Vulnerabilities > Intel
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-08 | CVE-2016-8104 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Proset/Wireless Software and Drivers 19.20.0 Buffer overflow in Intel PROSet/Wireless Software and Drivers in versions before 19.20.3 allows a local user to crash iframewrk.exe causing a potential denial of service. | 5.5 |
| 2016-12-08 | CVE-2016-8103 | Permissions, Privileges, and Access Controls vulnerability in Intel products SMM call out in all Intel Branded NUC Kits allows a local privileged user to access the System Management Mode and take full control of the platform. | 6.7 |
| 2016-12-08 | CVE-2016-8102 | Permissions, Privileges, and Access Controls vulnerability in Intel Wireless Bluetooth Drivers Unquoted service path vulnerability in Intel Wireless Bluetooth Drivers 16.x, 17.x, and before 18.1.1607.3129 allows local users to launch processes with elevated privileges. | 7.8 |
| 2016-10-10 | CVE-2016-8101 | Permissions, Privileges, and Access Controls vulnerability in Intel Solid-State Drive Toolbox 1.0/3.3.6 The updater subsystem in Intel SSD Toolbox before 3.3.7 allows local users to gain privileges via unspecified vectors. | 7.8 |
| 2016-10-10 | CVE-2016-8100 | Information Exposure vulnerability in Intel Integrated Performance Primitives 9.0/9.0.3 Intel Integrated Performance Primitives (aka IPP) Cryptography before 9.0.4 makes it easier for local users to discover RSA private keys via a side-channel attack. | 5.5 |
| 2016-08-01 | CVE-2016-5672 | Improper Input Validation vulnerability in Intel Crosswalk 19.49.514.4 Intel Crosswalk before 19.49.514.5, 20.x before 20.50.533.11, 21.x before 21.51.546.0, and 22.x before 22.51.549.0 interprets a user's acceptance of one invalid X.509 certificate to mean that all invalid X.509 certificates should be accepted without prompting, which makes it easier for man-in-the-middle attackers to spoof SSL servers and obtain sensitive information via a crafted certificate. | 8.1 |
| 2016-03-26 | CVE-2016-1349 | Resource Management Errors vulnerability in multiple products The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410. | 7.5 |
| 2016-01-29 | CVE-2016-1493 | Insufficient Verification of Data Authenticity vulnerability in Intel Driver Update Utility Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file. | 7.5 |
| 2013-07-08 | CVE-2013-4786 | Credentials Management vulnerability in multiple products The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC. | 7.5 |