410s_firmwareh700s_firmwareh500s_firmwareh500e_firmwareh700eh410ch700e_firmwareh700skernel
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 18
  • 19
  • Next
Details not found