Vulnerabilities > Intel > Quartus Prime > 17.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-11 | CVE-2022-27187 | Uncontrolled Search Path Element vulnerability in Intel Quartus Prime Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2022-11-11 | CVE-2022-27233 | XML Injection (aka Blind XPath Injection) vulnerability in Intel Quartus Prime XML injection in the Quartus(R) Prime Programmer included in the Intel(R) Quartus Prime Pro and Standard edition software may allow an unauthenticated user to potentially enable information disclosure via network access. | 7.5 |
| 2022-02-09 | CVE-2021-44454 | Improper Input Validation vulnerability in Intel Quartus Prime Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 4.6 |
| 2022-02-09 | CVE-2022-21174 | Unspecified vulnerability in Intel Quartus Prime Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2022-02-09 | CVE-2022-21203 | Improper Preservation of Permissions vulnerability in Intel Quartus Prime Improper permissions in the SafeNet Sentinel driver for Intel(R) Quartus(R) Prime Standard Edition before version 21.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 4.6 |
| 2022-02-09 | CVE-2022-21204 | Incorrect Default Permissions vulnerability in Intel Quartus Prime Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 4.6 |
| 2022-02-09 | CVE-2022-21205 | XXE vulnerability in Intel Quartus Prime Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access. | 5.0 |
| 2022-02-09 | CVE-2022-21220 | XXE vulnerability in Intel Quartus Prime Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 4.6 |
| 2020-11-12 | CVE-2020-24454 | XXE vulnerability in Intel Quartus Prime Improper Restriction of XML External Entity Reference in subsystem forIntel(R) Quartus(R) Prime Pro Edition before version 20.3 and Intel(R) Quartus(R) Prime Standard Edition before version 20.2 may allow unauthenticated user to potentially enable information disclosure via network access. | 5.0 |
| 2020-11-12 | CVE-2020-8737 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Quartus Prime and Stratix 10 Fpga Firmware Improper buffer restrictions in the Intel(R) Stratix(R) 10 FPGA firmware provided with the Intel(R) Quartus(R) Prime Pro software before version 20.1 may allow an unauthenticated user to potentially enable escalation of privilege and/or information disclosure via physical access. | 4.6 |