Filtered by vendor Intel
Subscribe
Total
1542 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-21140 | 1 Intel | 36 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 33 more | 2024-11-21 | N/A | 5.5 MEDIUM |
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable information disclosure via local access. | |||||
CVE-2022-21139 | 1 Intel | 18 Proset Wi-fi 6e Ax210, Proset Wi-fi 6e Ax210 Firmware, Wi-fi 6 Ax200 and 15 more | 2024-11-21 | N/A | 8.8 HIGH |
Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | |||||
CVE-2022-21136 | 1 Intel | 292 Core I9-7900x, Core I9-7900x Firmware, Core I9-7920x and 289 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access. | |||||
CVE-2022-21133 | 1 Intel | 1 Trace Analyzer And Collector | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access. | |||||
CVE-2022-21131 | 1 Intel | 292 Core I9-7900x, Core I9-7900x Firmware, Core I9-7920x and 289 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |||||
CVE-2022-21128 | 1 Intel | 1 Advisor | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2022-21127 | 2 Intel, Xen | 4 Sgx Dcap, Sgx Psw, Sgx Sdk and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |||||
CVE-2022-21125 | 5 Debian, Fedoraproject, Intel and 2 more | 7 Debian Linux, Fedora, Sgx Dcap and 4 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |||||
CVE-2022-21123 | 5 Debian, Fedoraproject, Intel and 2 more | 7 Debian Linux, Fedora, Sgx Dcap and 4 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |||||
CVE-2022-0005 | 1 Intel | 918 Celeron G5205u, Celeron G5205u Firmware, Celeron G5305u and 915 more | 2024-11-21 | 2.1 LOW | 2.4 LOW |
Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access. | |||||
CVE-2022-0004 | 1 Intel | 796 Atom P5921b, Atom P5921b Firmware, Atom P5931b and 793 more | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||||
CVE-2022-0002 | 2 Intel, Oracle | 504 Atom C3308, Atom C3336, Atom C3338 and 501 more | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | |||||
CVE-2022-0001 | 2 Intel, Oracle | 458 Atom P5921b, Atom P5931b, Atom P5942b and 455 more | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | |||||
CVE-2021-46748 | 2 Amd, Intel | 123 Radeon Pro Vega 56, Radeon Pro Vega 56 Firmware, Radeon Pro Vega 64 and 120 more | 2024-11-21 | N/A | 5.5 MEDIUM |
Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of service. | |||||
CVE-2021-45046 | 7 Apache, Cvat, Debian and 4 more | 61 Log4j, Computer Vision Annotation Tool, Debian Linux and 58 more | 2024-11-21 | 5.1 MEDIUM | 9.0 CRITICAL |
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default. | |||||
CVE-2021-44545 | 1 Intel | 18 Killer Ac 1550, Killer Ac 1550 Firmware, Killer Wi-fi 6 Ax1650 and 15 more | 2024-11-21 | N/A | 6.5 MEDIUM |
Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
CVE-2021-44470 | 1 Intel | 1 Connect M | 2024-11-21 | N/A | 5.5 MEDIUM |
Incorrect default permissions for the Intel(R) Connect M Android application before version 1.7.4 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
CVE-2021-44454 | 1 Intel | 1 Quartus Prime | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2021-44228 | 12 Apache, Apple, Bentley and 9 more | 157 Log4j, Xcode, Synchro and 154 more | 2024-11-21 | 9.3 HIGH | 10.0 CRITICAL |
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. | |||||
CVE-2021-37409 | 1 Intel | 26 Killer Ac 1550, Killer Ac 1550 Firmware, Killer Wi-fi 6 Ax1650 and 23 more | 2024-11-21 | N/A | 7.8 HIGH |
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. |