Vulnerabilities > Intel > Quartus Prime > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-11 | CVE-2022-27233 | XML Injection (aka Blind XPath Injection) vulnerability in Intel Quartus Prime XML injection in the Quartus(R) Prime Programmer included in the Intel(R) Quartus Prime Pro and Standard edition software may allow an unauthenticated user to potentially enable information disclosure via network access. | 7.5 |
| 2022-02-09 | CVE-2021-44454 | Improper Input Validation vulnerability in Intel Quartus Prime Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2022-02-09 | CVE-2022-21174 | Unspecified vulnerability in Intel Quartus Prime Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2022-02-09 | CVE-2022-21203 | Improper Preservation of Permissions vulnerability in Intel Quartus Prime Improper permissions in the SafeNet Sentinel driver for Intel(R) Quartus(R) Prime Standard Edition before version 21.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2022-02-09 | CVE-2022-21204 | Incorrect Default Permissions vulnerability in Intel Quartus Prime Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2022-02-09 | CVE-2022-21205 | XXE vulnerability in Intel Quartus Prime Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access. | 7.5 |
| 2022-02-09 | CVE-2022-21220 | XXE vulnerability in Intel Quartus Prime Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-11-12 | CVE-2020-24454 | XXE vulnerability in Intel Quartus Prime Improper Restriction of XML External Entity Reference in subsystem forIntel(R) Quartus(R) Prime Pro Edition before version 20.3 and Intel(R) Quartus(R) Prime Standard Edition before version 20.2 may allow unauthenticated user to potentially enable information disclosure via network access. | 7.5 |
| 2019-12-16 | CVE-2019-14603 | Incorrect Default Permissions vulnerability in Intel Quartus Prime Improper permissions in the installer for the License Server software for Intel® Quartus® Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2019-05-17 | CVE-2019-0171 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Quartus II and Quartus Prime Improper directory permissions in the installer for Intel(R) Quartus(R) software may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |