Intel Intel

Do you want an email whenever new security vulnerabilities are reported in any Intel product?

Products by Intel Sorted by Most Security Vulnerabilities since 2018

Intel Graphics Driver50 vulnerabilities

Intel Core I5 10310y19 vulnerabilities

Intel Core I7 10510u19 vulnerabilities

Intel Core I5 10210y19 vulnerabilities

Intel Core I7 10700k19 vulnerabilities

Intel Core I5 10210u19 vulnerabilities

Intel Core I7 10510y19 vulnerabilities

Intel Core I5 1035g118 vulnerabilities

Intel Core I5 1145g718 vulnerabilities

Intel Core I5 11260h18 vulnerabilities

Intel Core I5 11600k18 vulnerabilities

Intel Core I7 11375h18 vulnerabilities

Intel Core I7 11700k18 vulnerabilities

Intel Core I5 1135g718 vulnerabilities

Intel Core I7 8665u18 vulnerabilities

Intel Core I9 11900f18 vulnerabilities

Intel Core I5 11600kf18 vulnerabilities

Intel Core I7 1185g718 vulnerabilities

Intel Core I7 7700k18 vulnerabilities

Intel Core I9 11900h18 vulnerabilities

Intel Core I5 1030g418 vulnerabilities

Intel Core I5 1140018 vulnerabilities

Intel Core I5 11400f18 vulnerabilities

Intel Core I5 11400h18 vulnerabilities

Intel Core I5 11400t18 vulnerabilities

Intel Core I9 11950h18 vulnerabilities

Intel Core I7 1160g718 vulnerabilities

Intel Core I9 11900t18 vulnerabilities

Intel Core I7 11850h18 vulnerabilities

Intel Core I7 11700kf18 vulnerabilities

Intel Core I5 11300h18 vulnerabilities

Intel Core I5 11320h18 vulnerabilities

Intel Core I5 1130g718 vulnerabilities

Intel Core I7 1065g718 vulnerabilities

Intel Core I7 1185g7e18 vulnerabilities

Intel Core I5 1145gre18 vulnerabilities

Intel Xeon Bronze 310618 vulnerabilities

Intel Core I9 11980hk18 vulnerabilities

Intel Core I7 1185gre18 vulnerabilities

Intel Core I5 1035g718 vulnerabilities

Intel Core I5 1140g718 vulnerabilities

Intel Core I5 11500t18 vulnerabilities

Intel Core I7 11700f18 vulnerabilities

Intel Core I5 1035g418 vulnerabilities

Intel Core I7 10710u18 vulnerabilities

Intel Core I5 1160018 vulnerabilities

Intel Core I5 1145g7e18 vulnerabilities

Intel Core I7 1060g718 vulnerabilities

Intel Core I7 11370h18 vulnerabilities

Intel Data Center Manager18 vulnerabilities

Intel Core I7 1180g718 vulnerabilities

Intel Core I7 1170018 vulnerabilities

Intel Core I5 11600t18 vulnerabilities

Intel Core I9 11900k18 vulnerabilities

Intel Core I5 1150018 vulnerabilities

Intel Core I5 1155g718 vulnerabilities

Intel Core I5 1030g718 vulnerabilities

Intel Core I7 11800h18 vulnerabilities

Intel Core I9 11900kf18 vulnerabilities

Intel Core I7 1165g718 vulnerabilities

Intel Core I5 11500h18 vulnerabilities

Intel Core I7 8565u18 vulnerabilities

Intel Core I9 1190018 vulnerabilities

Intel Core I7 11390h18 vulnerabilities

Intel Core I7 1195g718 vulnerabilities

Intel Xeon Bronze 310418 vulnerabilities

Intel Core I7 8500y18 vulnerabilities

Intel Core I7 11700t18 vulnerabilities

Intel Core I7 10700t17 vulnerabilities

Intel Core I7 10810u17 vulnerabilities

Intel Core I7 10750h17 vulnerabilities

Intel Core I9 10900te17 vulnerabilities

Intel Core I9 1090017 vulnerabilities

Intel Core I5 10400h17 vulnerabilities

Intel Core I7 7740x17 vulnerabilities

Intel Core I5 10500t17 vulnerabilities

Intel Core I5 10500te17 vulnerabilities

Intel Core I5 1050517 vulnerabilities

Intel Core I5 1060017 vulnerabilities

Intel Core I5 10600k17 vulnerabilities

Intel Core I5 10600kf17 vulnerabilities

Intel Core I5 10600t17 vulnerabilities

Intel Core I9 10900e17 vulnerabilities

Intel Core I7 11850he17 vulnerabilities

Intel Core I9 10900kf17 vulnerabilities

Intel Core I9 10900f17 vulnerabilities

Intel Core I9 10980hk17 vulnerabilities

Intel Core I9 10900k17 vulnerabilities

Intel Core I7 10700f17 vulnerabilities

Intel Core I7 10700kf17 vulnerabilities

Intel Core I7 10875h17 vulnerabilities

Intel Core I9 10850k17 vulnerabilities

Intel Core I5 10200h17 vulnerabilities

Intel Core I7 10850h17 vulnerabilities

Intel Core I7 10870h17 vulnerabilities

Intel Core I9 10900t17 vulnerabilities

Intel Core I9 10885h17 vulnerabilities

@intel Tweets

Here’s a rising star �� to celebrate on #InternationalWomeninEngineeringDay. @KrishaWaghela, a student in our… https://t.co/ls9O056yGe
Thu Jun 23 15:00:24 +0000 2022

He's a 10 but he codes so 10101. ��‍��
Tue Jun 21 21:26:41 +0000 2022

Technology has the potential to solve complex challenges – See how @NithyaRamanath1 developed portable sensors to m… https://t.co/bxn5Oxz8yN
Tue Jun 21 16:03:00 +0000 2022

The fastest show on dirt! @PurdueBaseball is using our 3DAT visualization technology to help players identify techn… https://t.co/T8YlHbgjGk
Mon Jun 20 20:03:00 +0000 2022

Filmmakers like Anton Lorimer need laptops and editing systems to be able to keep up so that their ideas and creati… https://t.co/az7UgqyV3j
Mon Jun 20 17:00:31 +0000 2022

By the Year

In 2022 there have been 48 vulnerabilities in Intel with an average score of 6.6 out of ten. Last year Intel had 49 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Intel in 2022 could surpass last years number. Last year, the average CVE base score was greater by 0.57

Year Vulnerabilities Average Score
2022 48 6.61
2021 49 7.18
2020 114 6.92
2019 150 6.54
2018 72 6.65

It may take a day or so for new Intel vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Intel Security Vulnerabilities

Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may

CVE-2022-21125 5.5 - Medium - June 15, 2022

Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Insufficient Cleanup

Incomplete cleanup in specific special register read operations for some Intel(R) Processors may

CVE-2022-21127 5.5 - Medium - June 15, 2022

Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Insufficient Cleanup

Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may

CVE-2022-21123 5.5 - Medium - June 15, 2022

Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Insufficient Cleanup

Uncontrolled resource consumption in the Linux kernel drivers for Intel(R) SGX may

CVE-2021-33135 5.5 - Medium - May 12, 2022

Uncontrolled resource consumption in the Linux kernel drivers for Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access.

Resource Exhaustion

Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may

CVE-2022-21128 7.8 - High - May 12, 2022

Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper Privilege Management

Uncontrolled search path in the Intel(R) XTU software before version 7.3.0.33 may

CVE-2022-22139 7.3 - High - May 12, 2022

Uncontrolled search path in the Intel(R) XTU software before version 7.3.0.33 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Improper input validation in the Intel(R) In-Band Manageability software before version 2.13.0 may

CVE-2021-33108 6.7 - Medium - May 12, 2022

Improper input validation in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via local access.

Improper Input Validation

Improper input validation for the Intel(R) Manageability Commander before version 2.2 may

CVE-2021-0126 8 - High - May 12, 2022

Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.

Improper Input Validation

Improper access control in the Intel(R) In-Band Manageability software before version 2.13.0 may

CVE-2021-0194 7.2 - High - May 12, 2022

Improper access control in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access.

authentification

Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may

CVE-2021-26258 7.8 - High - May 12, 2022

Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may allow an authorized user to potentially enable escalation of privilege via local access.

AuthZ

Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege

CVE-2021-33150 6.8 - Medium - March 11, 2022

Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may

CVE-2022-0001 6.5 - Medium - March 11, 2022

Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may

CVE-2022-0002 6.5 - Medium - March 11, 2022

Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

Improper access control in the firmware for some Intel(R) Processors may

CVE-2021-0091 7.8 - High - February 09, 2022

Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access.

Improper Privilege Management

Improper access control in the firmware for some Intel(R) Processors may

CVE-2021-0092 4.4 - Medium - February 09, 2022

Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access.

Resource Exhaustion

Incorrect default permissions in the firmware for some Intel(R) Processors may

CVE-2021-0093 4.4 - Medium - February 09, 2022

Incorrect default permissions in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access.

Incorrect Default Permissions

Insufficient control flow management in the firmware for some Intel(R) Processors may

CVE-2021-0099 7.8 - High - February 09, 2022

Insufficient control flow management in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local access.

Improper Privilege Management

Insufficient control flow management in the firmware for some Intel(R) Processors may

CVE-2021-0103 6.7 - Medium - February 09, 2022

Insufficient control flow management in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

Improper Privilege Management

Unchecked return value in the firmware for some Intel(R) Processors may

CVE-2021-0107 6.7 - Medium - February 09, 2022

Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Unchecked Return Value

NULL pointer dereference in the firmware for some Intel(R) Processors may

CVE-2021-0111 6.7 - Medium - February 09, 2022

NULL pointer dereference in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

NULL Pointer Dereference

Buffer overflow in the firmware for some Intel(R) Processors may

CVE-2021-0115 6.7 - Medium - February 09, 2022

Buffer overflow in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Classic Buffer Overflow

Improper access control in the Intel(R) Capital Global Summit Android application may

CVE-2022-21153 5.5 - Medium - February 09, 2022

Improper access control in the Intel(R) Capital Global Summit Android application may allow an authenticated user to potentially enable information disclosure via local access.

AuthZ

Improper access control in the Intel(R) Smart Campus Android application before version 6.1 may

CVE-2022-21157 5.5 - Medium - February 09, 2022

Improper access control in the Intel(R) Smart Campus Android application before version 6.1 may allow authenticated user to potentially enable information disclosure via local access.

AuthZ

Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may

CVE-2022-21174 7.8 - High - February 09, 2022

Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

AuthZ

Insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK before version 16.0.3, Intel(R) SCS before version 12.2 and Intel(R) MEBx before versions 11.0.0.0012, 12.0.0.0011, 14.0.0.0004 and 15.0.0.0004 may

CVE-2021-33107 4.6 - Medium - February 09, 2022

Insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK before version 16.0.3, Intel(R) SCS before version 12.2 and Intel(R) MEBx before versions 11.0.0.0012, 12.0.0.0011, 14.0.0.0004 and 15.0.0.0004 may allow an unauthenticated user to potentially enable information disclosure via physical access.

Insufficiently Protected Credentials

Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may

CVE-2021-44454 7.8 - High - February 09, 2022

Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper Input Validation

Improper permissions in the SafeNet Sentinel driver for Intel(R) Quartus(R) Prime Standard Edition before version 21.1 may

CVE-2022-21203 7.8 - High - February 09, 2022

Improper permissions in the SafeNet Sentinel driver for Intel(R) Quartus(R) Prime Standard Edition before version 21.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper Preservation of Permissions

Insufficient control flow management in some Intel(R) Processors may

CVE-2021-0127 5.5 - Medium - February 09, 2022

Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access.

Improper initialization of shared resources in some Intel(R) Processors may

CVE-2021-0145 5.5 - Medium - February 09, 2022

Improper initialization of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Improper Initialization

Improper locking in the Power Management Controller (PMC) for some Intel Chipset firmware before versions pmc_fw_lbg_c1-21ww02a and pmc_fw_lbg_b0-21ww02a may

CVE-2021-0147 4.4 - Medium - February 09, 2022

Improper locking in the Power Management Controller (PMC) for some Intel Chipset firmware before versions pmc_fw_lbg_c1-21ww02a and pmc_fw_lbg_b0-21ww02a may allow a privileged user to potentially enable denial of service via local access.

Improper Synchronization

Out-of-bounds write in the Intel(R) Kernelflinger project may

CVE-2021-33137 7.8 - High - February 09, 2022

Out-of-bounds write in the Intel(R) Kernelflinger project may allow an authenticated user to potentially enable escalation of privilege via local access.

Memory Corruption

Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may

CVE-2022-21204 7.8 - High - February 09, 2022

Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Default Permissions

Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may

CVE-2022-21205 7.5 - High - February 09, 2022

Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access.

XXE

Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may

CVE-2022-21220 7.8 - High - February 09, 2022

Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

XXE

Improper access control in the Intel(R) Advisor software before version 2021.2 may

CVE-2021-23152 7.8 - High - February 09, 2022

Improper access control in the Intel(R) Advisor software before version 2021.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

AuthZ

Null pointer dereference in subsystem for Intel(R) AMT before versions 15.0.35 may

CVE-2021-33068 6.5 - Medium - February 09, 2022

Null pointer dereference in subsystem for Intel(R) AMT before versions 15.0.35 may allow an authenticated user to potentially enable denial of service via network access.

NULL Pointer Dereference

Uncontrolled search path in the Intel(R) GPA software before version 21.2 may

CVE-2021-33101 7.8 - High - February 09, 2022

Uncontrolled search path in the Intel(R) GPA software before version 21.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Improper access control in the Intel(R) RealSense(TM) DCM before version 20210625 may

CVE-2021-33119 5.5 - Medium - February 09, 2022

Improper access control in the Intel(R) RealSense(TM) DCM before version 20210625 may allow an authenticated user to potentially enable information disclosure via local access.

AuthZ

Incorrect default permissions in the software installer for the Intel(R) Advisor before version 2021.4.0 may

CVE-2021-33129 7.8 - High - February 09, 2022

Incorrect default permissions in the software installer for the Intel(R) Advisor before version 2021.4.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Default Permissions

Uncaught exception in the Intel(R) Trace Analyzer and Collector before version 2021.5 may

CVE-2022-21218 5.5 - Medium - February 09, 2022

Uncaught exception in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.

Improper Handling of Exceptional Conditions

Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may

CVE-2022-21226 5.5 - Medium - February 09, 2022

Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.

Out-of-bounds Read

Improper conditions check in the Intel(R) IPP Crypto library before version 2021.2 may

CVE-2021-33147 5.5 - Medium - February 09, 2022

Improper conditions check in the Intel(R) IPP Crypto library before version 2021.2 may allow an authenticated user to potentially enable information disclosure via local access.

Improper Check for Unusual or Exceptional Conditions

Incorrect default permissions for the Intel(R) RXT for Chromebook application, all versions, may

CVE-2021-33166 5.5 - Medium - February 09, 2022

Incorrect default permissions for the Intel(R) RXT for Chromebook application, all versions, may allow an authenticated user to potentially enable information disclosure via local access.

Incorrect Default Permissions

Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may

CVE-2022-21133 5.5 - Medium - February 09, 2022

Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.

Out-of-bounds Read

Access of uninitialized pointer in the Intel(R) Trace Analyzer and Collector before version 2021.5 may

CVE-2022-21156 5.5 - Medium - February 09, 2022

Access of uninitialized pointer in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.

Access of Uninitialized Pointer

An issue was discovered in the DNS proxy in Connman through 1.40

CVE-2022-23096 9.1 - Critical - January 28, 2022

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read.

Out-of-bounds Read

An issue was discovered in the DNS proxy in Connman through 1.40

CVE-2022-23098 7.5 - High - January 28, 2022

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received.

Infinite Loop

An issue was discovered in the DNS proxy in Connman through 1.40

CVE-2022-23097 9.1 - Critical - January 28, 2022

An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read.

Out-of-bounds Read

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations

CVE-2021-45046 9 - Critical - December 14, 2021

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default.

Marshaling, Unmarshaling

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2

CVE-2021-44228 10 - Critical - December 10, 2021

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.

Marshaling, Unmarshaling

Improper input validation in the Intel(R) Administrative Tools for Intel(R) Network Adapters driver for Windows before version 1.4.0.15, may

CVE-2021-33059 6.7 - Medium - November 17, 2021

Improper input validation in the Intel(R) Administrative Tools for Intel(R) Network Adapters driver for Windows before version 1.4.0.15, may allow a privileged user to potentially enable escalation of privilege via local access.

Improper Input Validation

Incorrect default permissions in the software installer for the Intel(R) VTune(TM) Profiler before version 2021.3.0 may

CVE-2021-33062 7.8 - High - November 17, 2021

Incorrect default permissions in the software installer for the Intel(R) VTune(TM) Profiler before version 2021.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Default Permissions

Incorrect default permissions in the installer for the Intel(R) oneAPI Rendering Toolkit before version 2021.2 may

CVE-2021-33071 7.8 - High - November 17, 2021

Incorrect default permissions in the installer for the Intel(R) oneAPI Rendering Toolkit before version 2021.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Default Permissions

Improper input validation in the Intel(R) Ethernet Diagnostic Driver for Windows before version 1.4.0.10 may

CVE-2021-0135 6.7 - Medium - November 17, 2021

Improper input validation in the Intel(R) Ethernet Diagnostic Driver for Windows before version 1.4.0.10 may allow a privileged user to potentially enable escalation of privilege via local access.

Improper Input Validation

Improper permissions in the installer for the Intel(R) Thunderbolt(TM) non-DCH driver, all versions, for Windows may

CVE-2020-8741 7.8 - High - November 17, 2021

Improper permissions in the installer for the Intel(R) Thunderbolt(TM) non-DCH driver, all versions, for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Default Permissions

Improper input validation for Intel(R) EMA before version 1.5.0 may

CVE-2021-0013 7.5 - High - November 17, 2021

Improper input validation for Intel(R) EMA before version 1.5.0 may allow an unauthenticated user to potentially enable denial of service via network access.

Improper Input Validation

Improper input validation in the Intel(R) SGX SDK applications compiled for SGX2 enabled processors may

CVE-2021-0186 6.7 - Medium - November 17, 2021

Improper input validation in the Intel(R) SGX SDK applications compiled for SGX2 enabled processors may allow a privileged user to potentially escalation of privilege via local access.

Improper Input Validation

Improper access control in the software installer for the Intel(R) Serial IO driver for Intel(R) NUC 11 Gen before version 30.100.2104.1 may

CVE-2021-33118 7.8 - High - November 17, 2021

Improper access control in the software installer for the Intel(R) Serial IO driver for Intel(R) NUC 11 Gen before version 30.100.2104.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

AuthZ

Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may

CVE-2021-0157 6.7 - Medium - November 17, 2021

Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Improper input validation in the BIOS firmware for some Intel(R) Processors may

CVE-2021-0158 6.7 - Medium - November 17, 2021

Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Improper Input Validation

Uncontrolled resource consumption in the Intel(R) HAXM software before version 7.6.6 may

CVE-2021-0180 8.4 - High - November 17, 2021

Uncontrolled resource consumption in the Intel(R) HAXM software before version 7.6.6 may allow an unauthenticated user to potentially enable privilege escalation via local access.

Resource Exhaustion

Uncontrolled resource consumption in the Intel(R) HAXM software before version 7.6.6 may

CVE-2021-0182 6.2 - Medium - November 17, 2021

Uncontrolled resource consumption in the Intel(R) HAXM software before version 7.6.6 may allow an unauthenticated user to potentially enable information disclosure via local access.

Resource Exhaustion

Uncontrolled resource consumption in the Intel(R) Distribution of OpenVINO⢠Toolkit before version 2021.4 may

CVE-2021-33073 5.5 - Medium - November 17, 2021

Uncontrolled resource consumption in the Intel(R) Distribution of OpenVINO⢠Toolkit before version 2021.4 may allow an unauthenticated user to potentially enable denial of service via local access.

Resource Exhaustion

Time-of-check time-of-use vulnerability in the Crypto API Toolkit for Intel(R) SGX may

CVE-2021-33097 6.6 - Medium - November 17, 2021

Time-of-check time-of-use vulnerability in the Crypto API Toolkit for Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via network access.

TOCTTOU

Improper access control in the installer Intel(R)Administrative Tools for Intel(R) Network Adaptersfor Windowsbefore version 1.4.0.21 may

CVE-2021-33058 7.8 - High - November 17, 2021

Improper access control in the installer Intel(R)Administrative Tools for Intel(R) Network Adaptersfor Windowsbefore version 1.4.0.21 may allow an unauthenticated user to potentially enable escalation of privilege via local access.

AuthZ

Integer overflow in the Safestring library maintained by Intel(R) may

CVE-2021-33106 7.8 - High - November 17, 2021

Integer overflow in the Safestring library maintained by Intel(R) may allow an authenticated user to potentially enable escalation of privilege via local access.

Integer Overflow or Wraparound

Unchecked return value in the firmware for some Intel(R) Processors may

CVE-2021-0114 6.7 - Medium - August 16, 2021

Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

Insecure Default Initialization of Resource

Insecure default variable initialization for the Intel BSSA DFT feature may

CVE-2021-0144 6.7 - Medium - July 14, 2021

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access.

Insecure Default Initialization of Resource

Improper permissions in the installer for the Intel(R) Brand Verification Tool before version 11.0.0.1225 may

CVE-2021-0143 7.8 - High - June 17, 2021

Improper permissions in the installer for the Intel(R) Brand Verification Tool before version 11.0.0.1225 may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Default Permissions

Improper link resolution before file access in Intel(R) DSA before version 20.11.50.9 may

CVE-2021-0094 7.8 - High - June 09, 2021

Improper link resolution before file access in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access.

insecure temporary file

Improper access control in the Intel Unite(R) Client for Windows before version 4.2.25031 may

CVE-2021-0098 7.8 - High - June 09, 2021

Improper access control in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Improper Privilege Management

Incomplete cleanup in some Intel(R) VT-d products may

CVE-2020-24489 8.8 - High - June 09, 2021

Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.

Insufficient Cleanup

Observable response discrepancy in floating-point operations for some Intel(R) Processors may

CVE-2021-0086 6.5 - Medium - June 09, 2021

Observable response discrepancy in floating-point operations for some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

Side Channel Attack

Insecure inherited permissions in the Intel Unite(R) Client for Windows before version 4.2.25031 may

CVE-2021-0102 7.8 - High - June 09, 2021

Insecure inherited permissions in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Incorrect Permission Assignment for Critical Resource

Uncontrolled search path in the Intel Unite(R) Client for Windows before version 4.2.25031 may

CVE-2021-0108 7.3 - High - June 09, 2021

Uncontrolled search path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.

DLL preloading

Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may

CVE-2021-0001 4.7 - Medium - June 09, 2021

Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access.

Side Channel Attack

Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before version 2021.1.1 may

CVE-2021-0077 7.8 - High - June 09, 2021

Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before version 2021.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Permission Assignment for Critical Resource

Uncontrolled search path element in the installer for the Intel(R) Rapid Storage Technology software, before versions 17.9.0.34, 18.0.0.640 and 18.1.0.24, may

CVE-2021-0104 7.8 - High - June 09, 2021

Uncontrolled search path element in the installer for the Intel(R) Rapid Storage Technology software, before versions 17.9.0.34, 18.0.0.640 and 18.1.0.24, may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Incorrect default privileges in the Intel(R) Computing Improvement Program before version 2.4.6522 may

CVE-2021-0052 7.8 - High - June 09, 2021

Incorrect default privileges in the Intel(R) Computing Improvement Program before version 2.4.6522 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Improper Privilege Management

Improper permissions in the installer for the Intel(R) Computing Improvement Program software before version 2.4.5982 may

CVE-2021-0074 7.8 - High - June 09, 2021

Improper permissions in the installer for the Intel(R) Computing Improvement Program software before version 2.4.5982 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper Preservation of Permissions

Insufficient control flow management in Intel(R) DSA before version 20.11.50.9 may

CVE-2021-0073 7.8 - High - June 09, 2021

Insufficient control flow management in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncontrolled search path element in Intel(R) DSA before version 20.11.50.9 may

CVE-2021-0090 7.3 - High - June 09, 2021

Uncontrolled search path element in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access.

DLL preloading

Unquoted service path in the Intel Unite(R) Client for Windows before version 4.2.25031 may

CVE-2021-0112 7.3 - High - June 09, 2021

Unquoted service path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Unquoted Search Path or Element

Incorrect default permissions in the installer for the Intel(R) SSD Data Center Tool, versions downloaded before 12/31/2020, may

CVE-2021-0100 7.8 - High - June 09, 2021

Incorrect default permissions in the installer for the Intel(R) SSD Data Center Tool, versions downloaded before 12/31/2020, may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Default Permissions

Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may

CVE-2020-8704 6.4 - Medium - June 09, 2021

Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.

Race Condition

Insufficient control flow management in subsystem in Intel(R) SPS versions before SPS_E3_05.01.04.300.0, SPS_SoC-A_05.00.03.091.0, SPS_E5_04.04.04.023.0, or SPS_E5_04.04.03.263.0 may

CVE-2020-24509 6.7 - Medium - June 09, 2021

Insufficient control flow management in subsystem in Intel(R) SPS versions before SPS_E3_05.01.04.300.0, SPS_SoC-A_05.00.03.091.0, SPS_E5_04.04.04.023.0, or SPS_E5_04.04.03.263.0 may allow a privileged user to potentially enable escalation of privilege via local access.

Uncontrolled search path element in the Intel(R) Processor Diagnostic Tool before version 4.1.5.37 may

CVE-2020-8702 7.3 - High - June 09, 2021

Uncontrolled search path element in the Intel(R) Processor Diagnostic Tool before version 4.1.5.37 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Observable timing discrepancy in some Intel(R) Processors may

CVE-2020-24512 3.3 - Low - June 09, 2021

Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Side Channel Attack

Improper isolation of shared resources in some Intel(R) Processors may

CVE-2020-24511 6.5 - Medium - June 09, 2021

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Exposure of Resource to Wrong Sphere

Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may

CVE-2020-24513 6.5 - Medium - June 09, 2021

Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c

CVE-2021-33833 9.8 - Critical - June 09, 2021

ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA).

Memory Corruption

Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data

CVE-2021-26314 5.5 - Medium - June 09, 2021

Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage.

Exposure of Resource to Wrong Sphere

Potential speculative code store bypass in all supported CPU products

CVE-2021-26313 5.5 - Medium - June 09, 2021

Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage.

Exposure of Resource to Wrong Sphere

Improper conditions check in the Intel(R) FPGA OPAE Driver for Linux before kernel version 4.17 may

CVE-2020-24485 7.8 - High - February 17, 2021

Improper conditions check in the Intel(R) FPGA OPAE Driver for Linux before kernel version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Out-of-bounds write in the Intel(R) XTU before version 6.5.3.25 may

CVE-2020-24480 4.4 - Medium - February 17, 2021

Out-of-bounds write in the Intel(R) XTU before version 6.5.3.25 may allow a privileged user to potentially enable denial of service via local access.

Memory Corruption

A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code.

CVE-2021-26675 8.8 - High - February 09, 2021

A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code.

Memory Corruption

gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information

CVE-2021-26676 6.5 - Medium - February 09, 2021

gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp.

Insufficient control flow management in the Open WebRTC Toolkit before version 4.3.1 may

CVE-2020-12338 9.8 - Critical - November 13, 2020

Insufficient control flow management in the Open WebRTC Toolkit before version 4.3.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may

CVE-2020-12327 4.4 - Medium - November 12, 2020

Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow a privileged user to potentially enable information disclosure via local access.

Insecure Default Initialization of Resource

Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may

CVE-2020-8669 6.5 - Medium - November 12, 2020

Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable information disclosure via network access.

Improper Input Validation

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD), Icons by Icons8. Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.