ByteOS Network

Vulnerability Details :

CVE-2025-27713

Assigner-intel

Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce

Published At-11 Nov, 2025 | 16:50

Updated At-26 Feb, 2026 | 16:57

Out-of-bounds write for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:intel

Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce

Published At:11 Nov, 2025 | 16:50

Updated At:26 Feb, 2026 | 16:57

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

n/a

Product

Intel(R) QAT Windows software

Default Status

unaffected

Versions

Affected

before version 2.6.0.

Problem Types

Type	CWE ID	Description
N/A	N/A	Escalation of Privilege
CWE	CWE-787	Out-of-bounds Write

Type: N/A

CWE ID: N/A

Description: Escalation of Privilege

Type: CWE

CWE ID: CWE-787

Description: Out-of-bounds Write

Metrics

Version	Base score	Base severity	Vector
3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
4.0	7.3	HIGH	CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Version: 3.1

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Version: 4.0

Base score: 7.3

Base severity: HIGH

Vector:

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References

Hyperlink	Resource
https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01373.html	N/A

Hyperlink: https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01373.html

Resource: N/A

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Metrics Other Info

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:secure@intel.com

Published At:11 Nov, 2025 | 17:15

Updated At:26 Nov, 2025 | 15:40

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	7.3	HIGH	CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary	3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Type: Secondary

Version: 4.0

Base score: 7.3

Base severity: HIGH

Vector:

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Type: Secondary

Version: 3.1

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CPE Matches

Intel Corporation

>>quickassist_technology>>Versions before 2.6.0-0018(exclusive)

cpe:2.3:a:intel:quickassist_technology:*:*:*:*:*:windows:*:*

Weaknesses

CWE ID	Type	Source
CWE-787	Primary	secure@intel.com

CWE ID: CWE-787

Type: Primary

Source: secure@intel.com

References

Hyperlink	Source	Resource
https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01373.html	secure@intel.com	Vendor Advisory

Hyperlink: https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01373.html

Source: secure@intel.com

Resource:

Vendor Advisory

Similar CVEs

90Records found

CVE-2022-21804

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-8.4||HIGH

EPSS-0.17% / 37.63%

7 Day CHG~0.00%

Published-10 May, 2023 | 13:16

Updated-27 Jan, 2025 | 18:06

Out-of-bounds write in software for the Intel QAT Driver for Windows before version 1.9.0-0008 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendor-n/a Intel Corporation

Product-quickassist_technology Intel QAT Driver for Windows

CWE ID-CWE-787

Out-of-bounds Write

CVE-2022-21172

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-6.7||MEDIUM

EPSS-0.14% / 34.89%

7 Day CHG~0.00%

Published-18 Aug, 2022 | 19:40

Updated-05 May, 2025 | 17:17

Out of bounds write for some Intel(R) PROSet/Wireless WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.

Vendor-n/a Intel Corporation

Product-proset_wi-fi_6e_ax210_firmware wi-fi_6e_ax411_firmware wi-fi_6e_ax211_firmware wi-fi_6e_ax411 wi-fi_6e_ax211 proset_wi-fi_6e_ax210 Intel(R) PROSet/Wireless WiFi products

CWE ID-CWE-787

Out-of-bounds Write

CVE-2022-32575

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-4.8||MEDIUM

EPSS-0.14% / 33.91%

7 Day CHG~0.00%

Published-16 Feb, 2023 | 20:00

Updated-27 Jan, 2025 | 18:15

Out-of-bounds write in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendor-n/a Intel Corporation

Product-trace_analyzer_and_collector Intel(R) Trace Analyzer and Collector software

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-31858

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-7.3||HIGH

EPSS-0.03% / 9.37%

7 Day CHG~0.00%

Published-12 Feb, 2025 | 21:16

Updated-26 Feb, 2026 | 19:08

Out-of-bounds write for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendor-n/a Intel Corporation

Product-quickassist_technology Intel(R) QuickAssist Technology software

CWE ID-CWE-787

Out-of-bounds Write

CVE-2022-29277

Matching Score-6

Assigner-MITRE Corporation

View Details

Matching Score-6

Assigner-MITRE Corporation

CVSS Score-8.8||HIGH

EPSS-0.05% / 15.23%

7 Day CHG~0.00%

Published-15 Nov, 2022 | 00:00

Updated-30 Apr, 2025 | 15:15

Incorrect pointer checks within the the FwBlockServiceSmm driver can allow arbitrary RAM modifications During review of the FwBlockServiceSmm driver, certain instances of SpiAccessLib could be tricked into writing 0xff to arbitrary system and SMRAM addresses. Fixed in: INTEL Purley-R: 05.21.51.0048 Whitley: 05.42.23.0066 Cedar Island: 05.42.11.0021 Eagle Stream: 05.44.25.0052 Greenlow/Greenlow-R(skylake/kabylake): Trunk Mehlow/Mehlow-R (CoffeeLake-S): Trunk Tatlow (RKL-S): Trunk Denverton: 05.10.12.0042 Snow Ridge: Trunk Graneville DE: 05.05.15.0038 Grangeville DE NS: 05.27.26.0023 Bakerville: 05.21.51.0026 Idaville: 05.44.27.0030 Whiskey Lake: Trunk Comet Lake-S: Trunk Tiger Lake H/UP3: 05.43.12.0052 Alder Lake: 05.44.23.0047 Gemini Lake: Not Affected Apollo Lake: Not Affected Elkhart Lake: 05.44.30.0018 AMD ROME: trunk MILAN: 05.36.10.0017 GENOA: 05.52.25.0006 Snowy Owl: Trunk R1000: 05.32.50.0018 R2000: 05.44.30.0005 V2000: Trunk V3000: 05.44.30.0007 Ryzen 5000: 05.44.30.0004 Embedded ROME: Trunk Embedded MILAN: Trunk Hygon Hygon #1/#2: 05.36.26.0016 Hygon #3: 05.44.26.0007 https://www.insyde.com/security-pledge/SA-2022060

Vendor-n/a Advanced Micro Devices, Inc.Intel Corporation

Product-greenlow_firmware ryzen_5800x3d_firmware genoa granville_de snowy_owl_r2000 denverton_firmware hygon_2 eagle_stream ryzen_5700ge_firmware greenlow-r_firmware ryzen_5900x whiskey_lake ryzen_5600ge hygon_2_firmware ryzen_5300ge hygon_3_firmware eagle_stream_firmware comet_lake-s granville_de_firmware bakerville_firmware denverton ryzen_5800x3d snowy_owl_r1000 purley-r ryzen_5600ge_firmware tatlow ryzen_5300ge_firmware idaville ryzen_5700ge greenlow purley-r_firmware hygon_1_firmware snowy_owl_v3000_firmware ryzen_5950x_firmware ryzen_5800x hygon_1 alder_lake_firmware ryzen_5950x alder_lake rome cedar_island greenlow-r bakerville cedar_island_firmware ryzen_5600g_firmware snowy_owl_v2000_firmware ryzen_5600x_firmware mehlow-r ryzen_5900x_firmware whitley_firmware comet_lake-s_firmware snowy_owl_r1000_firmware mehlow_firmware grangeville_de_ns_firmware milan hygon_3 mehlow-r_firmware milan_firmware whiskey_lake_firmware ryzen_5600g whitley mehlow ryzen_5700g_firmware idaville_firmware ryzen_5600x snowy_owl_v2000 tiger_lake_h\/up3 rome_firmware grangeville_de_ns snowy_owl_r2000_firmware ryzen_5300g_firmware tiger_lake_h\/up3_firmware genoa_firmware ryzen_5700g snowy_owl_v3000 tatlow_firmware ryzen_5300g ryzen_5800x_firmware n/a

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-8679

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-5.5||MEDIUM

EPSS-0.05% / 15.59%

7 Day CHG~0.00%

Published-13 Aug, 2020 | 03:21

Updated-04 Aug, 2024 | 10:03

Out-of-bounds write in Kernel Mode Driver for some Intel(R) Graphics Drivers before version 26.20.100.7755 may allow an authenticated user to potentially enable denial of service via local access.

Vendor-n/a Intel Corporation

Product-graphics_drivers Intel(R) Graphics Drivers Advisory

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-23497

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-9.3||CRITICAL

EPSS-0.25% / 48.08%

7 Day CHG~0.00%

Published-14 Aug, 2024 | 13:45

Updated-12 Sep, 2024 | 18:26

Out-of-bounds write in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendor-n/a Intel Corporation

Product-ethernet_800_series_controllers_driver Intel(R) Ethernet Network Controllers and Adapters ethernet_complete_driver_pack

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-33833

Matching Score-6

Assigner-MITRE Corporation

View Details

Matching Score-6

Assigner-MITRE Corporation

CVSS Score-9.8||CRITICAL

EPSS-0.15% / 36.26%

7 Day CHG~0.00%

Published-09 Jun, 2021 | 17:44

Updated-03 Aug, 2024 | 23:58

ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA).

Vendor-n/a Intel Corporation Debian GNU/Linux

Product-debian_linux connection_manager n/a

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-33124

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-6.7||MEDIUM

EPSS-0.15% / 35.38%

7 Day CHG+0.01%

Published-12 May, 2022 | 16:36

Updated-05 May, 2025 | 17:17

Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Vendor-n/a Intel Corporation

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-33086

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-5.5||MEDIUM

EPSS-0.04% / 13.86%

7 Day CHG~0.00%

Published-17 Nov, 2021 | 18:59

Updated-03 Aug, 2024 | 23:42

Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of service via local access.

Vendor-n/a Intel Corporation

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-33137

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-7.8||HIGH

EPSS-0.06% / 17.88%

7 Day CHG~0.00%

Published-09 Feb, 2022 | 22:04

Updated-05 May, 2025 | 17:17

Out-of-bounds write in the Intel(R) Kernelflinger project may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendor-n/a Intel Corporation

Product-kernelflinger Intel(R) Kernelflinger project

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-33060

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-7.8||HIGH

EPSS-0.24% / 46.86%

7 Day CHG+0.01%

Published-18 Aug, 2022 | 19:58

Updated-05 May, 2025 | 17:17

Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendor-n/a NetApp, Inc.Intel Corporation

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-26675

Matching Score-6

Assigner-MITRE Corporation

View Details

Matching Score-6

Assigner-MITRE Corporation

CVSS Score-8.8||HIGH

EPSS-0.19% / 40.42%

7 Day CHG~0.00%

Published-09 Feb, 2021 | 15:47

Updated-03 Aug, 2024 | 20:26

A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code.

Vendor-n/a Intel Corporation openSUSE Debian GNU/Linux

Product-connman debian_linux leap n/a

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-30763

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-7.2||HIGH

EPSS-0.04% / 11.36%

7 Day CHG~0.00%

Published-12 May, 2023 | 14:01

Updated-24 Jan, 2025 | 15:24

Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may allow a privileged user to potentially enable escalation of privilege via local access.

Vendor-n/a Intel Corporation

Product-battery_life_diagnostic_tool soc_watch oneapi_base_toolkit Intel(R) SoC Watch based software

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-28401

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-5.2||MEDIUM

EPSS-0.07% / 20.77%

7 Day CHG~0.00%

Published-14 Nov, 2023 | 19:04

Updated-02 Aug, 2024 | 12:38

Out-of-bounds write in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow authenticated user to potentially enable escalation of privilege via local access.

Vendor-n/a Microsoft Corporation Intel Corporation

Product-windows arc_a_graphics iris_xe_graphics Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-0153

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-7.8||HIGH

EPSS-0.13% / 32.38%

7 Day CHG-0.03%

Published-12 May, 2022 | 16:36

Updated-05 May, 2025 | 17:16

Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Vendor-n/a Intel Corporation

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-0116

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-7.8||HIGH

EPSS-0.30% / 53.19%

7 Day CHG~0.00%

Published-09 Feb, 2022 | 22:04

Updated-05 May, 2025 | 17:16

Out-of-bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

Vendor-n/a NetApp, Inc.Intel Corporation

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-8752

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-9.8||CRITICAL

EPSS-0.86% / 74.80%

7 Day CHG~0.00%

Published-12 Nov, 2020 | 18:05

Updated-04 Aug, 2024 | 10:12

Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow an unauthenticated user to potentially enable escalation of privileges via network access.

Vendor-n/a Intel Corporation NetApp, Inc.

Product-cloud_backup active_management_technology_firmware standard_manageability Intel(R) AMT, Intel(R) ISM versions

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-8681

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-7.8||HIGH

EPSS-0.06% / 17.88%

7 Day CHG~0.00%

Published-13 Aug, 2020 | 03:18

Updated-04 Aug, 2024 | 10:03

Out of bounds write in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendor-n/a Intel Corporation

Product-graphics_drivers Intel(R) Graphics Drivers Advisory

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-24462

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-7.8||HIGH

EPSS-0.06% / 17.88%

7 Day CHG~0.00%

Published-17 Feb, 2021 | 13:49

Updated-04 Aug, 2024 | 15:12

Out of bounds write in the Intel(R) Graphics Driver before version 15.33.53.5161, 15.36.40.5162, 15.40.47.5166, 15.45.33.5164 and 27.20.100.8336 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Vendor-n/a Intel Corporation

Product-graphics_drivers Intel(R) Graphics Driver

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-24480

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-4.4||MEDIUM

EPSS-0.13% / 33.19%

7 Day CHG~0.00%

Published-17 Feb, 2021 | 13:45

Updated-04 Aug, 2024 | 15:12

Out-of-bounds write in the Intel(R) XTU before version 6.5.3.25 may allow a privileged user to potentially enable denial of service via local access.

Vendor-n/a Intel Corporation

Product-extreme_tuning_utility Intel(R) XTU

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-23569

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-7.8||HIGH

EPSS-0.13% / 32.64%

7 Day CHG~0.00%

Published-10 May, 2023 | 13:16

Updated-27 Jan, 2025 | 18:10

Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendor-n/a Intel Corporation

Product-trace_analyzer_and_collector oneapi_hpc_toolkit Intel(R) Trace Analyzer and Collector software

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-0200

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-6.7||MEDIUM

EPSS-0.12% / 31.23%

7 Day CHG~0.00%

Published-17 Nov, 2021 | 19:14

Updated-03 Aug, 2024 | 15:32

Out-of-bounds write in the firmware for Intel(R) Ethernet 700 Series Controllers before version 8.2 may allow a privileged user to potentially enable an escalation of privilege via local access.

Vendor-n/a Intel Corporation

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-0113

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-6.5||MEDIUM

EPSS-0.12% / 31.22%

7 Day CHG~0.00%

Published-09 Jun, 2021 | 19:00

Updated-03 Aug, 2024 | 15:32

Out of bounds write in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access.

Vendor-n/a Intel Corporation

Product-efi_bios_7215 server_board_m10jnp2sb Intel(R) Server Board M10JNP2SB

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-0075

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-5.5||MEDIUM

EPSS-0.05% / 15.59%

7 Day CHG~0.00%

Published-17 Nov, 2021 | 19:38

Updated-03 Aug, 2024 | 15:25

Out-of-bounds write in firmware for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and some Killer(TM) WiFi in Windows 10 may allow a privileged user to potentially enable denial of service via local access.

Vendor-n/a Intel Corporation

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-8740

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-6.7||MEDIUM

EPSS-0.22% / 44.14%

7 Day CHG~0.00%

Published-12 Nov, 2020 | 18:04

Updated-04 Aug, 2024 | 10:12

Out of bounds write in Intel BIOS platform sample code for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Vendor-n/a Intel Corporation NetApp, Inc.

Product-xeon_platinum_8153 xeon_w-2223 xeon_w-3245m xeon_e5-4610_v4 xeon_e7-8894_v4 xeon_gold_6230t xeon_gold_6146 xeon_e5-2660_v3 xeon_gold_6126t core_i7-6950x xeon_w-3225 xeon_e5-1680_v3 xeon_d-1527 xeon_e5-2697_v4 xeon_gold_5115 xeon_e5-2408l_v3 xeon_platinum_8170 xeon_gold_6136 xeon_w-2125 core_i9-10940x xeon_e5-4610_v3 xeon_gold_6138 xeon_e5-4650_v4 xeon_e7-8880_v4 xeon_e5-1630_v4 xeon_e5-4660_v3 xeon_e5-1660_v4 xeon_w-2295 xeon_e7-8891_v4 xeon_platinum_8164 core_i7-3960x xeon_gold_6234 xeon_e5-2603_v3 xeon_e5-2699r_v4 xeon_gold_6238r xeon_w-2255 xeon_d-1518 fas_bios xeon_gold_5215 xeon_e5-2667_v3 xeon_e5-4655_v3 xeon_d-2143it xeon_d-2163it xeon_platinum_8168 core_i9-7920x xeon_e5-2683_v4 xeon_e5-2608l_v4 xeon_e5-2699_v4 xeon_e5-2640_v3 xeon_gold_5218 xeon_e5-1620_v4 xeon_w-1270 xeon_d-1567 xeon_silver_4109t xeon_e5-2630l_v3 xeon_e5-4640_v4 xeon_e5-2690_v3 xeon_gold_5215l xeon_silver_4215r xeon_e5-4655_v4 xeon_gold_6138f xeon_e5-2658_v4 xeon_gold_5122 xeon_w-2245 xeon_e5-1630_v3 xeon_silver_4210t core_i9-7960x core_i7-7820x xeon_e5-2680_v3 xeon_e5-2699_v3 xeon_gold_6212u xeon_w-1270te core_i9-7980xe xeon_silver_4114 xeon_e5-2698_v3 core_i7-6900k core_i9-9940x xeon_bronze_3104 xeon_e7-8870_v4 xeon_w-1290t xeon_d-1571 xeon_gold_6238l xeon_e5-2637_v3 xeon_e5-1620_v3 xeon_d-2173it xeon_platinum_8156 xeon_d-2123it xeon_w-3265m xeon_d-1627 core_i7-3930k xeon_e5-2637_v4 xeon_w-2265 xeon_e5-2667_v4 xeon_e5-2687w_v3 xeon_d-1602 xeon_w-10855m xeon_e7-8890_v4 xeon_e5-2680_v4 xeon_gold_6126f xeon_d-1539 xeon_gold_5218t xeon_e5-2697a_v4 xeon_gold_6150 xeon_e5-1680_v4 xeon_gold_5220r xeon_gold_6140 xeon_e5-2690_v4 xeon_e5-2609_v4 xeon_d-2146nt xeon_platinum_8160f xeon_e5-2658_v3 xeon_e5-4660_v4 xeon_w-1270p xeon_gold_6210u core_i9-10920x xeon_d-2187nt core_i7-6850k xeon_gold_6126 core_i9-7940x core_i9-9960x xeon_d-2166nt xeon_w-1250e core_i7-3920xm xeon_silver_4216 xeon_e5-2643_v4 xeon_gold_6230 xeon_w-2195 xeon_e5-2630l_v4 xeon_e5-2699a_v4 xeon_e5-4667_v4 xeon_e5-2628l_v4 xeon_d-2183it xeon_silver_4116t xeon_e5-2630_v4 xeon_d-1622 xeon_e5-4667_v3 xeon_gold_6142f xeon_e5-2643_v3 xeon_d-2145nt xeon_e5-1650_v4 xeon_gold_6238 xeon_e5-2630_v3 xeon_gold_6130 xeon_e5-2650l_v4 xeon_w-1250p xeon_e5-4650_v3 core_i7-7800x core_i9-9920x xeon_silver_4208 xeon_e5-2623_v4 xeon_w-2123 xeon_gold_5220s xeon_w-3275m core_i7-3820 xeon_e5-2683_v3 xeon_silver_4110 xeon_bronze_3204 xeon_gold_5119t xeon_silver_4108 xeon_gold_6130t xeon_silver_4210 core_i7-9800x xeon_gold_5217 xeon_e7-8867_v4 xeon_gold_6230n core_i7-4960x xeon_w-3265 xeon_gold_5218n xeon_bronze_3106 xeon_gold_6138t xeon_w-3245 xeon_e5-2620_v4 xeon_gold_5120 xeon_e5-2618l_v3 xeon_d-1523n xeon_e5-2608l_v3 xeon_d-1540 hci_compute_node_bios xeon_gold_5220 xeon_platinum_8160t xeon_e5-2698_v4 xeon_d-1653n core_i7-7740x xeon_d-1528 xeon_silver_4214r core_i7-5820k xeon_d-1577 xeon_d-1637 xeon_e5-2697_v3 xeon_silver_4114t xeon_e5-4627_v4 xeon_e5-4669_v4 aff_bios xeon_gold_6154 xeon_d-2141i xeon_e5-2660_v4 xeon_d-1541 xeon_e7-4830_v4 core_i7-3940xm xeon_w-1250te xeon_w-1250 xeon_e5-2640_v4 hci_storage_node_bios xeon_gold_6208u core_i7-4940mx xeon_e7-8893_v4 xeon_w-1290e core_i7-4930k xeon_e5-1650_v3 xeon_gold_5222 xeon_w-3275 xeon_e5-2687w_v4 xeon_d-1553n xeon_silver_4209t xeon_e5-4620_v3 xeon_silver_4116 xeon_w-1270e xeon_d-1633n xeon_d-1548 core_i7-4820k xeon_d-1649n xeon_d-1529 xeon_e7-4820_v4 xeon_e5-2695_v3 xeon_platinum_8160 xeon_e5-2428l_v3 xeon_e7-4809_v4 xeon_e5-4648_v3 xeon_e5-1660_v3 xeon_gold_6148f xeon_d-1520 xeon_gold_6132 bios xeon_gold_6152 core_i9-9820x xeon_e5-2618l_v4 xeon_platinum_8158 xeon_w-2155 xeon_e5-2623_v3 core_i9-9900x xeon_e5-2418l_v3 xeon_e5-2658a_v3 xeon_w-1290p xeon_w-2135 xeon_gold_6222v xeon_platinum_8176 xeon_d-1623n xeon_w-2145 xeon_d-1531 xeon_gold_6142 xeon_e5-2650_v4 xeon_d-1533n xeon_gold_6128 core_i9-9980xe xeon_silver_4215 xeon_w-2235 xeon_d-2142it xeon_gold_5118 xeon_gold_6130f xeon_e5-2695_v4 core_i7-6800k core_i9-10900x xeon_silver_4214 xeon_silver_4210r xeon_d-2161i xeon_silver_4214y xeon_e5-2603_v4 core_i9-10980xe xeon_e5-2620_v3 xeon_e5-4628l_v4 xeon_gold_5218b xeon_e5-2670_v3 xeon_e7-8860_v4 xeon_e5-2648l_v3 core_i7-3970x xeon_gold_6138p xeon_e5-2609_v3 xeon_e5-2438l_v3 xeon_w-1290 xeon_platinum_8176f solidfire_bios xeon_w-10885m xeon_e5-2650_v3 xeon_e5-2648l_v4 xeon_e5-4620_v4 xeon_d-1513n xeon_d-1537 xeon_w-2275 xeon_w-1290te core_i9-7900x core_i5-7640x xeon_d-1543n xeon_gold_6209u xeon_silver_4112 xeon_w-3223 xeon_d-1559 xeon_gold_6226 xeon_d-1521 core_i7-5960x xeon_gold_5120t xeon_gold_6230r xeon_w-3175x xeon_gold_6134 xeon_e5-2628l_v3 xeon_e5-4640_v3 core_i7-4930mx xeon_w-3235 core_i7-5930k xeon_gold_5218r xeon_gold_6226r xeon_e5-4669_v3 xeon_w-2225 xeon_bronze_3206r xeon_w-2133 xeon_d-1557 xeon_gold_6148 xeon_e5-4627_v3 xeon_e7-4850_v4 xeon_gold_6144 xeon_e5-1428l_v3 xeon_platinum_8180 xeon_d-2177nt xeon_e5-2650l_v3 xeon_w-2175 xeon_gold_5220t Intel BIOS platform sample code for some Intel(R) Processors

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-8730

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-8.8||HIGH

EPSS-0.06% / 17.88%

7 Day CHG~0.00%

Published-13 Aug, 2020 | 02:24

Updated-04 Aug, 2024 | 10:12

Heap-based overflow for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendor-n/a Intel Corporation

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-8732

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-8.8||HIGH

EPSS-0.17% / 38.03%

7 Day CHG~0.00%

Published-13 Aug, 2020 | 02:52

Updated-04 Aug, 2024 | 10:12

Heap-based buffer overflow in the firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Vendor-n/a Intel Corporation

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-12375

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-6.7||MEDIUM

EPSS-0.07% / 21.45%

7 Day CHG~0.00%

Published-17 Feb, 2021 | 13:56

Updated-04 Aug, 2024 | 11:56

Heap overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendor-n/a Intel Corporation

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-12358

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-4.4||MEDIUM

EPSS-0.05% / 14.13%

7 Day CHG~0.00%

Published-09 Jun, 2021 | 18:50

Updated-04 Aug, 2024 | 11:56

Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.

Vendor-n/a NetApp, Inc.Intel Corporation Siemens AG

Product-xeon_platinum_8153 xeon_e3-1230_v5 xeon_e3-1558l_v5 xeon_w-3245m xeon_e5-4610_v4 xeon_e7-8894_v4 xeon_gold_6146 xeon_e5-2660_v3 core_i7-1068ng7 e-series_bios core_i7-1160g7 xeon_e5-1680_v3 xeon_d-1527 xeon_e5-2697_v4 xeon_gold_5115 xeon_platinum_8170 xeon_gold_6136 xeon_w-2125 core_i9-10940x xeon_e5-4610_v3 xeon_e5-4650_v4 xeon_e7-8880_v4 xeon_gold_6138 xeon_e5-1660_v4 simatic_ipc547g_firmware xeon_e7-8891_v4 xeon_platinum_8164 xeon_e-2226g xeon_e3-1280_v5 xeon_gold_6234 xeon_e5-2699r_v4 xeon_w-2255 xeon_d-1518 core_i7-11700 core_i7-6822eq core_i7-6700te xeon_e3-1501l_v6 xeon_gold_6262v core_i7-11370h xeon_e5-2683_v4 xeon_platinum_8168 core_i7-7600u xeon_e5-2608l_v4 xeon_e5-2640_v3 xeon_e-2224 xeon_gold_5218 xeon_e5-1620_v4 core_i7-11850h xeon_d-1567 xeon_e5-2630l_v3 xeon_e3-1505l_v6 xeon_e-2278ge xeon_e5-1607_v3 xeon_e5-4640_v4 xeon_gold_5117 xeon_gold_5122 xeon_w-2245 xeon_d-1587 xeon_e5-2699_v3 xeon_d-2191 xeon_gold_6248r core_i7-7820hk xeon_e5-2689_v4 xeon_e7-8870_v4 xeon_w-1290t core_i5-l16g7 xeon_gold_6240 core_i7-6970hq xeon_gold_6262 xeon_platinum_8156 xeon_e-2136 core_i7-10510u core_i7-1060g7 xeon_w-2265 xeon_e5-2667_v4 xeon_platinum_8274 xeon_w-10855m xeon_gold_6126f xeon_d-1539 xeon_e3-1535m_v5 xeon_e5-1680_v4 core_i7-7700 xeon_gold_5220r xeon_d-2146nt xeon_e3-1268l_v5 xeon_platinum_8160f xeon_e5-2658_v3 xeon_e5-4660_v4 core_i7-8750h xeon_e3-1501m_v6 xeon_gold_6250l xeon_gold_6210u xeon_d-2187nt xeon_platinum_8160m core_i7-10700f xeon_d-2166nt xeon_e3-1270_v6 xeon_e-2286m xeon_e3-1505m_v5 core_i7-10750h xeon_silver_4216 xeon_gold_6230 xeon_platinum_8253 xeon_e5-2630l_v4 xeon_w-2195 xeon_e5-4667_v4 xeon_e5-2628l_v4 xeon_e-2276g xeon_e5-2685_v3 xeon_w-1390 xeon_e-2186g xeon_d-2183it xeon_silver_4116t xeon_e-2174g xeon_e5-2630_v4 xeon_d-1622 core_i7-8809g xeon_e5-4667_v3 xeon_platinum_8160h core_i7-8700b xeon_e5-2643_v3 xeon_d-2145nt xeon_d-1581 xeon_e5-1650_v4 xeon_gold_6238 xeon_e5-2630_v3 xeon_w-1250p xeon_silver_4208 xeon_e3-1585_v5 xeon_w-2104 xeon_e5-2623_v4 core_i7-6560u xeon_w-2123 xeon_gold_5220s xeon_w-3275m xeon_platinum_9282 xeon_e5-2683_v3 core_i7-10700e xeon_silver_4108 xeon_gold_6130t xeon_silver_4210 core_i7-11700kf cloud_backup core_i7-10870h xeon_e7-8867_v4 xeon_bronze_3106 xeon_w-2102 xeon_e-2274g core_i7-10700k xeon_e-2278gel xeon_d-1540 xeon_e3-1280_v6 hci_compute_node_bios xeon_e5-2698_v4 xeon_platinum_8160t core_i7-11700k xeon_d-1528 xeon_silver_4214r core_i7-6500u xeon_e5-2697_v3 xeon_e5-4627_v4 xeon_e-2124 core_i7-10710u xeon_d-2141i core_i7-10700kf xeon_d-1541 xeon_e5-2660_v4 xeon_e7-4830_v4 xeon_w-1250te xeon_platinum_8268 xeon_platinum_8176m xeon_e-2276me core_i7-8565u xeon_gold_5222 xeon_e5-2687w_v4 xeon_e5-1603_v3 core_i7-7560u xeon_gold_5117f xeon_e3-1535m_v6 xeon_d-1548 xeon_d-1649n xeon_d-1529 xeon_platinum_9221 xeon_e3-1220_v5 xeon_platinum_8160 xeon_e5-2428l_v3 core_i7-6700hq xeon_e7-4809_v4 xeon_e5-4648_v3 xeon_gold_6122 xeon_silver_4123 xeon_gold_6148f xeon_gold_6132 bios xeon_e5-2618l_v4 xeon_w-2155 xeon_gold_6137 core_i7-7500u core_i7-8550u xeon_e-2224g xeon_w-2135 xeon_d-1623n xeon_w-2145 xeon_e-2226ge core_i7-6650u xeon_gold_6142 core_i7-10610u core_i7-8500y core_i7-7567u xeon_silver_4214 xeon_w-1390p xeon_d-2161i xeon_silver_4210r xeon_d-1632 core_i7-7820hq xeon_e3-1585l_v5 xeon_e5-2620_v3 xeon_e5-2670_v3 xeon_gold_5218b xeon_e5-2648l_v3 xeon_gold_6142m xeon_e5-2609_v3 xeon_e3-1275_v5 xeon_e5-2438l_v3 xeon_e3-1240_v5 xeon_e5-2650_v3 xeon_gold_6222 core_i7-6567u xeon_e5-2648l_v4 xeon_e5-4620_v4 xeon_e7-8855_v4 xeon_d-1513n xeon_d-1537 xeon_e3-1515m_v5 xeon_w-1290te xeon_e3-1225_v5 xeon_gold_6209u xeon_silver_4112 xeon_d-1559 xeon_w-3223 xeon_gold_5120t xeon_w-3175x xeon_gold_6134 xeon_gold_6162 xeon_e5-2628l_v3 xeon_e-2254me xeon_w-3235 core_i7-7y75 xeon_e5-4669_v3 xeon_w-2225 xeon_gold_6130h xeon_w-2133 core_i7-6700 xeon_d-1557 xeon_e5-4627_v3 xeon_e7-4850_v4 xeon_gold_6148 xeon_e3-1505m_v6 xeon_gold_6144 xeon_gold_6140m xeon_gold_5220t xeon_platinum_8276l xeon_w-2223 xeon_e5-2679_v4 core_i7-7700k core_i7-8705g xeon_e-2276m core_i7-8665u xeon_gold_6129 xeon_platinum_9222 xeon_gold_6230t core_i7-7660u core_i7-6600u core_i7-8706g xeon_gold_6126t core_i7-11700f xeon_platinum_8165 xeon_w-3225 xeon_gold_6135 xeon_e3-1565l_v5 xeon_e-2236 xeon_w-1370 core_i7-10850h xeon_e5-1603_v4 core_i7-1185gre xeon_e5-2408l_v3 core_i7-11375h xeon_e3-1240_v6 xeon_d-1573n core_i7-8700 core_i7-7700t core_i7-10700t xeon_e5-1630_v4 xeon_e5-4660_v3 xeon_gold_6246 core_i7-8086k xeon_w-2295 core_i7-6770hq core_i7-8700k xeon_e5-2603_v3 fas_bios xeon_e-2134 xeon_e5-2667_v3 xeon_gold_5215 xeon_e5-4655_v3 xeon_d-2143it xeon_d-2163it xeon_e5-2699_v4 xeon_e3-1285_v6 xeon_w-1390t xeon_w-1270 xeon_e3-1225_v6 xeon_platinum_8284 xeon_silver_4109t core_i7-10510y xeon_e3-1240l_v5 xeon_e5-2690_v3 xeon_e5-4655_v4 xeon_gold_5215l xeon_silver_4215r xeon_e5-2658_v4 xeon_gold_6138f core_i7-11800h xeon_e5-1630_v3 xeon_silver_4210t xeon_e5-2680_v3 xeon_gold_6212u xeon_e3-1205_v6 core_i7-7700hq xeon_w-1270te xeon_silver_4114 xeon_e5-2698_v3 core_i7-6498du xeon_e3-1245_v5 core_i7-6870hq xeon_gold_6258r xeon_bronze_3104 xeon_d-1571 xeon_gold_6240l xeon_gold_6238l xeon_e5-2637_v3 xeon_e5-1620_v3 xeon_gold_6250 xeon_d-2173it core_i7-11700t xeon_w-11855m xeon_d-2123it xeon_gold_5219y xeon_e-2246g xeon_w-3265m xeon_d-1627 xeon_e5-2637_v4 xeon_e5-2687w_v3 xeon_d-1602 xeon_e7-8890_v4 xeon_e5-2680_v4 xeon_gold_5218t xeon_e5-2697a_v4 xeon_gold_6150 xeon_gold_6140 xeon_e5-2690_v4 xeon_e5-2609_v4 core_i7-7920hq xeon_platinum_8174 xeon_d-1612 xeon_e-2254ml xeon_e3-1545m_v5 core_i7-10700 core_i9-10920x xeon_e3-1578l_v5 core_i7-6660u xeon_e3-1270_v5 xeon_gold_6126 xeon_e3-1260l_v5 xeon_w-1250e xeon_e5-2643_v4 xeon_d-1563n xeon_e5-2699a_v4 core_i7-10875h xeon_e-2276ml xeon_e-2244g xeon_e-2176g xeon_gold_6142f core_i3-l13g4 core_i7-8709g xeon_e5-4650_v3 xeon_e5-2650l_v4 xeon_gold_6130 xeon_e-2104g xeon_platinum_8260 core_i7-8557u simatic_ipc547g core_i7-8700t xeon_platinum_9242 core_i7-6820hq xeon_platinum_8280l xeon_silver_4110 core_i7-8650u xeon_bronze_3204 xeon_gold_5119t core_i7-1180g7 core_i7-6700t core_i7-6920hq xeon_gold_6246r xeon_e3-1230_v6 xeon_gold_5217 xeon_gold_6230n xeon_gold_6143 xeon_w-3265 xeon_gold_5218n xeon_e5-2620_v4 xeon_gold_6138t xeon_w-3245 xeon_gold_5120 core_i7-1185g7 core_i7-1195g7 xeon_e-2124g core_i7-1165g7 xeon_e5-2618l_v3 xeon_d-1523n xeon_e5-2608l_v3 core_i7-10700te xeon_e-2288g xeon_d-1653n xeon_gold_5220 xeon_e-2234 xeon_d-1577 xeon_d-1637 xeon_gold_6254 xeon_gold_6269y xeon_silver_4114t core_i7-6700k xeon_gold_6240y xeon_e5-4669_v4 aff_bios xeon_gold_6154 xeon_w-1250 xeon_e5-2640_v4 hci_storage_node_bios xeon_gold_6208u xeon_e7-8893_v4 xeon_w-1290e xeon_e5-1650_v3 xeon_w-3275 core_i7-11700b xeon_d-1553n xeon_e-2126g xeon_silver_4209t xeon_e5-4620_v3 xeon_silver_4116 xeon_w-1270e xeon_d-1633n core_i7-7820eq xeon_gold_6252n xeon_e7-4820_v4 xeon_gold_6244 xeon_e5-2695_v3 xeon_gold_6248 xeon_e3-1220_v6 xeon_w-1370p xeon_platinum_8280 xeon_e-2186m xeon_e5-1660_v3 xeon_d-1520 xeon_e-2176m core_i7-6785r core_i7-6820hk xeon_platinum_8256 xeon_gold_6152 core_i7-1060ng7 xeon_e5-2623_v3 xeon_platinum_8158 xeon_e5-2658a_v3 xeon_e5-2418l_v3 xeon_w-1290p xeon_e-2286g xeon_gold_6222v xeon_platinum_8176 xeon_gold_6242 xeon_e3-1275_v6 xeon_d-1531 core_i7-10810u xeon_e3-1575m_v5 xeon_e-2278g xeon_e5-2650_v4 xeon_platinum_8260y xeon_e3-1505l_v5 xeon_platinum_8270 xeon_d-1533n xeon_gold_6242r xeon_e3-1245_v6 xeon_gold_6128 xeon_silver_4215 xeon_d-2142it xeon_platinum_8180m core_i7-8850h xeon_gold_5118 xeon_w-2235 xeon_e5-2695_v4 xeon_gold_6130f xeon_w-11955m core_i7-6820eq xeon_gold_6134m core_i9-10900x xeon_platinum_8276 xeon_gold_6238t xeon_e3-1235l_v5 xeon_silver_4214y xeon_e5-2603_v4 core_i9-10980xe xeon_e5-4628l_v4 xeon_e7-8860_v4 xeon_w-1350 xeon_silver_4106h xeon_gold_6138p core_i7-8665ue xeon_w-1290 xeon_platinum_8176f xeon_d-1524n solidfire_bios xeon_gold_6240r xeon_w-10885m xeon_w-2275 xeon_d-1543n xeon_gold_6226 xeon_e-2144g xeon_gold_6256 xeon_d-1521 xeon_w-1350p xeon_gold_6230r core_i7-8569u xeon_gold_6252 xeon_e5-4640_v3 core_i7-1185g7e xeon_gold_5218r xeon_gold_6226r xeon_bronze_3206r xeon_e5-1607_v4 core_i7-1065g7 xeon_platinum_8260l xeon_e5-1428l_v3 core_i7-8559u xeon_platinum_8170m xeon_e-2146g xeon_platinum_8180 xeon_d-2177nt xeon_e5-2650l_v3 xeon_w-2175 Intel(R) Processors

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-12386

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-5.5||MEDIUM

EPSS-0.05% / 15.59%

7 Day CHG~0.00%

Published-17 Feb, 2021 | 13:52

Updated-04 Aug, 2024 | 11:56

Out-of-bounds write in some Intel(R) Graphics Drivers before version 15.36.39.5143 may allow an authenticated user to potentially enable denial of service via local access.

Vendor-n/a Intel Corporation

Product-graphics_drivers Intel(R) Graphics Drivers

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-12369

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-7.8||HIGH

EPSS-0.06% / 17.88%

7 Day CHG~0.00%

Published-17 Feb, 2021 | 13:50

Updated-04 Aug, 2024 | 11:56

Out of bound write in some Intel(R) Graphics Drivers before version 26.20.100.8336 may allow a privileged user to potentially enable escalation of privilege via local access.

Vendor-n/a Intel Corporation

Product-graphics_drivers Intel(R) Graphics Drivers

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-3491

Matching Score-4

Assigner-Canonical Ltd.

View Details

Matching Score-4

Assigner-Canonical Ltd.

CVSS Score-7.8||HIGH

EPSS-0.06% / 18.56%

7 Day CHG~0.00%

Published-04 Jun, 2021 | 01:40

Updated-16 Sep, 2024 | 22:09

Linux kernel io_uring PROVIDE_BUFFERS MAX_RW_COUNT bypass

The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc/<PID>/mem. This could be used to create a heap overflow leading to arbitrary code execution in the kernel. It was addressed via commit d1f82808877b ("io_uring: truncate lengths larger than MAX_RW_COUNT on provide buffers") (v5.13-rc1) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced in ddf0322db79c ("io_uring: add IORING_OP_PROVIDE_BUFFERS") (v5.7-rc1).

Vendor-Linux Kernel Organization, Inc Canonical Ltd.

Product-ubuntu_linux linux_kernel Linux kernel

CWE ID-CWE-131

Incorrect Calculation of Buffer Size

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-22045

Matching Score-4

Assigner-VMware by Broadcom

View Details

Matching Score-4

Assigner-VMware by Broadcom

CVSS Score-7.8||HIGH

EPSS-2.14% / 83.98%

7 Day CHG~0.00%

Published-04 Jan, 2022 | 21:39

Updated-03 Aug, 2024 | 18:30

VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute code on the hypervisor from a virtual machine.

Vendor-n/a Apple Inc.VMware (Broadcom Inc.)

Product-workstation mac_os_x fusion esxi cloud_foundation VMware ESXi, VMware Workstation and VMware Fusion

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-9419

Matching Score-4

Assigner-HP Inc.

View Details

Matching Score-4

Assigner-HP Inc.

CVSS Score-7.8||HIGH

EPSS-3.37% / 87.19%

7 Day CHG~0.00%

Published-30 Oct, 2024 | 17:25

Updated-26 Jan, 2026 | 18:00

Certain HP Print Products–Potential Remote Code Execution and/or Elevation of Privilege with the HP Smart Universal Printing Driver

Client / Server PCs with the HP Smart Universal Printing Driver installed are potentially vulnerable to Remote Code Execution and/or Elevation of Privilege. A client using the HP Smart Universal Printing Driver that sends a print job comprised of a malicious XPS file could potentially lead to Remote Code Execution and/or Elevation of Privilege on the PC.

Vendor-HP Inc.

Product-smart_universal_printing_driver HP Smart Universal Printing Driver smart_universal_printing_driver

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-3600

Matching Score-4

Assigner-Canonical Ltd.

View Details

Matching Score-4

Assigner-Canonical Ltd.

CVSS Score-7.8||HIGH

EPSS-0.16% / 37.08%

7 Day CHG~0.00%

Published-08 Jan, 2024 | 18:16

Updated-04 Sep, 2024 | 16:35

It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code.

Vendor-Red Hat, Inc.Linux Kernel Organization, Inc Canonical Ltd.Fedora Project

Product-ubuntu_linux fedora linux_kernel enterprise_linux linux

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-125

Out-of-bounds Read

CVE-2021-3489

Matching Score-4

Assigner-Canonical Ltd.

View Details

Matching Score-4

Assigner-Canonical Ltd.

CVSS Score-7.8||HIGH

EPSS-0.08% / 22.82%

7 Day CHG~0.00%

Published-04 Jun, 2021 | 01:40

Updated-16 Sep, 2024 | 20:21

Linux kernel eBPF RINGBUF map oversized allocation

The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via commit 4b81ccebaeee ("bpf, ringbuf: Deny reserve of buffers larger than ringbuf") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced via 457f44363a88 ("bpf: Implement BPF ring buffer and verifier support for it") (v5.8-rc1).

Vendor-Linux Kernel Organization, Inc Canonical Ltd.

Product-ubuntu_linux linux_kernel Linux kernel

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2021-3490

Matching Score-4

Assigner-Canonical Ltd.

View Details

Matching Score-4

Assigner-Canonical Ltd.

CVSS Score-7.8||HIGH

EPSS-3.70% / 87.78%

7 Day CHG~0.00%

Published-04 Jun, 2021 | 01:40

Updated-16 Sep, 2024 | 22:29

Linux kernel eBPF bitwise ops ALU32 bounds tracking

The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e ("bpf: Fix alu32 const subreg bound tracking on bitwise operations") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. The AND/OR issues were introduced by commit 3f50f132d840 ("bpf: Verifier, do explicit ALU32 bounds tracking") (5.7-rc1) and the XOR variant was introduced by 2921c90d4718 ("bpf:Fix a verifier failure with xor") ( 5.10-rc1).

Vendor-Linux Kernel Organization, Inc Canonical Ltd.

Product-ubuntu_linux linux_kernel Linux kernel

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-20

Improper Input Validation

CWE ID-CWE-125

Out-of-bounds Read

CVE-2021-21703

Matching Score-4

Assigner-PHP Group

View Details

Matching Score-4

Assigner-PHP Group

CVSS Score-7.8||HIGH

EPSS-0.13% / 33.01%

7 Day CHG~0.00%

Published-25 Oct, 2021 | 05:40

Updated-17 Sep, 2024 | 03:02

PHP-FPM memory access in root process leading to privilege escalation

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user.

Vendor-NetApp, Inc.Oracle Corporation Fedora Project Debian GNU/Linux The PHP Group

Product-communications_diameter_signaling_router clustered_data_ontap php debian_linux fedora PHP

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-284

Improper Access Control

CVE-2020-8835

Matching Score-4

Assigner-Canonical Ltd.

View Details

Matching Score-4

Assigner-Canonical Ltd.

CVSS Score-7.8||HIGH

EPSS-26.55% / 96.25%

7 Day CHG~0.00%

Published-02 Apr, 2020 | 18:00

Updated-17 Sep, 2024 | 02:15

Linux kernel bpf verifier vulnerability

In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780)

Vendor-Linux kernel NetApp, Inc.Fedora Project Linux Kernel Organization, Inc Canonical Ltd.

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-125

Out-of-bounds Read

CVE-2025-27713

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs