Filtered by vendor Intel
Subscribe
Total
1512 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-2536 | 2 Intel, Mcafee | 3 Expressway Cloud Access 360, Cloud Identity Manager, Cloud Single Sign On | 2024-02-04 | 4.3 MEDIUM | N/A |
Directory traversal vulnerability in McAfee Cloud Identity Manager 3.0, 3.1, and 3.5.1, McAfee Cloud Single Sign On (MCSSO) before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1 and 2.5 allows remote authenticated users to read an unspecified file containing a hash of the administrator password via unknown vectors. | |||||
CVE-2014-8272 | 2 Dell, Intel | 4 Idrac6 Modular, Idrac6 Monolithic, Idrac7 and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack. | |||||
CVE-2014-3735 | 1 Intel | 1 Indeo Video | 2024-02-04 | 4.3 MEDIUM | N/A |
ir41_32.ax 4.51.16.3 for Intel Indeo Video 4.5 allows remote attackers to cause a denial of service (crash) via a crafted .avi file. | |||||
CVE-2011-5174 | 1 Intel | 20 3450 Chipset, 5500 Chipset, 5520 Chipset and 17 more | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) in Intel Q67 Express, C202, C204, C206 Chipsets, and Mobile Intel QM67, and QS67 Chipset before 2nd_gen_i5_i7_SINIT_51.BIN Express; Intel Q57, 3450 Chipsets and Mobile Intel QM57 and QS57 Express Chipset before i5_i7_DUAL_SINIT_51.BIN and i7_QUAD_SINIT_51.BIN; Mobile Intel GM45, GS45, and PM45 Express Chipset before GM45_GS45_PM45_SINIT_51.BIN; Intel Q35 Express Chipsets before Q35_SINIT_51.BIN; and Intel 5520, 5500, X58, and 7500 Chipsets before SINIT ACM 1.1 allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors. | |||||
CVE-2013-4218 | 1 Intel | 1 Wimax Network Service | 2024-02-04 | 2.1 LOW | N/A |
The InitMethodAndPassword function in InfraStack/OSAgnostic/WiMax/Agents/Supplicant/Source/SupplicantAgent.c in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses the same RSA private key in supplicant_key.pem on all systems, which allows local users to obtain sensitive information via unspecified decryption operations. | |||||
CVE-2010-5269 | 1 Intel | 1 Threading Building Blocks | 2024-02-04 | 6.9 MEDIUM | N/A |
Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows local users to gain privileges via a Trojan horse tbbmalloc.dll file in the current working directory, as demonstrated by a directory that contains a .pbk file. NOTE: some of these details are obtained from third party information. | |||||
CVE-2013-5740 | 1 Intel | 10 C202 Chipset, C204 Chipset, C206 Chipset and 7 more | 2024-02-04 | 6.9 MEDIUM | N/A |
Unspecified vulnerability in the Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, and C206 chipsets and Mobile Intel QM67 and QS67 chipsets, when the measured launch environment (MLE) is invoked, allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors. | |||||
CVE-2013-4786 | 2 Intel, Oracle | 2 Intelligent Platform Management Interface, Fujitsu M10 Firmware | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC. | |||||
CVE-2012-6459 | 2 Intel, Linux | 2 Connman, Tizen | 2024-02-04 | 4.3 MEDIUM | N/A |
ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obtain sensitive information via Bluetooth packets. | |||||
CVE-2013-4217 | 1 Intel | 1 Wimax Network Service | 2024-02-04 | 2.1 LOW | N/A |
The OSAL_Crypt_SetEncryptedPassword function in InfraStack/OSDependent/Linux/OSAL/Services/wimax_osal_crypt_services.c in the OSAL crypt module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices logs a cleartext password during certain attempts to set a password, which allows local users to obtain sensitive information by reading a log file. | |||||
CVE-2013-4216 | 1 Intel | 1 Wimax Network Service | 2024-02-04 | 2.1 LOW | N/A |
The Trace_OpenLogFile function in InfraStack/OSDependent/Linux/InfraStackModules/TraceModule/TraceModule.c in the Trace module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses world-writable permissions for wimaxd.log, which allows local users to cause a denial of service (data corruption) by modifying this file. | |||||
CVE-2013-4219 | 1 Intel | 1 Wimax Network Service | 2024-02-04 | 7.5 HIGH | N/A |
Multiple integer overflows in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices allow remote attackers to cause a denial of service (component crash) or possibly execute arbitrary code via an L5 connection with a crafted PDU value that triggers a heap-based buffer overflow within (1) L5SocketsDispatcher.c or (2) L5Connector.c. | |||||
CVE-2011-2604 | 2 Intel, Microsoft | 2 G41 Driver, Windows Xp | 2024-02-04 | 7.1 HIGH | N/A |
The Intel G41 driver 6.14.10.5355 on Windows XP SP3 allows remote attackers to cause a denial of service (system crash) via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the Khronos WebGL SDK. | |||||
CVE-2010-3268 | 3 Intel, Microsoft, Symantec | 4 Intel Alert Management System, Windows 2000, Antivirus and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request. | |||||
CVE-2009-4419 | 1 Intel | 5 Gm45 Chipset, Pm45 Express Chipset, Q35 Chipset and 2 more | 2024-02-04 | 7.2 HIGH | N/A |
Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the SINIT Authenticated Code Module (ACM), which allows local users to bypass the Trusted Execution Technology protection mechanism and gain privileges by modifying the MCHBAR register to point to an attacker-controlled region, which prevents the SENTER instruction from properly applying VT-d protection while an MLE is being loaded. | |||||
CVE-2010-0560 | 1 Intel | 1 Intel Desktop Board | 2024-02-04 | 4.6 MEDIUM | N/A |
Unspecified vulnerability in the BIOS in Intel Desktop Board DB, DG, DH, DP, and DQ Series allows local administrators to execute arbitrary code in System Management Mode (SSM) via unknown attack vectors. | |||||
CVE-2009-0066 | 1 Intel | 1 Trusted Execution Technology | 2024-02-04 | 7.6 HIGH | N/A |
Multiple unspecified vulnerabilities in Intel system software for Trusted Execution Technology (TXT) allow attackers to bypass intended loader integrity protections, as demonstrated by exploitation of tboot. NOTE: as of 20090107, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
CVE-2009-1385 | 2 Intel, Linux | 3 E1000, Kernel, Linux Kernel | 2024-02-04 | 7.8 HIGH | N/A |
Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size. | |||||
CVE-2008-3635 | 3 Apple, Intel, Microsoft | 5 Quicktime, Indeo, Windows-nt and 2 more | 2024-02-04 | 9.3 HIGH | N/A |
Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an unspecified third-party Indeo v3.2 (aka IV32) codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file. | |||||
CVE-2008-3900 | 1 Intel | 1 Bios | 2024-02-04 | 2.1 LOW | N/A |
Intel firmware PE94510M.86A.0050.2007.0710.1559 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer. |